Trust and Security: How to Stay a Step Ahead
Trust and security are front of mind inside every organization, and the challenges keep getting more complex as the world becomes more interconnected. Recently, DocuSign President Inhi Cho Suh sat down with Robert Herjavec, star of ABC’s Shark Tank and founder of Cyderes, a global cybersecurity company, for a DocuSign Presents conversation about how organizations can build trust with their business partners and their customers.
The COVID lockdown changed the way we do business and was probably the biggest accelerator of technology adoption in the history of business. Organizations shifted to remote work overnight and raced to implement digital transformation projects in order to stay. But that dash to roll out new systems may have created new risks, which need to be addressed.
The good news is that decisions about trust and security are being made at the very top of organizations, as C-level decision makers realize the importance of building and maintaining trust.
Here are some takeaways from the conversation:
Trust creates value
It takes years to build trust with customers, but a breach can erode trust overnight. And customers have more choices than ever before, so they can easily go someplace else. Trust has become a key part of their decision-making and a way for an organization to differentiate itself and gain competitive advantage.
Trust also creates value because you can move faster if you trust the partners in your network. You can move faster with onboarding new employees and new customers. DocuSign is using artificial intelligence, natural language processing and analytics to create digital trust systems to manage contracts and agreements.
At the same time, trust and security involve more than technology. A lot of companies make the mistake of thinking that they can rely on tools to solve problems, but trust and security begin with policies and procedures—with partners who engage in open, honest and transparent communication with each other.
There is no perimeter
Not long ago, cybersecurity involved a “castle and moat” approach—you put your assets in one place and built a moat around the perimeter to keep out bad actors. You guarded the perimeter. But one of the biggest changes in recent years is that there is no perimeter. Companies are so intertwined that “the perimeter is the individual,” Robert says. “People are working everywhere. They're working at home, they're working in the office, and they're really the new perimeter.”
SaaS adds complexity
SaaS is the new normal, with about 70% of software now delivered in a SaaS model. But SaaS isn’t secure enough. In fact 40% of SaaS assets are managed, which means you don’t know what you don’t know. And the complexity is incredible. On average, large companies are using nearly 200 SaaS applications. They’re also on average using 87 different security products.
SaaS vendors should publish their policies, explain where they are in their journey, and continuously update that information for their constituents. Customers should ask themselves which vendors they trust the most, and whether they can trust a vendor not just in the current moment but over the duration of your partnership.
The complexity created by SaaS is further complicated by the fact that many companies are running on multiple cloud platforms, in part because some SaaS applications only live in a certain cloud. Different persons in different departments at different levels of the organization are making buying decisions, spinning up projects on various cloud platforms. It’s hard to keep track of all these connections, let alone manage security across them.
As Robert points out, “There’s no Chief Cloud Officer in most enterprises, so there isn’t one person making the decision on which cloud services to buy, how to manage them and which applications can run on them.” But maybe there should be.
Supply chains create vulnerabilities
Supply chains are getting more complex, with more partners, and your security is only as strong as your most vulnerable partner. Only 6% of companies have full visibility into their supply chain, and supply chain disruptions are increasing. Nearly 80% of companies say their supply chain partners expose them to greater risk of ransomware.
Once again, supply chain relationships are built on contracts and agreements. Digital trust networks powered by AI will make those connections more secure, as well as faster and more efficient. We will be able to avoid or at least mitigate the kind of disruptions we’ve seen since the pandemic lockdown, which often occurred because communication across the supply chain was less than optimal.
Check out Inhi and Robert’s conversation to learn the latest about the state of trust and security.