Enterprises are intensifying their focus on digital trust, driven by the surge in remote workforces, expanding networks, and the heightened demand from customers for secure digital interactions. Despite the evident importance, establishing, monitoring, and managing digital trust poses significant challenges for enterprises. The DigiCert 2024 State of Digital Trust Report delves into the landscape, revealing the nuanced dynamics at play.
The report examined four specific digital trust areas:
- Enterprise
- IoT & Connected Device
- Software
- eSignature
Enterprise Digital Trust Landscape
Enterprise digital trust is primarily overseen by IT, covering aspects such as certificate management, identity and access management, email security, and endpoint security. However, only 1 in 100 trust managers consider their practices “extremely mature,” with 87% acknowledging siloed efforts.
As enterprise networks grow in complexity, an increasing demand for certificates is noted. Approximately 52% have IT managing certificates, 37% delegate outside of IT, and 11% lack designated management.
Respondents highlight widespread issues in digital trust, including 98% reporting outages, 92% experiencing data breaches, and 74% grappling with compliance issues.
However, rapid response to these incidents is lacking. Despite these challenges, managers believe their efforts contribute positively to digital innovation, brand, and profitability at an enterprise level.
IoT & Connected Device Digital Trust Challenges
IoT & Connected Device digital trust managers express a “good, not great” sentiment, with only one in seven considering their practices extremely mature. 87% transmit personally identifiable information (PII) over unencrypted channels, revealing a significant security concern. While most firms (88%) have a chief product security officer and use digital certificates for device identification and strong user authentication, challenges persist in managing devices in the field.
There is a mixed performance in managing security settings and monitoring security events, with notable weaknesses in updating devices and managing device identities, particularly in revoking identities. Despite being proficient in securing software, there is a lag in the secure delivery of software updates.
Data breaches are prevalent, experienced by 93%, often due to devices serving as easy entry points for network breaches. Outages and brownouts affect 93%, and 84% report break-ins by bad actors. Despite these challenges, IoT and Connected Device Trust practices offer benefits, assisting in customer acquisition (86%) and digital innovation (82%).
Software Trust
Software Trust, responsible for ensuring the digital trust of software distributed by enterprises, shows “good, not great” progress, with only 5% considering their practices extremely mature. Regulatory compliance in the software domain is challenging, as only 1 in 8 enterprises excels in this area.
The survey unveils a range of issues related to software trust mishaps. A significant 86% report data breaches, while 80% experience breaches of software build infrastructure. Expired code signing certificates lead to software failures for 79%, and 78% deliver software containing malware and vulnerabilities. Additionally, 75% struggle with missed release deadlines linked to code signing or malware detection.
eSignature Trust
Document Signing certificates enable electronic, digital signatures on documents, ensuring ownership, preventing alterations, and safeguarding sensitive information. Notably, eSignatures are managed by business professionals (legal, HR, procurement) rather than IT, with only 1 in 8 understanding the differences between basic and certificate-based eSignatures.
This segment experiences significant trust mishaps, including bad actors misrepresenting documents (100%), issues with paper-based contract processes (100%), identity theft/impersonation problems (100%), legal issues with cross-border contracts (99%), compliance issues (96%), and disputes over signed agreements (87%). Despite these challenges, they assert that their efforts contribute positively to digital innovation, productivity, customer acquisition, and other enterprise aspects.
What are the leaders doing differently?
Leaders in each trust domain showcase distinct characteristics setting them apart:
- Enterprise Trust: 100% claim extremely mature practices, leveraging centralized management and S/MIME certificates for email communications.
- IoT & Connected Device Trust: Leaders excel in monitoring and making changes to devices in the field, updating device identities, and preparing for IoT trust issues.
- Software Trust: Leaders implement formal approval processes for cryptographic keys and demonstrate ease in generating software component lists.
- eSignature Trust: Leaders exhibit greater maturity in understanding, implementing, and managing policies and governance for e-signatures.
Conclusion
Organizations that prioritize digital trust benefit from stronger brands, reduced cybersecurity risks, and operational efficiencies. They inspire confidence among customers, partners, and stakeholders through robust security measures and transparent governance. Establishing digital trust becomes a critical factor in navigating regulatory complexities, ensuring compliance, and mitigating legal and financial risks. In the emerging digital landscape, organizations must continue to prioritize and enhance their digital trust initiatives to safeguard data and thrive in the face of emerging threats.
Read next: 38 transformative technology stats about Gen AI, AR, VR that top leaders need to know