Trust landscape. PHOTO: Cybercrime Magazine.

Is Trust a New Cybersecurity Platform?

Professionals talking trust and taking it into account

Steven T. Kroll

Northport, N.Y. – Mar. 12, 2019

CISOs and high-ranking government officials agree — building trust is the foundation for securing critical infrastructure. And it’s not just an industry trend.

Let’s think about why this is important for the cybersecurity industry. Much like the keys that lock our doors, cybersecurity is the lock protecting individuals, businesses and governments from cyber threats. Many of us have spare keys, perhaps even giving them to a trusted member in our family or a good friend.

Professionals in cybersecurity act as behind-the-scenes friends who hold the most important keys that people have — personal and financial information, medical technologies and the growing cloud. It’s this last development that poses a challenge for the industry.

Cybersecurity Ventures predicts that “the total amount of data stored in the cloud will be 100X greater in 2022 than it is today.” This includes social media, government entities, and businesses — all of which touch upon some aspect of our lives.

“The cloud is something new and shiny and safe,” said Gee Rittenhouse, senior vice president and general manager of security at Cisco. “As CISOs move these [business] applications into the cloud, sometimes you can forget that you actually still have to apply best practices and security.”

The easy accessibility of the cloud creates multiple entry points for bad actors, which is one reason why Rittenhouse emphasizes trust in his security platform at Cisco. 

Big businesses aren’t the only ones dealing with this issue.

Amy Hess, executive assistant director of the Criminal, Cyber, Response and Services Branch, instructed the FBI’s 56 field offices to reach out to the businesses in their areas so that there is an open line of communication when cybercrime occurs. “We need the information to be able to help, to mitigate it, to be able to identify who did it, to hold them accountable, but also to help share that information,” said Hess. “That requires a very trusting relationship that we’ve got to establish in advance.”

These two prominent players view the importance of trust among all involved as a tool that they can leverage for the cyber industry, whether it’s protecting business applications or fighting criminals.

To add to this new pathway, the RSA 2019 conference featured two keynote presentations in which the personal, individual side of trust was addressed.

Rohit Ghai, president at RSA, and Niloofar Razi Howe, cybersecurity strategist and entrepreneur, encourage cybersecurity professionals “to obsess about the trust landscape” through a thought experiment — looking back at technological innovations and trends from 30 years in the future, not all of them good. One major takeaway: “Trust is based on reputation, which requires transparency, both the good and the bad.”

Or as Andrew Burt put it, writing for The Harvard Business Review, “Companies across every vertical will need to prioritize data privacy and security, clearly demonstrate those priorities to consumers, and safeguard their relationships with customers by being fully honest about the dangers of data in the digital age.”

Suzanne Frey, VP of Engineering at Google Cloud, in the talk, Engineering Trust and Security in the Cloud Era, narrowed down on trust and its privacy implications, as more users store their data in the cloud era. “It’s so incumbent upon every cloud provider, every large tech provider, to share that responsibility of trust with their users to give them transparency into what the cloud is doing with their information and to give the users control. The data belongs to the user; it does not belong to the cloud provider.”

As technology moves forward, companies and thought leaders will work on building trust into their software, developing an abstract idea into concrete solutions so that users feel safe about where they store their data. We’re in the middle of not only a technological transition but also one of values.

It’s still too early to see if the trust landscape grows into a manicured garden or a wild patch, but I’m eager to see what happens.

Steven T. Kroll is a public relations specialist and staff writer at Cybercrime Magazine.