This article is based on conversations during a CIO Circle roundtable in London on 5th April 28, 2023, discussing how digital leaders can increase trust in technology to protect vital revenues. The event was sponsored by EY UK&I and chaired by Louisa Perry of ZRG Partners. Lopa Gosh and Lucy Rosemont of EY UK&I introduced the topic.
The context for the discussion
Trust in technology refers to an individual’s confidence in using technological systems, products and services from a security, privacy, transparency and ethical perspective. As technology becomes increasingly prominent in our daily lives, trust plays a crucial role in determining our willingness to adopt and depend on these advancements.
According to one delegate, the turbulence of the modern world, post-pandemic, has put ever greater emphasis on customer trust, be this an employee, business partner or end consumer. The recent move to ‘everything online’, such as health and education, to banking and e-commerce means that personal relationships are almost dead. In their place, technology must deliver greater trust to retain customer loyalty and protect vital revenues.
Trust requires continuous learning.
The pace of technological innovation has never been more incredible as we enter the era of AI and Machine Learning. The tools that organisations adopt to undertake their business are complex and fast-changing. Delegates discussed the various methods to inform their customers of technical advances. These ranged from regular emails and champion networks to gaming and simulation techniques. One delegate stressed the need for senior executives to demonstrate their trust in emerging technologies. A delegate from BT mentioned the growing dependence on psychology to engender trust.
A delegate from the Royal Academy of Arts mentioned another critical issue relating to trust in an individual’s intellectual property (IP). As the market begins to promote the value of digital assets such as Non-fungible Tokens (or NFTs), artists must have confidence that the technologies they use to create and store their IP can be trusted for security and privacy.
Avoiding a breach of trust
Over recent years, organisations have strengthened the authority and status of the Chief Information Security Officer, or CISO, due to the increasing frequency and strength of cyber-attacks. According to one delegate such individuals are often seen as firefighters whose success is measured by the speed an organisation can recover from a cyber-attack. With predictive analytics, AI and Machine Learning, such crisis incidents should be on the decline. In such circumstances, the role of the CISO is likely to evolve towards proactive planning rather than firefighting.
Some delegates even questioned the need for a CISO in such a benign environment. However, it was clear from the discussion that the investment in modern cyber tools must be constantly promoted to the board. Most organisations need help comprehending the speed at which bad actors are advancing. Quantum computing and AI will only complicate this further.
Role of the Non-executive Director
As businesses of all kinds undertake digital transformation, the board must be fully aware of the benefits and risks inherent in such fundamental change. Given that few such boards include a digital officer be it a CIO, CTO or CDO, the source of such knowledge must come from either internal or external sources. According to one delegate, digital officers must become competent storytellers to inform and convince the board of the risks they face and possible breaches of trust if technologies fail to deliver value.
A second delegate promoted the appointment of Non-executive Directors (NEDs) who can bring depth of experience and foresight to the board in all digital matters. Lopa Gosh mentioned that a growing number of CIOs are encouraged to seek NED positions to address the current gap in digital knowledge amongst the ‘C’ suite. All delegates agreed that the most significant area of need was a common language between technical staff and business executives. This is often complicated by the fact that boards are most comfortable with the language of finance.
Linking technology to business outcomes
According to Lucy Rosemont, technology is too often seen by boards as the mechanics of the organisation rather than a positive source of profit and revenue growth. CIOs are besieged by their ‘C’ suite colleagues when the ‘machine’ breaks down, rather than when it delivers consistent and reliable support to internal and external parties. In the view of the delegates, the first step forward is to gain the trust of the customer by ensuring reliability, security and privacy, transparency and user empowerment. Building and maintaining trust is an ongoing process that requires the active involvement of all parties, technical and business.
As Lucy stressed, it takes years to earn trust and only moments to lose it. Rule based ‘playbooks’ are not sufficient to maintain trust. Organisations need ‘Trust’ officers to ensure that senior attention is focused on maintaining a reliable and resilient environment. One delegate emphasised how he spoke constantly to all parties associated with systems and applications to ensure that there was a trusting relationship between IT and the business. In Lopa’s opinion, investing in such relationships can pay off handsomely.
What to do next
Lopa and Lucy provided a summary of the discussions which contained some valuable next steps:
Trust in technology should be seen as the responsibility of the whole organisation, not just the technical function. It should be embedded in all operating processes.
People who maintain trust in technology should be at the ‘C’ suite table.
Transparency by design is critical in all aspects of IT applications and systems, especially infrastructure.
Leaders must encourage people across the organisation to be vocal about this topic and not be afraid of asking ‘silly’ questions.
For more information about this topic, please contact Lopa Gosh or Lucy Rosemont at EY UK&I