Unless you’re a government engaged in international diplomacy, the odds are you won’t wish to do business with an entity that you don’t trust. According to the 2023 Edelman Trust Barometer, in this age of rising domestic polarization in countries that include the United States, China, India, and the United Kingdom, trust is fleeting. Those surveyed observed that their “employer is the only trusted institution” in their individual worlds.
Indeed, Edelman shows us that trust in industries around the globe remains stable, with the notable exception of the social media sector. Therefore, it behooves all of us to invest in actions and behaviors that engender greater trust in our organization both internally and in those with whom we engage, be they contractors, partners, vendors, or customers.
How do you measure corporate trust?
To better understand such measures, Deloitte has a framework called The Four Factors of Trust that distills the trust dynamic down and provides a starting point for measuring where one stands with an organization. These four factors are:
Humanity – Demonstrates empathy and kindness towards me and treats everyone fairly.
Transparency – Openly shares information, motives, and choices in straightforward and plain language.
Capability – Creates quality products, services, and/or experiences.
Reliability – Consistently delivers on promises and experiences.
When an action takes place that erodes trust, things go south in a hurry. Imagine not being able to trust an entity within your supply chain or those who supply you with needed items not trusting you.
I spoke with Sarah E. Minnis, an assistant professor of human resources at Western Carolina University about company behaviors. She asserts that how companies engage with their employees is not hidden from the public and will be reflected to their customers or clients. I agree — if your employees are reactionary, hyperbolic cadres of workers, it signals loudly that there is a lack of leadership within the organization and calls into question reliability, and trust. Similarly, if the company routinely rates highly as a preferred place to work, that too is reflected to customers and clients and ultimately the bottom line of the business.
Where the role of chief trust officer began
One of the first CISOs to evolve to the role of chief trust officer (CTO) was Malcolm Harkins, with whom I recently spoke. He noted how the evolution was sparked by the Aurora project more than a few years ago when the thinking shifted to “if our products became compromised and stopped functioning on command due to this compromise then we might have an event which goes well beyond the Intel instance given the foundational role Intel products had in the global technology ecosystem.”
He continued that he sees the chief trust officer as the individual with their eye on the “Rubik’s Cube of risk — with views into everything and how it can align or be out of alignment.”
I asked John Stewart, former senior vice president and chief trust officer at Cisco and now the principal at Talon Ventures, for his thoughts as to whether or not every company needed a chief trust officer and he opined that “all companies” is too broad in this case — businesses and organizations should ultimately decide whether trust a factor in their brand and, if so, whether it be helpful to have an executive champion who either broadens their existing scope (such as when a chief security officer’s role is expanded to also include trust) or is named specifically as CTO. “If the answer is yes, then the next question should be what changes as a result? What accountability does the role or person take on and what authority does this person have? Is this person internal, external, or both? Do they speak for the company?”
Harkin advises that all companies should ask the question: “Do our customers, shareholders, employees, and society need to trust us? Then go from there. They will find that the answer is yes. Threat-vulnerability — consequence — applies to all sectors: food (is it contaminated?), finance (are our books cooked?), marketing (are we pushing vaporware?), etc.”
IT leaders should consider what trust means to them
Should an internal review detail the absence of trust in engagements (internal or external), then perhaps boldness is needed to affect change from within. CISOs and CSOs need to ask the questions posited by Stewart and Harkins, both of whom were at the vanguard of the CTO evolution. Hitch up those pants and either work to expand your own role as necessary or push for the creation of the role for someone else. Regardless of the path taken internally, the CTO’s role must be sufficiently broad in scope to encompass the necessary visibility across the entire entity’s landscape.
In a recent MIT Technology Review piece, Elena Kvochko, chief trust officer at SAP, highlighted that “trust is a clear competitive differentiator — having a recognized awareness that this is an important function and this is an important direction for the company — it was critical for our success.”
In closing, and as noted by Stewart, the role must include demonstrable responsibilities, accountabilities and above all the necessary authorities. Otherwise, one cannot be held responsible or accountable for decisions which they lacked the authority to make.
Trust is earned. Retaining trust is continually earned. Companies that do not have trust within their workforce will be hard-pressed to project trust to their clients, partners, or customers. It’s time to ask yourself: Do you have the necessary level of trust in your organization?
Business, C-Suite, IT Leadership, Risk Management