Digital Trust

Strengthening customer relationships through ethics and security


In August last year, two cybersecurity researchers identified six flaws in US carmaker Tesla’s Model S, one of which allowed them to take control of the car and shut it down. They acknowledged that the hack required them to physically dismantle the vehicle’s dashboard and connect to an exposed Ethernet port, and that the model remained among the most secure available. Still, within two weeks of being notified, Tesla pushed an over-the-air (OTA) update to every single Model S, addressing a number of the vulnerabilities and increasing the overall security of the system. The makers of the world’s most connected car also wooed hackers at the Def Con Hacking Conference to help uncover issues that made its cars vulnerable to cyberattacks.

The digital age has opened the door to incredible opportunities for businesses—never before has it been possible to scale new products and services so rapidly, acquire information from hundreds of millions of Internet of Things (IoT) devices, and personalise customer interactions in real time. However, with these opportunities come increased exposure to systemic risks. And as every digital advancement creates a new vector for risk, trust has become the cornerstone of the digital economy.

Of the 3,200 business and IT executives we surveyed, 80 percent said that trust was a key differentiator in the digital economy. Digital businesses need to maintain trust to use and share big data. They need it to develop ecosystem connections to a range of business partners. They need it to satisfy regulators and cybersecurity insurers. And most importantly, they need to build trust at every engagement point of the customer journey to sustain long-term relationships.

This trust is built on two major components—security and ethics.

To gain the trust of individuals, ecosystems and regulators in the digital economy, businesses must be strong in both these components. New products and services must also be designed to be both ethical and secure.

Tesla’s swift and comprehensive response to the security threat can be seen in this light.


Recognition of new risks from digital transformation has already driven security investments across all industries. According to US-based IT research and advisory firm Gartner, global information security spend is set to exceed US$100 billion by 2019.

Next-generation security mechanisms are following data and extending well beyond the usual perimeters. Wherever data goes, security must go with it—as such, solutions like security-aware application design, integrated database security, dynamic access controls, and runtime application protection are increasingly being integrated into new products.

But better security is just half the story. Companies must also have very high data and digital ethics. Most companies have policies related to data privacy, which is part of data ethics. Digital ethics is much broader than that. It’s about determining the right actions based on the information available and the capabilities of the business. It’s about acting in accordance with corporate values in order to sustain trust with customers, investors and partners.

When the FBI asked Apple for access to the locked iPhone 5c owned by San Bernardino shooter Syed Farook who killed 14 people, the company told a federal court that “forcing Apple to extract data [from mobile devices] …could threaten the trust between Apple and its customers and substantially tarnish the Apple brand.”

The FBI eventually found a third-party to unlock the iPhone 5c, but the company’s response exemplified the important role that trust plays in its ability to do business.

In fact, 82 percent of our survey respondents agree that a lack of security and ethical controls on data could exclude them from participating in digital platforms and in broader ecosystems—an increasingly critical go-to-market strategy.

Clearly, it is simply no longer enough that companies in the digital playing field ensure cybersecurity. They also need to put into place comprehensive policies, training, incentives and consequences for data and digital ethics. Beyond reducing their exposure to risk and adverse outcomes, this will allow them to maintain trust, and retain customers, market share and company valuation.


Especially in the last three years, there has been significant focus on cyber security by companies as well as the Malaysian government, working through CyberSecurity Malaysia, the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI). However, cyberattacks remain a very real risk in Malaysia. According to CyberSecurity Malaysia, we are among the top ten countries in the world most vulnerable to security attacks, with 65 percent of Malaysian companies at risk of such attacks. There are cases of systems being compromised for years at a time without being discovered.

From a digital ethics perspective, there is a lack of specific—or publicised—policies among the majority of Malaysian companies beyond what has been mandated by the government, for example in the Personal Data Protection Act which came into force in November 2013. For Malaysian companies to successfully pivot to digital business models, they must have a solid cyber security foundation, and have built digital trust among employees, partners and customers. Organisations must bring security and digital trust out of IT departments and make it a board-level issue, and collaborate, share and jointly innovate with others in their industry to out-smart their adversaries.


Technology Vision 2016 offers some guidelines. In the short-term, businesses should understand the current state of digital risk they’re exposed to and benchmark data points that can be improved by doing the following:

  • Survey stakeholders in an effort to quantify the level of trust across your offering portfolio.

  • Search customer service logs for the word "trust" and run sentiment analysis against the results to gain an understanding of how customers perceive your offerings and brand; make a top-five list of the least trustworthy offerings.

  • Take an inventory of data-driven business processes; describe the current and potential opportunities for enhanced security and data ethics for each.

  • Identify the executive(s) responsible for building and maintaining trust, digital ethics, and security with vendors, partners and customers.

  • Research what your competitors do to build customer trust. Record what builds and erodes trust. Brainstorm opportunities for improvement within your own operations.

  • Partner with an academic institution, non-profit or industry group to dive deeper into one aspect of digital ethics. Publish findings/advice for others.

  • Compile a list of opportunities for security to move closer to data.


  • Ethics and security must be primary considerations in any digital transformation.

  • Exposure to risk scales in proportion to digital business operations.

  • To protect against downside risk, businesses must foster strong ethical decisions, effectively use security to protect against external threats and build trusting relationships with ecosystem stakeholders.

  • In procuring new technologies, security must be among the key evaluation criteria.

  • Look for opportunities to build trust at every engagement point along the customer journey.


Read us on SlideShare

Read our latest reports on technology and business in Southeast Asia.