Tech Why Digital Trust Is Fundamental For The Future Of The Internet JohnAugust 8, 20220141 views Jason Sabin CTO of DigiCert Inc. Passionate about simplifying security, including digital certificate management for device & user identity. getty The internet has evolved beyond a communications medium. It’s an essential platform for the free flow of information, impacting individuals, society and the entire world. To keep today’s increasingly connected world free and secure, and to ensure that everyone may operate with privacy, the technology community, governments and corporate boardrooms need to invest in digital trust. In recognition of the internet’s transformative role, the U.S. government, together with 60 global partners, issued the Declaration for the Future of the Internet. Intended to address today’s opportunities and challenges worldwide, the declaration is dedicated to “a positive vision for the Internet.” It pledges to support an internet that’s “open, free, global, interoperable, reliable, and secure.” The declaration also affirms principles such as protecting people’s foundational rights and freedoms, promoting the unfettered flow of information and enabling affordable connectivity for everyone. The most important principles in the declaration, however, are a commitment to “promote trust in the global digital ecosystem, including through protection of privacy” and “protect and strengthen the multistakeholder approach to governance that keeps the Internet running for the benefit of all.” Why Digital trust Is Imperative As the internet has matured and connectivity has grown exponentially, the need for digital trust has exploded. We’re living in a digital economy, in which digital transformation is the word of the day. Today’s digital interactions have become a part of every aspect of personal and professional lives, driven by the convergence of IT and operational technology, as well as digital transformation across industries. According to the results of a survey of CEOs by Deloitte, 77% indicate that the pandemic accelerated digital transformation initiatives. Digital trust is the foundation of these interactions, helping us build, participate in and develop this increasingly connected world. It allows people to feel confident that their online transactions, interactions, business processes and other activities remain safe and secure. However, achieving digital trust is becoming more challenging as the number of connected devices and users soars and environments become more complex, breaking down traditional enterprise perimeters. Applications, users, documents and devices may be scattered across hybrid workloads, cloud services and remote work environments. Traditional boundaries between IT operations and development are dissolving, impacted by today’s CI/CD pipelines and new DevOps processes. Evolving zero-trust architectures are also expanding the range of devices, users and content that need to be authenticated. According to the FBI, in 2021, the U.S. experienced an unprecedented increase in cyberattacks and malicious activity, with business email compromise and ransomware cited among the top threats. Three Fundamentals Of Digital Trust Today’s challenges have raised the profile of digital trust among technology executives. These leaders are charged with safeguarding not only their own organizations but their customers, business partners and communities. Digital trust is built based on three key pillars. 1. Identity authentication for organizations, individual users, machines, workloads, containers and services. 2. Integrity to ensure that an object hasn’t been tampered with. 3. Encryption to protect data in transit. Working together, these three pillars provide the confidence that’s required for digital interactions. They help provide assurance that emails are authentic and come from the actual sender, that a website is safe to use, that software hasn’t been tampered with and that a document’s digital signature is valid. At the heart of these three pillars is public key infrastructure (PKI). PKI digital certificates closely bind identity to cryptographic public-private key pairs. A proven, widely adopted technology, PKI enables organizations to establish and verify trusted identity, integrity and encryption between systems, things and people. However, as powerful as PKI is, it enables only the first step in establishing a foundation of digital trust. Fully implementing a trust initiative requires additional building blocks. The Building Blocks Of Digital Trust Digital trust is based on these four essential building blocks. 1. Standards provide the definition of trust for a specific technology or a specific industry. For example, in 2005, a “group of certification authorities (CAs), vendors of Internet browser software, and suppliers of other applications that use X.509 v.3 digital certificates for SSL/TLS, code signing, and S/MIME” established the CA/Browser Forum. This forum establishes the standards that CAs must meet to be considered “trusted.” Several other forums and consortiums support other industry and certificate requirements, such as the Matter standard for smart home devices and IoT platforms. 2. Compliance and operations are the second building block of digital trust. These activities act to establish trust. Compliance refers to policies and audits that confirm operations are happening in a way that meets the standards defined by a governing body. In a dynamic regulatory environment, maintaining compliance with local laws and regulations wherever a company does business is critical. A strong trust partner can help organizations assure their compliance. 3. Trust management software is designed to minimize business disruption from certificate outages. As the volume of digital certificates grows, unified trust management is increasingly essential to keep them current. It also helps reduce rogue activities by supporting compliance with corporate security policies. Trust management software can utilize business process automation to help reduce manual processes and other administrative tasks associated with managing certificate life cycles. 4. Connected trust, the final essential building block of digital trust, helps organizations extend digital trust into complex ecosystems. It can help enhance continuity of trust across a software supply chain or a device life cycle. Digital Trust As An IT Imperative The Declaration for the Future of the Internet underscored the growing importance of the internet to today’s businesses and societies worldwide. To maintain its integrity and realize the full potential of the internet, digital trust is fundamental. Organizations and companies that make digital trust a strategic priority can gain an edge in the market and demonstrate their commitment to supporting a more secure, connected world. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?