Experts Debate the Following Steps for Security, Privacy, and Trust

Principal analyst, Enzo Iannopollo, at Forrester said that the “relationship between privacy, trust, and security is quite interrelated.” According to studies, people believe that building confidence in businesses is most dependent on the safety of their personal information.

But “companies still have work to do in this area,” said Iannopollo. Data published by Iannopollo says that 33% of European consumers think that no company will protect their data. Because of this, firms should mainly concentrate on two key areas to improve data security and boost customer confidence.

These include:

Recognize which specifications concern you. Iannopollo pointed out that 137 countries have security and privacy legislation, which presents a significant barrier for enterprises, particularly those that operate internationally. “It’s actually pretty difficult to focus on the right principles,” she commented.

Consider the data. Think about data after you have determined which principles you must follow, Iannopollo advised. To do this, you must be aware of the data you need to safeguard and its location. Data is “everywhere,” thus this in and of itself is a challenge.

The meaning of an identifiable attribute differs depending on the country, said Bianca Lopes, a serial entrepreneur, investor, and identification specialist.

“I don’t think the definition of privacy is the same and easy to interpret.”

Bianca Lopes

The shifting worldwide privacy and security landscape is a huge problem for firms, especially those who are scaling their businesses, according to Ben King, VP of consumer trust at Okta.

“Scaling that service when you’ve already designed your privacy program can be quite challenging because the regulations and customer expectations can be very different from country to country.”

Ben King

Another issue he added was “data protection and privacy versus innovation.” This pertains to how businesses utilize data to produce seamless customer experiences, which may be quite intrusive and even terrifying to users, like personalized ads that appear after a Google search. “We have an obligation to turn the dial down in terms of the data we keep,” he said.

Iannopollo then brought up the additional complexity caused by the diverse tactics used by regulators. Included in this are the kinds of data that must be safeguarded and the appropriate measures to take.

“That is another big challenge for organizations – especially international organizations – face when thinking about their privacy.”


The transition to decentralized models of identity was the topic of the discussion’s concluding segment. The shift toward decentralization, the rise of digital IDs and verifiable credentials, and discussions surrounding Web 3.0 have all been noticed by Lopes as a “pendulum swing” in conversations, “where nobody’s going to own anything, and we’re going to have to get self-sovereign identity (SSI) attributes.” Iannopollo also described the significance of “intent economics [that] look at the probability scenarios of people repeating a particular pattern.”

In the field of contemporary advertising, this strategy has been employed to gain value. But “where does that value truly reside?” Lopes contends that conversations around dissolution “needs to be about equitable distribution of access and value rather a conversation about who owns what.”

King proclaimed that we should go to a decentralized identity model, for instance, through SSI. The control systems for that environment must be built in the interim. This is due to “the ownership of identity to the individual citizen, but they’re probably not the best people to secure it.”

Information from InfoSecurity Magazine

Click Here for Article

Leave a Reply