September 14, 2016 By Christopher Burgess 2 min read

Companies both large and small only exist as long as they have customers who enjoy their goods or services. But to do this, they must earn and maintain the trust of their customers. Companies also need to understand the various risks involved in their operations while projecting a high level of corporate trust.

In a 2014 article, we discussed how the chief risk officer (CRO) should work in tandem with the chief information security officer (CISO), chief security officer (CSO) and chief privacy officer (CPO). But they are now joined by the newest member of this executive family: the chief trust officer (CTrO).

The Crowded C-Suite

The C-Suite is crowded. Most are familiar with the CEO, COO, CFO, CTO and CSO; these roles need little explanation. The CISO, CPO and CRO roles are becoming more ubiquitous within the C-suites of both large enterprises and medium-sized conglomerates.

The CISO bears the information security responsibilities for the company’s infrastructure and dictates the manner in which the company engages with partners and customers. The CPO role has become more important over the past two years, especially with the changes in Safe Harbor and the arrival of the new Privacy Shield Framework, which was agreed upon in mid-July. These changes require the CISO and CPO to delineate clear pathways to resolving claims of privacy infringement.

The CRO, meanwhile, works hand-in-glove with the CISO and others to identify and mitigate day-to-day risks. This enables the company to form a level of corporate trust with its personnel, clients and customers. The CRO implements business-driven IT solutions and procedures and enforces policies to support the established framework. Should a risk be identified with no immediate mitigation solution, the CRO determines the appropriate course of action.

Maintaining Corporate Trust

The CTrO, on the other hand, is charged with maintaining trust and confidence with the customer base. This executive’s main function is to ensure that customers’ data is treated appropriately. The CTrO enables the company to compete on trust, according to CSO Online, and bring issue of corporate trust to the forefront of every business discussion.

A trust officer must engage with customers and bring their concerns to the rest of the C-suite. When two products are similar in terms of features and cost, customers will always choose to buy it from the vendor they trust. Corporate trust is a key differentiator in 2016, and organizations must be prepared to address the subject in the boardroom.

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today