September 14, 2016 By Christopher Burgess 2 min read

Companies both large and small only exist as long as they have customers who enjoy their goods or services. But to do this, they must earn and maintain the trust of their customers. Companies also need to understand the various risks involved in their operations while projecting a high level of corporate trust.

In a 2014 article, we discussed how the chief risk officer (CRO) should work in tandem with the chief information security officer (CISO), chief security officer (CSO) and chief privacy officer (CPO). But they are now joined by the newest member of this executive family: the chief trust officer (CTrO).

The Crowded C-Suite

The C-Suite is crowded. Most are familiar with the CEO, COO, CFO, CTO and CSO; these roles need little explanation. The CISO, CPO and CRO roles are becoming more ubiquitous within the C-suites of both large enterprises and medium-sized conglomerates.

The CISO bears the information security responsibilities for the company’s infrastructure and dictates the manner in which the company engages with partners and customers. The CPO role has become more important over the past two years, especially with the changes in Safe Harbor and the arrival of the new Privacy Shield Framework, which was agreed upon in mid-July. These changes require the CISO and CPO to delineate clear pathways to resolving claims of privacy infringement.

The CRO, meanwhile, works hand-in-glove with the CISO and others to identify and mitigate day-to-day risks. This enables the company to form a level of corporate trust with its personnel, clients and customers. The CRO implements business-driven IT solutions and procedures and enforces policies to support the established framework. Should a risk be identified with no immediate mitigation solution, the CRO determines the appropriate course of action.

Maintaining Corporate Trust

The CTrO, on the other hand, is charged with maintaining trust and confidence with the customer base. This executive’s main function is to ensure that customers’ data is treated appropriately. The CTrO enables the company to compete on trust, according to CSO Online, and bring issue of corporate trust to the forefront of every business discussion.

A trust officer must engage with customers and bring their concerns to the rest of the C-suite. When two products are similar in terms of features and cost, customers will always choose to buy it from the vendor they trust. Corporate trust is a key differentiator in 2016, and organizations must be prepared to address the subject in the boardroom.

More from CISO

Empowering cybersecurity leadership: Strategies for effective Board engagement

4 min read - With the increased regulation surrounding cyberattacks, more and more executives are seeing these attacks for what they are - serious threats to business operations, profitability and business survivability. But what about the Board of Directors? Are they getting all the information they need? Are they aware of your organization’s cybersecurity initiatives? Do they understand why those initiatives matter? Maybe not. According to Harvard Business Review, only 47% of board members regularly engage with their CISO. There appears to be a…

The evolution of 20 years of cybersecurity awareness

3 min read - Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety. How have cybersecurity and malware evolved over the last two decades? What types of threat management tools surfaced and when? The Cybersecurity Awareness Month themes over the years give us a clue. 2004 - 2009: Inaugural year and beyond This early period emphasized general cybersecurity hygiene,…

C-suite weighs in on generative AI and security

3 min read - Generative AI (GenAI) is poised to deliver significant benefits to enterprises and their ability to readily respond to and effectively defend against cyber threats. But AI that is not itself secured may introduce a whole new set of threats to businesses. Today IBM’s Institute for Business Value published “The CEO's guide to generative AI: Cybersecurity," part of a larger series providing guidance for senior leaders planning to adopt generative AI models and tools. The materials highlight key considerations for CEOs…

Bringing threat intelligence and adversary insights to the forefront: X-Force Research Hub

3 min read - Today defenders are dealing with both a threat landscape that’s constantly changing and attacks that have stood the test of time. Innovation and best practices co-exist in the criminal world, and one mustn’t distract us from the other. IBM X-Force is continuously observing new attack vectors and novel malware in the wild, as adversaries seek to evade detection innovations. But we also know that tried and true tactics — from phishing and exploiting known vulnerabilities to using compromised credentials and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today