In 2022, DigiCert’s first report on the State of Digital Trust revealed that 100% of the leaders surveyed understood the vital role digital trust plays in their organizations’ cyber health.

We agree wholeheartedly, as does IDC’s Research Director Jennifer Glenn, who describes digital trust as the “foundation for securing the connected world.”

So how much progress have global businesses made in taking digital trust from theory to reality over the past year?

According to the results of our State of Digital Trust 2024, not nearly enough.

The methodology

For this year’s survey, we spoke with senior decision-makers in 300 enterprises across North America, Europe, the Middle East, Africa, and the Asia-Pacific region to gauge their progress toward achieving digital trust. The companies ranged from less than a thousand employees to over 10,000.

Since digital trust plays a role in every facet of a modern company, the people we spoke to were leaders in one of four discrete areas of the organization:

• Enterprise: Responsible for securing communications data, as well as access for employees, applications, and clouds
• IoT and connected devices: Responsible for protecting smart devices and services like continuous glucose monitors
• Software: Responsible for protecting software and apps from tampering and supply chain attacks
• eSignature: Responsible for ensuring the authenticity and integrity of documents and content

Overconfidence: An alarming trend

We allocated points for every question answered by respondents on this year’s survey. If they indicated that they’d done things well—a low or non-existent number of breaches, for example—they’d receive a positive score. Admitting to something like long response times for incidents, on the other hand, would net respondents a negative point value.

Enterprises that scored within the top 33% of the four categories outlined in the methodologies section earned the title of Digital Trust Leaders. Those who fell within the bottom third of respondents were given the title of Digital Trust Laggards.

What’s missing here is the middle third of respondents—those whose scores weren’t high or low enough to warrant a title. And despite the alarm bells that went off when we saw that one-third of our respondents were virtually unprotected by digital trust, that unnamed middle third is even more disarming.

Why?

The middle third—the organizations with scores low enough to keep them out of the Leaders category but high enough to prevent them from being called Laggards—think they’re much less vulnerable than they actually are.

What sets Digital Trust Leaders apart?

Respondents whose organizations received top marks in our Digital Trust Survey outshone their peers in crucial areas like:

• Numbers of outages and data breaches
• Level of post-quantum cryptography (PQC) preparedness
• Email security strategies
• Ability to update and monitor IoT devices in the field
• Number of software supply chain compromises
• Maturity of eSignature trust practices

What this year’s survey revealed is that the Laggards we identified know they have a lot of work to do to put digital trust into practice. And while the middle third didn’t score low enough to fall within the bottom of the pack, they’re nowhere near ready for the threats that lie ahead.

Which areas need the most improvement?

The middle third’s unfounded confidence in their digital trust and cybersecurity practices likely stems from factors such as:

• Siloed operations: Departments functioning independently, hindering a unified security approach
• Lack of agility: Sluggish responses to security incidents and increased risks from changing standards
• Weak IoT practices: Amplified vulnerabilities due to poorly managed device identities and unsecured communications
• Lax code-signing measures: Inadequate protection leaving software open to exploits

These issues are all addressable—but only if business leaders recognize them as weaknesses and refuse to remain complacent.

Check out the full survey for an in-depth view of the world’s current state of digital trust.

The latest developments in digital trust

Want to learn more about topics like digital trust, cybersecurity, and post-quantum cryptography? Subscribe to the DigiCert blog to ensure you never miss a story.