Building Trust Across the Organization as Cyberattacks Continue to Rise in Canada

Explore IDC's latest Future of Trust and Security Predictions for Canada with IDC Canada's Yogesh Shivhare

By: Yogesh ShivhareResearch Manager, Security and Infrastructure

Moving toward the Digital Economy

As technological disruption leads to rapid digitalization of the global economy, organizations are having to reimagine the architecture of the enterprise and global disruptive events continue accelerating this process. Rapidly changing industry landscapes and customer needs are persuading enterprises to look to technology to transform customer engagement, adopt new business models and create new revenue streams leveraging advanced technologies. According to a recent IDC survey, by 2025 Canadian CEOs expect 48% of their organizations' revenue to come from digital products, services, and experiences. With years of investments, businesses have built consumer trust into the digital experiences they offer but today, these digital experiences are under attack. In another recent survey, IDC found that 84% of Canadian organizations suffered a ransomware incident in 2021.

Join us to hear IDC's Future of Trust predictions for Canada on May 18 at the Canadian Future of Information Security Summit, where I'll be joined by 30+ security experts over this two-day virtual conference.

Register to Attend Event →

IDC's Figure of Trust Framework

IDC has developed the future of trust framework (see figure: IDC's Future of Trust Framework) to enable IT and Security leaders to pursue strategies to build trust with employees, customers, partners, and other stakeholders through effective risk management, regulatory compliance, security management and promotion of privacy, ethics and social responsibility.

Despite the growing complexity and challenges posed by business risks, business leaders expect CISOs to identify, assess, and manage cyber risks at levels that allow their businesses to operate smoothly and without disruption which makes it foundational to the trust framework. 

Compulsory elements of trust, compliance and security, can be self-imposed by businesses to protect themselves, implemented by an industry, or required by regulatory bodies (HIPPA, GDPR, and PCI DSS). Regulatory, policy, and standard compliance along with protection of IT and enterprise assets are key responsibilities for IT and business leaders as businesses can't operate without them. Failure to adhere to regulations can lead to fines, legal action, and very public embarrassment that can harm a business's trustworthiness. What's more, IT and Security leaders need to expect that regulations, oversight, and standards will keep increasing in the face of rising threats and challenges to trust.

The strategic layer of trust implementation is based on privacy, ethics, and social responsibility, bringing some CIOs into new and uncharted territories. Trust outcomes are broadly categorized into trusted governance, trusted ecosystems, and trust-based commerce.

  Chart, funnel chart

Description automatically generated

Explore more about IDC's Future of Trust research

Future of Trust Predictions for Canada

IDC has made several predictions for Future of Trust relating to Canadian organizations and below are a couple of 2022 predictions.

Prediction 1: By 2026, 20% of Canadian organizations will replace net promoter score–like metrics with trust indices in RFPs to align traditional security and risk solutions with customer success, brand, and reputation.

20% may not seem like a significant number at this moment but in IDC's opinion, it marks a beginning of a transformational change about how Canadian organizations vet new vendors and partners. As cybersecurity attacks continue to rise and regulations around privacy and security become more stringent, businesses demand of their partners higher standards of security hygiene and cyber resilience. Trust indices would become a requirement in RFPs in the not-so-distant future, and it could be anything including vulnerability assessment scores, compliance manager scores, security scorecards, or cyber risk posture scores.

IT and Security teams need to start reviewing their long-term security roadmap today to make sure they are not caught by surprise when this practice becomes a reality. Data and privacy officers need to align their processes to regulatory requirements while business leaders need to adapt and change how cyber risk is managed.

Prediction 2: By 2025, 30% of Canadian IT buyers with IT environments that span disparate locations, clouds, remote workers, and devices will turn to network security as a service to ensure consistent protection.

Digital transformation is changing the network with new technologies, strategies, and delivery models. As a result, security must extend beyond the traditional enterprise perimeter to cloud, remote workforce, IoT, OT, 5G edge, etc. Here, an integrated and automated platform approach to network security will improve operational efficiency, reduce cost, and maximize security hygiene.

The adoption of Network Security as a service (SECaaS) allows Canadian organizations the opportunity to standardize on a common security platform, thus ensuring consistent policies and protections. The move to a cloud delivery model implies the need to consolidate and integrate security technologies, including many point products, into one or two subscriptions. This strategy makes the most use of architecture, such as endpoint clients and points of presence or POPs to reduce latency.

Canadian organizations will benefit from simplified security management, which reduces the time needed to manage such activities, freeing up skilled security staff for high-value tasks. 

Join me at the Canadian CIO Future of Information Security Summit

To hear the rest of my Future of Trust predictions for Canada, join my session on May 18 at the Canadian Future of Information Security Summit. I'll be joined by 30 other security experts over the two-day virtual conference, who will provide presentations and workshops to help your organization build proactive cybersecurity strategies, provide guidance on cybersecurity best practices, and advice to protect your company's valuable information. Register today!


Description automatically generated with low confidence

About the Author

Yogesh Shivhare, Research Manager, Security and Infrastructure

Associated IDC Services: Canadian Security Solutions: Sales Accelerator

Yogesh Shivhare is a research manager at IDC Canada within the Security and Infrastructure Solutions research team. He manages the Cybersecurity research and provides insight and analysis into industry and technology trends as they shape the Canadian Security market. He is also responsible for market sizing and forecasting the Security Appliance hardware market. His research focus enables him to support Canadian technology providers by identifying key market trends in the Cybersecurity space where end user demand and preferences are changing rapidly.

Prior to leading Security research in IDC Canada, Yogesh has led market research in IDC for various enterprise infrastructure technology markets in Canada and Asia Pacific. Yogesh holds an MBA degree from SCMHRD, Pune, India and a bachelor's degree in technology from NITK, Surathkal, India.

Yogesh Shivhare.png


Cristina Santander

Manager, Marketing & Customer Experience