Why Market Leaders Are Tactically Investing In Digital Trust

Jordan Rackie is the CEO of Keyfactor, an identity-first security solution for modern enterprises.

Although digital trust is a common term, not all businesses are reaping the benefits of being a digitally trustworthy provider and partner. Organizations that aren’t investing in improving their digital trust are likely missing out in the market for talent, capital and customers.

Digital trust is defined by McKinsey as "confidence in an organization to protect consumer data, enact effective cybersecurity, offer trustworthy AI-powered products and services, and provide transparency around AI and data usage."

Beyond building a strong company culture, few drivers have such a broad impact on overall organizational success—making digital trust a well-known yet underrated competitive advantage that the C-suite should examine more closely.

Improving digital trust has a trickle-down effect across various aspects of a business. In a PwC consumer survey, data protection was a leading factor in whether or not respondents found a company to be trustworthy—with 83% of respondents considering it a top priority. Digital trust impacts customer decisions, investment outcomes, brand loyalty, talent recruitment and retention, compliance, and more. So what are leaders getting wrong, and what does it mean to use digital trust as a competitive advantage?

Action Now, Results Tomorrow

Digital trust establishes a security-forward environment that helps enable business success. To harness this advantage, leaders must act quickly and change practices to continually improve trust before gaps or outdated protocols can impact the bottom line.

A compelling example of digital trust can be found in post-quantum cryptography (PQC) planning, which stems from the impending arrival of one of the most significant cybersecurity risks on the horizon. At a basic level, managing and securing cryptography assets is a good security practice, but it also signals to customers, partners and investors that the company is preparing for long-term, significant changes across industries—just like digital trust. Establishing a robust PQC strategy could be considered an essential part of a company’s digital trust strategy since quantum computing is set to revolutionize the practice of cybersecurity for organizations.

For leaders, urgency is an important aspect for both PQC and digital trust; it’s not 'if' these challenges will need to be addressed, but 'when.' In my experience, discussions I have had on PQC have skyrocketed from a handful of meetings to over 20 a week. If leadership isn’t currently talking about these topics, they’re already behind.

Rather than wait for regulations to be handed down from the National Institute of Standards and Technology (NIST) and other governing bodies, enterprises need to start taking a critical look at their PQC and, consequently, digital trust policies now. Let this urgency buoy such conversations. If an organization waits six months after standards are released to get started on their PQC readiness plans, that puts them at a six-month (or more) market disadvantage when compared to their competitors. By being proactive in both PQC preparation and digital trust strategies, companies can create a transparent, productive and agile environment for business success.

Acknowledge Complexity, Then Meet It

Digital trust must be tailored to fit an organization, aligning seamlessly with its tools, processes, programs and best practices. However, the challenge of maintaining digital trust has never been more significant. The persistent threat of ransomware, the emergence of post-quantum cryptography (PQC) readiness and the growing complexity of enterprise environments all contribute to this challenge. Every business asset represents a potential vulnerability, emphasizing the critical need for executive leadership to adopt a fast and agile approach to digital trust and cybersecurity.

By modularizing digital trust practices, companies can achieve the customization and flexibility needed to deliver results for customers while safeguarding their data and information. Integrating AI and automation into security processes, such as certificate management, ensures enterprises maintain operational speed. With NIST introducing new PQC algorithms, businesses must transition from relying on two or three algorithms to securing their environments with six, seven or more—requiring both agility and precision.

To illustrate the growing complexity of maintaining digital trust, consider the transition from SHA-1 to SHA-2 in 2017. This shift, which involved replacing one algorithm with another, took companies five to 10 years to fully implement. In 2025, the challenge is far greater, with NIST introducing 14 new algorithms as part of the PQC transition. Unlike before, enterprises now face tighter timelines and higher stakes, especially amid rising nation-state threats. Leaders must act swiftly to identify vulnerabilities and address infrastructure debt, no matter how complex, to prepare their cryptographic systems and sustain trust in an increasingly demanding security landscape.

Better Together

Perhaps the most important aspect of solidifying digital trust is having a unified approach. For companies, this means that all points in their infrastructure are airtight as it relates to a set of known security practices. For example, a channel ecosystem should be held to the same rigorous standards that the business itself uses. The C-suite needs to be a guiding force in this unification, promoting processes that ensure trust in interactions with the customers, investors and their boards.

Ultimately, the success of digital trust protocols will seep into the bottom line. Just like company culture, digital trust has the potential to reshape success for a business. It affects all levels of an organization, all outputs and even market stability. Leaders who know how to maximize digital trust will be best positioned in the next year for a market advantage.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?