In the first chapter of Achieving Digital Trust: The New Rules for Business at the Speed of Light, (Original Thought Press 978-0996599009), author Jeffrey Ritter writes how he presented his book to numerous publishing houses, to which all of them rejected his manuscript. Some noted that the book did not fit neatly into a specific editorial area.
And therein lies the challenge with digital trust; it is a broad topic encompassing many areas. While there are thousands of information security software and hardware vendors, there aren’t any that can provide a trust appliance or application. Not only that, it can be a challenging endeavor just to define what trust specifically is for an organization.
Ritter joins numerous individuals and organizations that have attempted to create trust frameworks. While most of these frameworks have potential, very few organizations have even attempted to implement them globally.
Much of the book is spent on defining a new trust vocabulary. Created by Ritter, these terms are meant to enable strategic discussions around trust. This is similar to what Jack Jones and Jack Freund have done with their FAIR (factor analysis of information risk) approach. FAIR uses common lexicon around risk and a methodology to effectively manage it.
Ritter does a good job of creating not only a defined set of trust definitions, and also like FAIR, a methodology to implement that.
The difference though is that FAIR is an established framework, with trainers and classes, a certification process and many established practitioners, while Ritter’s trust framework is not yet that pervasive.
The 3 parts and 25 chapters of the book include: a trust decision model, a method on how to design digital trust, and a method on managing and governing digital trust.
For those that don’t want to implement a complete trust methodology; the book still has significant value, in that it shows how to make effective security decisions around trust.
The book also included an interesting visual tool called the Trust Prism which can be used to design, build and govern information systems.
The book lacks an index, which would have been quite beneficial in a book such as this with so many topics. Also, the 576 page count is somewhat inflated since the pages have narrow margins. It is formatted like that so the reader can take notes within the margins; but there may be better ways to do that in order to keep the page count more reasonable.
The book details a comprehensive trust toolkit that firms can use to get a handle around what trust means to them, and to make better trust decisions. The challenge in making this unique framework operative is that it has to be embraced by large part of the organization. Getting that sort of buy-in can be a challenge in its own right. Having only a small segment of an organization use a trust model can be helpful, but to be fully effective, it should be deployed enterprise-wide.
Ritter concludes the book noting that achieving digital trust will take a revolution. For most organization, the trust challenge is so significant that they’d prefer their trust model stay in the evolutionary stage.
But for those firms looking to create a formal trust framework, Achieving Digital Trust: The New Rules for Business at the Speed of Light is a handy reference to assist in that journey.