TRUST PROBLEM AND THE DEVELOPMENT OF DIGITAL SECURITY RISK MANAGEMENT
With the development of mobile technology, the internet continues to offer tremendous opportunities for individuals and companies. Cloud computing services, e-government services and online spending are becoming widespread. However, the problem of trust in the digital economy is increasing. Trust is one of the most important elements for the functioning of the digital economy. Along with technological developments, the risks associated with digital security and trust problem increase simultaneously and have an impact on both economic and social activities. With the development of digital technology, e-commerce is becoming more complex and the management of e-commerce becomes difficult due to the problem of trust.
The potential advantages of technological developments are important, but the technology leads to the emergence of new risks that destroy confidence. Technological developments lead to more complicated digital security incidents, more frequent experiences, and an increased impact. The problem of digital security vulnerabilities leads to loss of reputation and serious cost in companies and affects the privacy of individuals in a negative way. For example, the WannaCry case, which took place in May 2017, has affected more than 150 countries and has led to suspend the production of many companies for a while.
The political arrangements for such attacks cannot catch up with the speed and complexity of digital technological developments. Moreover, digital technological services are geographically spread over many areas. This reduces the control of digital technology from a specific center, negatively affecting the governance efforts of governments and the business world. The failure to manage digital services also leads to an increase in systemic risks that affect the society, such as Keynesian multiplier mechanism. Risks in the digital economy affect all actors in the value chain, causing the security problem to spread rapidly.
According to the results of CIGI (Center for International Governance Innovation) – Ipsos, which covers a total of 25 countries in 2018, 52% of internet users are worried about privacy on the internet. Control of the user’s private information passes to someone else and loss of confidence is increasing. Security and privacy concerns also lead to keep away of Internet users about taking advantage of the Internet service. Identity theft, misuse of private information and problems with online payment are the main sources of concern.
Almost in many countries the company has encountered digital security incidents. The number of companies that face digital security incident from country to country varies. According to OECD 2017 study, more than one third of enterprises in Japan and Portugal are confronted with digital security incidents. Turkey, the UK, Hungary and Korea are less than 10% of all businesses have experienced digital security incidents. According to 2017 Cyber Security Breaches Survey, the average cost of digital security incidents in the UK is £ 1380 for micro-enterprises, £ 3.070 for medium-sized businesses and £ 19.600 for large enterprises. Similarly, the number of individuals who have fraudulent activities due to the payment system and phishing has increasingly risen.
Digital security risk management needs to be developed and strengthened in order to reduce the digital risk problems faced by both individuals and companies, and to rebuild trust in the digital economy. The widespread use of encryption in the business world is one of the most basic applications for ensuring digital security. Increasing the number of experts working on digital security/confidentiality violations and having compulsory IT security certificates will be important for the management of digital security risks. Comprehensive national strategies for digital security and privacy should be developed and strong cooperation should be established to reduce the risks. Above all, digital risk management practices should be considered within the framework of enterprise risk management.