No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

How Cognition Became a Weapon

by James Bone
February 8, 2017
in Data Privacy, Featured
businessman with lightbulb head

The Trust Conundrum

Users’ trust in the internet increases with greater usage. On the flip side, as internet usage increases, so does users’ risk exposure. James Bone explores this conundrum; it’s one hackers know well, and one they’re quick to exploit. And yet, businesses across all sectors depend on users’ trust.  What’s a company to do?

By: James Bone

“It takes two to do the trust tango – the one who risks (the trustor) and the one who is trustworthy (the trustee); each must play their role.” –Charles H. Green, The Trusted Advisor

In the world in which we live and breathe, “trust” is developed over repeated interactions between parties with whom a relationship has been built. In the world of the internet, trust is established much more quickly and subconsciously based on cognitive queues of similarity or credibility that are not always reliable.  This apparent conflict of trust paradigm is the “trust conundrum.” The trust conundrum weakness has become the preferred and most successfully executed attack posture for hackers to exploit due to the relative ease of creating trust in the internet. Cognitive hacks, also known as phishing, social engineering or by other names, is the biggest threat in cybersecurity as the level of sophistication and variants of these attacks evolve.

Trust in the internet is not a new or novel topic for those who have followed these trends over many years. In 2003, the University of Pennsylvania’s Lions Center was created to study cybersecurity, information privacy and trust.[1] The center was established in 2003 to serve three main purposes:

  1. conduct research to detect and remove threats of information misuse to the human society, mitigate risk, reduce uncertainty and enhance predictability and trust;
  2. produce leading scholars in interdisciplinary cybersecurity research; and
  3. become a national leader in information assurance education.

In the same year, the University of Oxford’s Oxford Internet Institute produced a research report titled “Trust in the Internet: The Social Dynamics of an Experience Technology.”[2] Today’s headlines would suggest that we have much more to learn about trust in the internet.

After reviewing a variety of studies on the topic of trust in the internet, the general findings conclude that we have a healthy level of skepticism while conducting business in the internet due to the perceived risks, yet we trust the internet to conduct an ever-expanding list of services. The studies suggest that our use and behavior on the internet is driven by trust. Generally speaking, the more we use the internet, the more trust we have – a concept called cyber trust.

Conversely, we trust (“net confidence”) the internet more as our use increases, exposing us to more threats (“net risks”). This conundrum is partly why cyberattacks continue to grow unabated and demonstrate a huge and growing gap not fully addressed by either cybersecurity professionals, technology frameworks and standards or policies and procedures designed to mitigate these risks. These studies are dated and much more research on the topic of trust in the internet is still needed, but the initial research provides some insight into the root cause of the problem.

The tension between developing net confidence and the threat of net risks will not be solved in this article. The observation, however, is that consumer behaviors on the internet are beginning to change. In a more recent survey posted on the National Telecommunications & Information Administration (NTIA) website, the U.S. Department of Commerce noted, “NTIA’s analysis of recent data shows that Americans are increasingly concerned about online security and privacy at a time when data breaches, cybersecurity incidents and controversies over the privacy of online services have become more prominent. These concerns are prompting some Americans to limit their online activity, according to data collected for NTIA in July 2015 by the U.S. Census Bureau. This survey included several privacy and security questions, which were asked of more than 41,000 households that reported having at least one internet user.”[3]

The implications of these and other studies are: if nothing is done, the growth and huge economic benefits of e-commerce may be curtailed over time as “trust” diminishes as a result of increasing threats in cyberspace. The NTIA’s July 2015 survey found, “Nineteen percent of internet-using households — representing nearly 19 million households — reported that they had been affected by an online security breach, identity theft or similar malicious activity during the 12 months prior.”

While most organizations have been primarily concerned with developing a defensive posture for internal security of customer data, it is becoming increasingly clear that the development of trust will become a critical factor in the expansion of services and uses of the internet by the government, business and the providers of new technology. Therefore, we are at the beginnings of a crossroads where innovation, growth and security may depend as much on developing trust in the internet as on the features and benefits of products and services provided by the internet. There are few easy solutions to this problem, as demonstrated by the hacking of the DNC and the growth of breaches, more broadly. However, the lack of progress made since the early research into the issue of trust demonstrates that a more comprehensive approach is needed. Joint ventures from academia, industry, government, the military and law enforcement must be forged to address these issues of privacy, security and the open internet. The window of opportunity may be closing.

[1] https://ist.psu.edu/sites/default/files/u19/cyber_security.pdf

[2] https://www.oii.ox.ac.uk/archive/downloads/publications/RR3.pdf

[3] https://www.ntia.doc.gov/blog/2016/lack-trust-internet-privacy-and-security-may-deter-economic-and-other-online-activities


Previous Post

Serious Fraud Office Makes Big Splash with U.K. Bribery Act Resolution

Next Post

A Closer Look at Ingredion’s E&C Program: Technology

James Bone

James Bone

James Bone’s career has spanned 29 years of management, financial services and regulatory compliance risk experience with Frito-Lay, Inc., Abbot Labs, Merrill Lynch, and Fidelity Investments. James founded Global Compliance Associates, LLC and TheGRCBlueBook in 2009 to consult with global professional services firms, private equity investors, and risk and compliance professionals seeking insights in governance, risk and compliance (“GRC”) leading practices and best in class vendors. James is a frequent speaker at industry conferences and contributing writer for Compliance Week and Corporate Compliance Insights and serves as faculty presenter and independent consultant for several global consulting firms specializing in governance, risk and compliance, IT compliance and the GRC vendor market. James created TheGRCBlueBook.com to provide risk and compliance professionals with transparency into the GRC vendor marketplace by creating a forum for writing reviews on GRC products and sharing success stories on the risk practices that are most effective. James is currently attending Harvard Extension School for a Master of Arts in Management with an emphasis in accounting and finance. James received an honorary PhD in Letters from Drury University in Springfield, Missouri and is a member of the Breech Business School Hall of Fame as well as the Missouri Sports Hall of Fame. Having graduated from the Boston University Graduate School of Education, James received his M.Ed. in Management and Organizational Design in 1997 and a Bachelor of Arts in Business Administration from Drury University in 1980.  

Related Posts

news roundup data grungy

DEI, Immigration Regulations Lead List of Employers’ Concerns

by Staff and Wire Reports
May 9, 2025

Half of fraud driven by AI; finserv firms cite tech risks in ’25

GFT Canada Update

GFT Expands AI Compliance Suite for Canadian Credit Unions

by Corporate Compliance Insights
May 8, 2025

Digital transformation company GFT has expanded its compliance suite to help Canadian credit unions combat payment scams and identity theft...

AxiomGRC Launch

Business Resilience Platform Axiom GRC Enters Global Market

by Corporate Compliance Insights
May 8, 2025

A business resilience platform called Axiom GRC has launched in the UK, backed by £500 million private equity investment from...

MyCOI Launch

myCOI Launches AI-Powered Insurance Compliance Platform

by Corporate Compliance Insights
May 8, 2025

Insuretech provider myCOI has launched illumend, an AI-powered platform designed to manage third-party insurance compliance and certificate of insurance processing....

Next Post
A Closer Look at Ingredion’s E&C Program: Technology

A Closer Look at Ingredion's E&C Program: Technology

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights