Shop Talk: Security Expert Sabino Marquez On Why Leaders Need A “Trust Product”

C-suite leaders out there: how much do you think about security? According to Sabino Marquez, not nearly enough.

The security expert is on a mission to change this. According to Marquez, businesses and business leaders don’t spend nearly enough time, money and energy on incorporating security into their business model. And this goes far beyond efforts by IT to safeguard against hackers. In Sabino’s view, security IS business, insofar as nearly every company is in some sense selling trust—and you can’t have trust without security. Get this right and the impact ripples out to every corner of the business, from customer satisfaction and employer brand to revenue and stock price.

Among his roles and accomplishments, Sabino is the chief cybersecurity columnist for the Cyber Security Tribe. An experienced software executive, he has a proven track record of helping organizations boost trust, facilitate business deals and elevate company value.

He’s also chief trust officer of WebOps platform Pantheon, a Top Canadian CISO (C100 Winner), a speaker and an author. His book Return on Trust, a how-to for data protection leaders on pivoting a security practice into trust, will be published this fall on a Forbes imprint.

We talked to Sabino about the business of trust.

The Helm: What does trust really mean to you in a business context?

SM: Trust, which feels squishy, is a product that you intentionally manufacture. But not in a marketing sense. Apple tries to manufacture trust but what they manufacture is brand affinity. It’s not the same. Security is an emotion.

The Helm: Do most leaders undervalue trust and security?

SM: Business hasn’t understood that it’s in the trust business. Look at Boeing. Boeing thought they sold airplanes. They were actually in the trust business and no one trusts them now. You wouldn’t buy a ham sandwich from Boeing. Travel search engines are adding 737 Max filters so you can look for flights without that airplane. They lost $40 billion in market cap because they’re untrustworthy. Business people think that trust just happens, and it doesn’t.

The Helm: Do leaders fully appreciate the role security and IT plays?

SM: They see a giant black hole of spend. “We pay these security guys so much money and what do they do for us?” What do we do for them? Nothing Because we’re not in the business. Neither is IT. IT isn’t in the business.

When information technology was invented as a discipline in the ’50s and ’60s, it was as an internally facing service organization that trailed and served the business. The business moved this way, IT followed. It never led. Today, we’re told that we should be at the table as long as we’re business people, but you’re not a business person unless you’re running a business.

The Helm: Can you talk a little more about trust as a product and how leaders can build a “trust product” alongside their other offerings?

SM: Trust is something you build and sell next to other products. Trust is manufactured out of the way that humans behave. Because trustworthiness is a behavior. It’s not software.

This is not a new idea for business people. What’s different is that the way I behave internally matters now in an era of distrust, in an era of lies, in an era of deep fakes. in an era of disinformation, in an era of constant enshitification and pressing it on the consumer and getting away with what you can because everyone’s in it for themselves. In a world like that, trust cuts through this fog of who should I partner with? That’s the real question that trust answers.

The Helm: Trust is often seen as something  intangible or abstract. Do you agree?

SM: I would challenge that it’s abstract because you can manufacture and measure its impact in a value context. One company I worked with built a public trust center so the buyer has all the information they need to see so that the company can establish credibility, seriousness, and trustworthiness. That trust center was tied to Salesforce so we could identify and attribute trust buyer deal influence and thus understand the value impact of trust investments.

Modern business tends to think about the trust buyer like they’re invisible at best or like they’re blocking the deal at worst, not understanding that they ARE the deal as it’s the trust buyer who permits or enables the champion to buy.

The Helm: Does every leader need to think about building a “trust product”?

SM: I published this article that explains different approaches to building trust for different types of companies. There’s the do-nothing shop—”We do nothing. Our strategy is nothing. We have Microsoft. We’re a Microsoft company, Microsoft protects us. Google protects us.” There are a lot of these companies. We can’t help them.

Then there are companies that have only IT departments. Maybe that’s good enough because you don’t have to manufacture your own trust. You get your trust from the government. Therefore you can have nothing but an IT department and a compliance department. You’re done. Check the boxes, the doors stay open.

But if that’s not you, you have to run security like a business. Then you’re running a trust product practice. This is a key undertaking for businesses because it means they have to shift what they think they do.

The Helm would like to thank Sabino for sharing his time with us. Learn more about his approach to security and trust on Cybersecurity Tribe. You can also find him on LinkedIn here.

Sign up for The Helm Newsletter!

Latest Posts