10:50 am - March 27, 2026
Last spring, at a conference in the Netherlands, representatives from KPMG, the EU Commission, and Singapore’s National Digital Trust Center sat in the same room to solve a problem that was primarily the domain of cybersecurity departments and legal teams a few years prior. The gathering was a part of a series of international workshops organized by KPMG and the World Economic Forum to advance the Digital Trust Framework, which is supported by corporations like Microsoft, Google, and Mastercard as well as civil society organizations like the Red Cross. The speed at which the stakes have changed is demonstrated by the fact that this discussion is currently taking place at that level, involving governments and significant organizations on several continents.
The topic of digital trust is increasingly being discussed in international policy. Five years ago, that sentence would have sounded a little abstract. It no longer does. According to World Bank estimates, the digital economy has grown 2.5 times faster than the physical economy over the last ten years, contributing over 15% of the world’s GDP. A five percentage point increase in digital trust results in an average GDP per capita increase of about $3,000, according to a study by Callsign and the Centre for Economics and Business Research. That is the difference between $62,500 and $65,000 per person for the United States. It means that GDP per capita in the UK will increase from $46,000 to $49,000. These figures, which are the result of economic modeling, indicate that trust is now a measurable factor in national competitiveness rather than merely a sentiment.
| Category | Details |
|---|---|
| Subject | Digital trust as an emerging global policy priority — its economic stakes, governance frameworks, and geopolitical dimensions |
| Economic Significance | Digital economy contributes over 15% of global GDP; growing 2.5x faster than physical world GDP (World Bank) |
| GDP Impact of Trust | A 5 percentage point increase in digital trust raises GDP per capita by ~$3,000 (Callsign / CEBR) |
| Data Breach Cost | Middle East average data breach cost: over $7 million per incident (PwC) |
| Cybersecurity Investment | 80% of Middle East organizations increasing cyber budgets in 2026 (PwC) |
| ISACA Finding | 98% of cybersecurity professionals say digital trust is important; only 12% of organizations have a dedicated digital trust role |
| Key Framework | KPMG + World Economic Forum Global Digital Trust Framework — includes Microsoft, Google, Dell, EU Commission, Mastercard |
| Europe’s Regulatory Tools | Digital Services Act (DSA), Digital Operational Resilience Act (DORA), European Data Act (in force Sept 2025) |
| Leading Countries | Singapore (National Digital Trust Center, established June 2022), Netherlands (National Digitization Strategy) |
| Data Infrastructure Impact | Data center usage generates ~€250 billion in gross value added and supports ~5.9 million jobs in Germany alone |
| Reference Website | World Economic Forum — Digital Trust: How to Unleash the Trillion-Dollar Opportunity |
The convergence occurring at the top of institutions is what distinguishes the current discussion about internet security and data privacy from past ones. Geopolitical fragmentation and regulatory pressure are coming at the same time, changing where businesses can operate, how they handle data, and who they are legally responsible to. The Digital Services Act is changing how online platforms function in Europe in ways that affect advertising, algorithmic transparency, and content moderation. Corporate boards, not IT departments or boards, are now explicitly accountable for ICT resilience under the Digital Operational Resilience Act.
In September 2025, the European Data Act went into effect, providing businesses with a framework for cross-border data sharing and use. Germany’s implementation of the Act has been difficult, with friction during the transition caused by ambiguous supervisory structures and inadequate procedural guidance. Although the Federal Network Agency’s designation as the central supervisory authority is a positive development, smaller businesses—those without sizable legal departments—are still figuring out what compliance actually entails.
Digital trust tends to quietly deteriorate in that implementation gap. 98% of cybersecurity professionals think digital trust is important, and 63% say it directly relates to their daily work, according to ISACA, the global IT governance body. However, only 12% of companies have a staff position specifically focused on digital trust.
This means that instead of incorporating it into their operations from the beginning, the great majority of businesses treat it as something to be managed reactively—after a breach, after a regulatory fine, or after a public trust event. According to PwC’s research, the Middle East currently has the second-highest average data breach costs in the world, averaging over $7 million per incident. For 2026, 80% of the region’s organizations plan to increase their cyber budgets. However, only 17% claim to have avoided a breach for three years. Increasing spending does not always result in increased trust. The way the spending is organized and what it is intended to safeguard will determine this.
One thing that sticks out when observing this develop in various regions is the disparity in beginning points. Since June 2022, Singapore has quietly been working on the technical and governance foundations through the National Digital Trust Center. As one of the most technologically advanced economies in Europe, the Netherlands has incorporated digital trust into its National Digitization Strategy and established collaborative partnerships with Singapore to create common frameworks and use cases for cross-border applications. These are small, highly digitalized nations with fast-moving governments and policy cultures that prioritize real-world application over protracted discussion. Digital trust governance is divided between legal teams, IT departments, and compliance functions that hardly ever communicate with one another in larger, more dispersed systems.
The fragmentation of accountability within organizations is a structural issue that frequently comes up in policy discussions. Legal usually takes precedence over privacy. IT or operations are in charge of operational resilience. The security team is in charge of cybersecurity. Each group can legitimately identify a gap between its domain and another’s when a breach or trust failure occurs. According to PwC and other industry observers, companies that have begun treating digital trust as a board-level strategic function—something the CEO and CFO own alongside the CISO—instead of a technical specialty that is budgeted in the background are the ones doing this the best. That is a cultural change, and in large organizations, cultural changes take time. Regardless of whether businesses are prepared or not, the policy environment is currently increasing the pressure to make it happen more quickly.
