Introduction 

At our recent TrustLayer x NetUtils roundtable, we brought together senior leaders from across sectors to discuss trust and risk in a landscape shaped by cyber threats, AI, and constant change. 

What stood out immediately was this: 

Different industries, same journey. 

Different constraints, but remarkably similar challenges. 

Trust is no longer about control 

One of the strongest themes from the discussion was a shift in how trust is understood. 

It’s no longer about confidently stating that controls are in place. 

Threats are evolving too quickly for any single control framework to keep up. 

Instead, organisations are recognising the importance of: 

• Transparency. 

• Acknowledging what cannot be controlled. 

• Open conversations about residual risk. 

Trust today is built through honesty, not overconfidence. 

The shift from systems to behaviour 

Another critical shift is where trust actually sits. 

Most major incidents are not caused by missing technology, but by: 

• People being impersonated. 

• Social engineering. 

• Human decision-making under pressure. 

Policies and controls remain essential. 

But behaviour is increasingly the defining factor. 

AI: moving faster than Governance 

AI continues to reshape the landscape. 

Across the group, organisations are: 

• Restricting usage to approved tools (e.g. Copilot, Gemini). 

• Allowing controlled experimentation (ChatGPT, Claude). 

• Expanding enterprise controls. 

But one point was consistent: 

AI strategy is constantly evolving, because the technology itself is evolving. 

Zero Trust: powerful, but not absolute 

Zero Trust remains a widely accepted principle: 

Trust nothing, verify everything. 

However, the reality is more nuanced. 

Organisations are finding: 

• Implementation is complex. 

• Full adoption is difficult. 

• Trade-offs between usability and control are unavoidable. 

Zero Trust is a direction, not a fixed destination. 

Governance creates trust 

In fast-moving environments, particularly with AI, governance plays a critical role. 

Trust erodes when: 

• Ownership of decisions is unclear. 

• Accountability is not visible. 

Strong governance doesn’t slow innovation: it enables it by creating clarity. 

Compliance: it’s about evidence 

A particularly strong viewpoint emerged around compliance: 

It’s not about which framework you adopt. 

It’s about whether you can demonstrate that your controls actually work. 

Across industries, organisations face: 

• Audit pressure. 

• Legacy systems. 

• Overlapping requirements. 

But the expectation is increasingly the same: 

• prove it works in practice. 

Culture is the differentiator 

Perhaps the most human insight of the day: 

• When risk is treated as compliance → it gets hidden. 

• When risk is part of decision-making → it surfaces early. 

Culture determines whether organisations: 

• React late. 

• Or learn quickly. 

A Shared Reality 

The biggest takeaway? 

Everyone is dealing with the same core issues: 

• AI acceleration.  

• Third-party and supply chain risk.  

• Compliance complexity. 

• Resource constraints.  

• Different industries. Different scales. 

• But the same underlying pressures. 

Closing Thought 

The roundtable was a reminder that trust is not a static concept. 

• It is built through: 

• Clarity of ownership.  

• Transparency.  

• And how organisations behave when uncertainty is unavoidable. 

If these challenges resonate with your organisation, we’d welcome the conversation. Book a demo now and see how we can help you.