Securing the Digital World

Cloud Adoption Cited as Top Initiative in Workforce Transformation

Dec 16, 2019 | by Heidi Bleau |

Digital transformation has undoubtedly had one of the greatest impacts on the global workforce. Technology has transformed how we work, where we work from and who we work with. In a strong economy with low unemployment, benefits such as work-life balance and telecommuting is a necessary tool to attract top talent, with 57% of organizations reportedly offering flexible schedules. One out of every three American workers is estimated to be part of the gig economy, trading traditional careers for freelancing. The workforce is aging and one out of every four jobs is at risk of being replaced with automation. In addition, organizations are increasingly digitizing their business operations to improve efficiency. These are only a few of many changes taking place in today's modern enterprise.

RSA, in conjunction with the SANS Institute, conducted a study to understand how organizations are addressing the risks that globalization, demographics, work styles and work sourcing are having on their business. The study examined the current state of workforce transformation, including workforce trends, how organizations are supporting these trends, the associated risks, and how those risks are managed.

The top trend cited by organizations was the role of cloud adoption and an increased reliance on cloud-based applications and data, with one in five listing it as their top trend and 54% listing it in their top three trends. Not surprisingly, the transition to cloud-based infrastructure and services was cited by 51% of respondents as the top workforce transformation initiative in the next 12 months. This aligns with a recent Gartner estimate that 40% of all new or additional funding will be invested in cloud initiatives.

The study found that organizations are also investing heavily in digital technology to improve communication, collaboration and productivity among their workforce. The top three areas of investment cited by respondents were technology for communication, employee engagement, and file sharing and collaboration tools.

Top Risks of a Digital Workforce

As with every cool new advance comes the not-so-cool new risks. The exposure or loss of sensitive information such as personally identifiable information (PII) and intellectual property (70%) and the compromise of privileged account information (61%) were cited as the top concerns stemming from technology transformation in the workforce. These concerns are expected, but the most unpredictable response was that reputation risk ranked third (40%), even above unauthorized access, non-compliance and direct financial losses. This demonstrates just how much the conversation around cybersecurity has changed at the board level. Instead of being viewed as a set of fragmented projects, cybersecurity is now understood to be a strategic business imperative with real digital risks and consequences, especially in the face of workforce transformation.

The threat of a cyber attack or other negative consequence, whether caused by a careless employee, an external threat actor or a negligent third party, is a very real risk that organizations must contend with as they undergo workforce transformation. In the study, 42% of respondents stated that they have suffered a loss event or realized a risk as a result. From a risk mitigation perspective, the most effective measures to combat the types of attacks realized by respondents include vulnerability and patch management (40%), centralized identity and access management (38%), and threat detection and response (32%).


Technology alone will not be the "be-all-end-all" for managing digital risk. As companies continue to expand their workforce globally to improve diversity and meet the demand for certain skills and different generations of workers bring new ideas and challenge existing norms, the evolution of the workforce brings with it increased risk. Thus, employee education should also be a critical element included as part of any digital risk management strategy. For example, keeping policies and procedures simple. As noted by the SANS Institute, "Policies and standards should be easy to understand and easy to follow. Complexity often leads to mistakes or failures and employees are dealing with enough complexity with the dynamic and changing nature of our technology environments."

# # #

Who is bringing the most risk to your organization? Are you most concerned about a careless employee, a hacker or a negligent third party? Meet the five faces of dynamic workforce risk in our new infographic.

Join the #TalkingDigitalRisk conversation on Twitter and social media by following @RSAsecurity