Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

News of Note: Accounting for Those Good Days

Published 12/23/2022

News of Note: Accounting for Those Good Days
Written by Illena Armstrong, President, CSA.


Recently, on one of my social media feeds, someone posted a supposed quote by Charles Darwin that left me gobsmacked, yet also piqued my curiosity because of its self-deprecating, negative, and also quite relatable nature. I was compelled to do some digging to see if it was really true – that such a gloomy quote was attributable to the inspired biologist who was unequivocally one of history’s greatest contributors to evolutionary biology.

Apparently, some time in 1861, Darwin, who had already become world-renowned as an eminent naturalist, biologist, and geologist, was having a pretty rotten day. Darwin was writing a letter to a friend, Charles Lyeel – another scientist whose theories on gradual geological change were supported by Darwin’s later concepts of all species descending from a common ancestor, the branching pattern of evolution, natural selection, and more. In that letter, the famous academic wrote, “But I am very poorly today and very stupid and hate everybody and everything. One lives only to make blunders.”

According to a National Public Radio article in 2012, in the midst of working on his next book, one about orchids, Darwin was also ruminating on his life’s work. After all, the 1861 letter was written only a couple of years after the publication of On the Origin of Species, which had been embraced by the masses. To his way of thinking that day, the many years of toil that had precipitated the book’s successful publication and its markedly impactful scientific contributions, along with his already-established international renown, had “half-killed me.”

One can find the letter in Philadelphia’s American Philosophical Society’s The Correspondence of Charles Darwin, Vol. 9 (Cambridge: 1994), if you’re interested in reading it in its entirety. For now, the quote and a bit of its contextual background is good enough for me as I contemplate how even the best of us, the most accomplished and intelligent among us, can have our bad days.

Its mood arguably can pretty well reflect our sometimes collective bad days now, too: Worries about uncertain economic conditions, concerns about divisive and angry social/political climates and their impacts, unrest and baseless wars, considerations of a global pandemic’s aftermath, effects of a “tripledemic,” rising and far-reaching cyber attacks, corporate layoffs and belt-tightening… We’re in some pretty weird times right now.

Yet, there are also some signs of improvement. There are some signals of inflation easing. While large layoffs hit many companies in the last quarter of the year, including in cybersecurity and tech, some leaders are suggesting that outlooks could improve in 2023’s second half. Too, there are quite a few U.S.-based employees who are feeling a bit hopeful for a few things to come in the New Year. Among 1,000 full-time employees recently polled by Workhuman, an employee performance management and social recognition company, about half are looking to see a promotion or get a raise in 2023 and another 32 percent are on the hunt for a new or higher paying job. Another 30 percent are committed to creating a better work-life balance and setting some boundaries at work to protect their personal time next year, too.

Still, lingering concerns about the economy and rising costs of living also see about 44 percent of respondents taking on a side gig. As well, 62 percent have some worries that if a recession does come to pass in 2023, they could lose their jobs.

Many of us leading organizations in the cybersecurity and cloud computing industries are opting to remain positive for our companies and teams as we head into 2023. While we think profitability over growth will continue to dominate the first of the year, we’re looking to see marked upward momentum beginning to take place. This is based on the conversations we’re having with service providers and enterprise leaders alike whose organizations are seeing the continued need to invest in cybersecurity and cloud services. They’re also looking at expanding partnerships with vendor-neutral non-profit entities like CSA to help spearhead, improve, or propel wider adoption of much-needed security frameworks and best practices. This is in support of critical infrastructure operators and vertical markets, such as financial services, healthcare, and others. They also want to work together to advance Zero-Trust-based education and independent guidance and research, as well as take on other cloud security initiatives.

Meanwhile, as far-reaching cyber attacks and data breaches rise, more stringent rules as part of various compliance mandates are being considered for formal passage. And many of these are looking to require senior executives and board members to take on more responsibilities for understanding the cloud and other technologies their organizations are employing. Responsibilities will also include acknowledging the many risks to them, attesting to the security and privacy controls they’ve rolled out, and recognizing the risk management strategies and policies they’ve implemented company-wide. The implications of such mandates are broad and concerning and therefore are prompting many CISOs and other CxOs to turn to CSA for more strategically-focused education and guidance. They want to learn stronger ways to present and engage with their boards, how to implement understandable policies and plans that organizations will readily support, and more.

There are still other requests coming to us. We’re creating answers to many industry demands, from additional educational offerings and certifications to additional supporting offerings for our long-standing Security, Trust, Risk and Assurance (STAR) program, which will assist service providers in formally certifying the veracity and strength of their cloud security controls. CSA’s key aims for 2023 include the launch of our financial services initiative, continuing to progress our Zero Trust Advancement Center and its wider engagement with the industry, advancing our CxO Trust-related initiatives through partnerships with CSA Chapters and still other entities, establishing our Global Security Database to help organizations address service and system vulnerabilities in a much more timely manner, and, of course, continuing our all-important research to help facilitate the building of or enhancement to frameworks and other types of guidance, such as our Cloud Controls Matrix, just one of the many critical components that buttress CSA’s STAR ecosystem.

All of these efforts take robust engagement with industry professionals, enterprises, service providers, government agencies, and other entities. Many of these partnerships are well-established and long-existing, but we’re sure to form new and similarly strong ones over the course of the New Year.

We’re having some good days and are seeing a lot more in the future. As Phil Wilson, a dear friend who is a well-loved and accomplished heavyweight not in the worlds of cybersecurity or evolutionary biology, but that of jazz and swing music, recently noted on one of his social media feeds: “In these troubling times, there remains many things to be grateful for. Think it over.”

As a collective, whether in the cybersecurity industry or any other, we certainly have experienced some pretty gloomy days and have made our share of blunders, especially in recent months, but there are lessons learned from those mistakes and there will be some awesome days ahead of us. I, for one, am thankful for that. So, cheers to you and yours for a lit 2023.

Share this content on your favorite social network today!