Tips for Supporting Mental Health in Cybersecurity

May is Mental Health Awareness Month. In recent years, there has been an overall decline in mental well-being among workforces, and for the cybersecurity community, this is especially true. It is clear that most people in cybersecurity are drawn and bound to the industry by a sense of mission and purpose. For me, it has always been my professional mission to make the world a safer place – something that in the current global climate is quite a weight to bear. The attached article provides a very thorough and thoughtful look at the complexities of mental health in cybersecurity – quite rightly likening the environment to that of a military conflict. The work is high-threat, high-stakes, and unceasing. In combatting cyber criminals, fraudsters, and other digital adversaries, cyber professionals encounter some of the darkest sides of the internet and humanity. There are no definitive victories, only new battles to be fought. It’s no wonder security teams can feel overwhelmed, stressed, and burned out. We all do what we do because we want to save the world. But when the bad guys never sleep, the line between our work lives and our personal lives starts to blur. Ask any cyber professional what keeps them up at night, and they’ll ask you how much time you have. And it’s not just us being impacted – it’s also our family and loved ones. We work countless hours, nights, weekends, and holidays. We miss recitals and soccer games. Even when we are there, we are not always present – our minds are still at work. All this to say that mental health must be a priority for cybersecurity leaders – not only from a wellness perspective, but also as a strategic imperative. Teams that are supported, looked after, and valued will be more cohesive, efficient, and resilient. There is some good advice in the article for both team members and leaders, but I am adding mine here: 🔋 Take vacations and days off, building in time to rest and recharge. Leaders: encourage employees to take mental health days when they are needed and ensure they can fully disconnect from work. 🚴 Commit to hobbies, exercise, and activities outside of work. 💤 Get plenty of sleep – no doomscrolling! 🔄 Rotate cyber teams from IR or SOC work to other non-emergency cyber jobs to give them a breather. 📖 Find a book you can get lost in to take your mind off the latest cyber crisis. 💚 Talk to your team: see how they are feeling, recognize and praise their work, and support them in learning new things. It takes a special kind of person to do cybersecurity – we’re a ragtag gang of misfits, weirdos, geniuses, and gluttons for punishment, but we need to look out for each other. How do you promote and maintain mental well-being on your teams? #MentalHealthAwarenessMonth #Cybersecurity #Wellbeing #PostiveLeadership https://lnkd.in/eWZm4Tcs

🌐 #HR #Cyber #BurnOut #MentalHealth Cybersecurity teams are undoubtedly under pressure: experiencing sick leave, insomnia, and more. Of course, threats are intensifying, and #CISOs/security managers are overloaded 🔥, but these reasons alone don't fully explain the phenomenon. Client verbatims include: "What I'm doing feels pointless", "My objectives are constantly changing", "I don't understand what's expected of me"... It's clear that the level of stress is not solely related to the nature of the tasks performed ! 📉 1️⃣ Several organizations have recently taken an interesting approach: they are integrating #HR topics directly into their maturity frameworks (e.g., NIST, ISO) and associated processes (assurance, cyber programs, etc.) 📚. This is excellent as it leads to the definition of concrete and measurable objectives for staff turnover, employee motivation, and work-life balance... and facilitates regular discussions with top management 👥, alongside the convergence towards zero-trust and resilience! 2️⃣ Security teams consist of a wide range of experts (pentesters, CERT analysts, etc.). Unfortunately, too many companies still tend to overvalue management at the expense of #expertise. It's crucial in cyber teams to foster an ecosystem that supports experts 👍! There's a plethora of options to explore: expertise career paths, certifications, communities, conferences, media... Let's not wait for the experts to leave before recognizing their value! 3️⃣ #Mobility is also crucial. Many employees feel trapped in their positions, with no possibility for advancement in the next decade 📈. The solution is quite straightforward: promote mobility! For example, spending 3 years as a project manager, 2 years as a SOC analyst, 3 years in cyberculture... #Cybersecurity is vast enough to offer rich and exciting careers 🎯! From experience, a cyber team thrives with a mobility rate of at least 10%. 4️⃣ And, of course, #salaries need to be discussed. Ask two CISOs/security experts from the same large organization about their pay. I recently met two CISOs with similar profiles in the same company: one was paid a fixed salary 💵, while the other received a 50% bonus based on personal objectives. It's impossible to foster any team spirit and solidarity under such conditions! Addressing salary alignment, up-skilling, training, certification, and mobility are crucial to enhancing well-being in cyber 📢. Clearly, this cannot be achieved by HR alone; CISOs/managers must also be involved. This is especially true since some of the above advice applies to them as well... considering many CISOs have been in their current role for more than a decade 😉

In the ever-changing world of information security, one of the hardest lessons I've had to learn is how to take a step back. We're taught that we always have to run, jump, and out-pace the hackers so our organizations don't suffer from bad press. The reality is that when we operate from a place of fear and anxiety, everything becomes a fire, putting the body in a perpetuated state of stress. As a result, our nervous systems stay locked in this state of stress and it sticks with us outside of work. This is what happened to me. I became constantly frustrated and didn't know how to shake that feeling, with my nervous system being stuck in a stress state. I never had the skills to walk down that stress ladder, if you will. In addition to the growth in awareness around different types of cyber fraud, victims would come out of the woodwork sharing their stories with me, and while I was able to help many of them, having the ability to personally cope with their horrors was something I just didn't know how to do. And from a mental health perspective it ate me alive. How did I cope? Not well. How am I doing now? Much better. And here's what changed. Emotional intelligence and intraspection is a skill that many of us have to learn and develop. Being able to sit, feel, and be honest with how you feel is a skill that many in our society don't have. Leaning into things such as breath work, meditation, and yoga really helped unlock different perspectives, and these are things I still practice to this day. Second, learning how our nervous system works was one of the most beneficial things that helped me out the most. Knowing that we have multiple body states that get turned on and off depending on the environment we're in was extremely helpful, and frankly is something kids need to be taught in grade school. And finally, the hardest thing for a recovering work-a-holic....being able to step away. Knowing that you don't have to feel guilty because you and your body needed a break. Knowing that the world will still be burning when you get back. Why am I sharing this now? Because a lot of us are in the same boat and feel the same way, and many of us don't know how to articulate it. It's okay to take time for yourself, because you can't help anyone else if your own cup isn't filled. Take care ya'll! 🍵

Trigger Warning: Mental health and suicide. “All of us have been at this point in our lives, where we did not care if we died or would have actually been OK to not live anymore” These words from my coach, as she recounted a conversation she once had, should have surprised me. They didn’t. At all. Based on my own experience and on conversations I have had myself. I know it’s a lot less uncommon than we think it is. Even though I am not surprised, it’s a tough pill to swallow and as a caring leader one that worries me. The mental health of my colleagues is important and it’s difficult to think they might feel this way. Especially since I have experienced the suicide of a colleague in the past. While we weren’t close, I was and am close to a very good friend of theirs and had to be the one giving them those bad news. An experience that forever changed me as a leader. It changed me because I will never know how seriously someone is considering acting on them. I will never know if I will be able to prevent that from happening. I will never be able to fully avoid having an impact on that decision – no matter how much I care. As a leader that is a huge burden to carry and I am at least having access to tools provided to us by my employer to support me. Many don’t have this and are navigating this all by themselves. I am no psychologist or therapist. Knowing my limitations and not crossing these lines is very important. Here’s what I can do: 🤝 Care, listen and offer my support as a leader. 🤝 Avoiding adding pressure but also not discount the colleague and their ability to work entirely (a tricky one!) 🤝 Be observant, stay close and keep an eye on the colleague. 🤝 If work is a contributor, help identify the next step that’s best for them and then help them take it. 🤝 Share my own struggles and story to show there is a way out - as appropriate and without making it about me! Here’s how companies can support their leaders: 🤗 Provide training for mental health awareness and the role leaders can and cannot play. 🤗 Provide free mental health resources the leader can encourage the colleague to use. (thanks #teamamex for offering this - it helped me help others!) 🤗 Make taking PTO, sick leave and mental health day a normal thing that leaders at the top publicly role model. That last one is SO important! It helps others understand they won’t ruin their careers by taking care of themselves. A difficult topic where avoidance is usually the approach. But avoiding doesn’t make it go away and we might make things worse. As a leader I do have an active role in my colleagues’ mental health. Whether I want to or not. I can be intentional about it and care or let it play out. It’s a choice! If you are struggling, please consider to get help! The Suicide and Crisis lifeline can be reached at #988. #BeACaringLeader

Today, I wanted to share some thoughts on a topic that's increasingly pressing in our field, yet often overlooked – burnout in cybersecurity. A recent report I came across mentioned that a staggering 80% of global risk leaders believe burnout will significantly impact businesses in the coming year. This hit close to home. In my journey with Levacloud LLC, and through numerous interactions with peers and clients, I've seen firsthand how the relentless pace and high stakes of our work can take a toll on even the most dedicated professionals. But here's what I've learned: Burnout isn't just an individual challenge; it's a collective one. It affects our team's effectiveness, increases vulnerability to attacks, and can even lead to costly staff turnover. It's a silent storm brewing within our ranks. How do we navigate this storm? For me, it's about balancing the intensity of our work with genuine care for our team's well-being. It's about smart workload management, flexible work arrangements, and fostering a culture where mental health is as important as meeting targets. And yes, sometimes it's about knowing when to seek external expertise. In roles like mine, where we provide expert support services across the Microsoft Security and Compliance tools, I've seen how external support can ease the burden on internal teams, bringing fresh perspectives and specialized expertise. But more than that, it's about building a sustainable work environment where people feel supported and valued. Let's not wait until the storm hits. Proactive measures, open conversations, and a supportive community can make all the difference. And if you ever feel overwhelmed, remember, seeking help is not a sign of weakness, but of strength and strategic thinking. Would love to hear your thoughts and experiences on this. #CybersecurityWellness #MentalHealthInTech #BurnoutPrevention #CyberSecurityCulture #HealthyWorkplace

💥💥💥 The Silent Struggle: Addressing Burnout in Cybersecurity 💥💥💥 🚀 Since my LinkedIn posts on burnout in cybersecurity seem to strike a chord, I decided to make a video! Join me as I dive deep into the world of cybersecurity burnout. I'll share my personal experiences and the strategies I've learned to tackle this challenging issue. I made this video for all in the cybersecurity field looking for ways to manage stress and maintain mental health. 🔑 Key Highlights: 🚨 Understanding burnout in cybersecurity. 💡 My personal recovery story. 🌈 Using Jeff Cooper's "Color Code" for stress management. 🛠️ Strategies for wellness. 🌟 Tips for a healthy work culture. ❓ Question: How do you balance cybersecurity demands with personal well-being? Share in the comments! 🔗 Resources: Mental Health Hackers: ➡️ https://lnkd.in/gXajAwFa The Mighty: ➡️ https://themighty.com 7 Cups of Tea: ➡️ https://www.7cups.com TherapyDen: ➡️ https://lnkd.in/gHcwnpcu The National Alliance on Mental Illness (NAMI): ➡️ https://www.nami.org/Home SHRM Employee Assistance Program: ➡️ https://lnkd.in/g53Nt6rw 📻 Podcasts & Articles: ITSPmagazine Podcast Network (Sean Martin & Marco Ciappelli): ➡️ https://lnkd.in/g4tRmTkV CyberWire Daily, by N2K Afternoon Cyber Tea (Rick Howard & Ann Johnson): ➡️ https://lnkd.in/guyTqivd McKinsey & Company: ➡️ https://lnkd.in/gE_Xfscz Cyber Security Tribe Cybersecurity Burnout Guide (Dorene Rettas,  Dr. Rebecca Wynn, The Soulful CXO., Kapil Bareja, Sabino M., Dr. Vivian Lyon, DIT, MBA, PMP, CISM, CISA, CRISC, CEH, CHFI, CCSK, Rizwan Jan and Psychologist, Dr. Lea Martinell-Smith : ➡️ https://lnkd.in/gerCUdm5 ✨ Take care of your mental health. It's as vital as your physical health. 👍 Like, Share, Subscribe for more on cybersecurity wellness! #Cybersecurity #Burnout #MentalHealth #CyberWellness #StressManagement https://lnkd.in/g9DKvgeP