As we wrapped up October, we also put the final touches on a flurry of activities to celebrate Cyber Security Awareness Month. The tradition of October as National Cybersecurity Awareness Month goes back to 2004 when Congress and the White House tasked the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) to join forces to help individuals protect themselves online as threats to technology and confidential data became more commonplace. There is no question that the scale and severity of threats have only increased exponentially in the nearly two decades we have been actively participating in cybersecurity awareness.

This year’s theme was “See Yourself in Cyber” to reinforce the fact that that while cybersecurity is technology-driven, ultimately, it’s really all about people that makes it real. So, this month is all about sharing information across the cybersecurity industry with individuals and companies around the world so we can all be more effective together. That gives me a great opportunity to discuss a related issue that profoundly impacts professionals who work in cybersecurity every single day: mental health.

State of mental health in cybersecurity

Working in cybersecurity can be a stressful endeavor, which is why I’m so proud to be part of this global network of professionals who have dedicated our work lives to this important mission. We must be ever vigilant and on guard against threats and bad actors, both known and unknown. It is this ever-changing world of cybersecurity work that only compounds the stress level. The possibilities of work-related depression and burnout are real and becoming more common. According to this Forbes column, more than half of cybersecurity professionals in the US and Europe are on medication to help improve work-related mental health.

I wrote extensively about ways we can help our colleagues and employees work through mental health issues in this blog last May commemorating the official Mental Health Awareness Month. The key takeaways I closed with are worth repeating.

1. It’s OK not to be OK. We should never treat mental health issues as a stigma because struggling is a human experience that nobody is immune to.
2. Combating cybersecurity threats is an “always-on” task. We must acknowledge this so that we can find ways to load balance responsibilities among different individuals and teams effectively.
3. We MUST be better at taking care of each other. We must pay attention to the cues, sometimes subtle, that colleagues who are struggling send out. Likewise, we must be bold enough to open up and ask for help when we are struggling. Finally, we must learn to disengage from the serious responsibilities of working in cybersecurity and devote dedicated time to time with friends, family, and non-work-related activities.

From a technology point of view, we at Cisco Secure are committed to the goal of helping organizations become more security resilient. We know that unpredictability is the nature of working in cybersecurity.  But by being more resilient I firmly believe that we can help organizations to be able to withstand the ever-changing threat landscape and ultimately emerge stronger.

Naturally, our goal is to extend the benefits of resilience downstream to the cybersecurity pros who are on the frontlines of battling threats and bad actors. To that end, there are a couple of resources I’d like to point to. One, the American Psychological Association offers a few very helpful ways people can develop more resilience with regards to mental health. Two, Cisco offers great resources to help you either enter the cybersecurity field or enhance your career through advanced training education. Additionally, Cisco has made a commitment to the White House as part of the Cyber Workforce and Education Summit to train more than 200,000 students to join the cybersecurity field over the next three years.

Next time…

November 16 happens to be the UN International Day for Tolerance. Like the word resilience, tolerance can take on several different meanings. But I want to take the opportunity to apply it to another critical issue impacting the cybersecurity industry: the need for a more diverse and inclusive workforce. I covered some of these themes in one of the earliest blogs I posted after joining Cisco. I look forward to providing additional perspectives with some of the latest trends and stats we are seeing within Cisco Secure.