Woosah! That’s something cyber mindfulness proponents think cybersecurity professionals should do more of to combat stress on the job and thwart off social-engineering attack attempts.
The kids may be alright, but cybersecurity professionals sure aren’t. A 2024 ISACA report found that 66% of surveyed cybersecurity professionals felt their roles were more stressful compared to five years prior.
Sumona Banerji, founder and director of industry thinktank MindShield, told IT Brew that stress often comes from the unknowns of the future.
“To me, stress comes from the feeling of something that’s imminent, that’s coming or headed towards you that essentially people see as a threat,” Banerji said. For cybersecurity professionals, she said this could look like worrying about job security after a breach or the impact a large incident can have on their company.
Be mindful! Banerji said frazzled cybersecurity professionals can benefit from practicing mindfulness, which she described as the ability to remain present in a given moment in their day-to-day life. Practicing mindfulness can help professionals combat anxiety and stress and allow them to respond to things with a better sense of clarity and in a “far more regulated way,” she said.
“When we are extremely present, we are able to switch off all the conversations and chattering in the mind that happens about the past or the future,” Banerji said.
Anna Collard, SVP of content strategy and evangelist at KnowBe4 Africa, added that mindfulness during interactions with technology and the digital world—often referred to as digital mindfulness—can help professionals better defend against social engineering attacks and similar threats.
Mindfulness in the wild can look like a number of things, according to Collard. She said intention setting is one example of mindfulness that could help professionals “subconsciously” focus on tasks ahead.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
“On a Monday, I would sit down with a nice cup of coffee and then I make my intentions for the year,” Collard said, adding that she also jots down goals for the week and month.
She added that breathwork can also be used when professionals get “emotionally roused” to prevent them from responding impulsively to an emotional trigger. She named box breathing—a four step breathwork exercise that involves breathing in and out for four-second intervals with brief pauses in between each breath—as one technique professionals could try to incorporate when they encounter a stressful email or phone call.
“There’s so many breathwork techniques that one can use to give ourselves a few seconds before we react,” Collard said. “That’s powerful.”
Best stressed. Michael Swinarski, deputy CISO at the CorVel Corporation, told IT Brew that he has been more deliberate with shaping the culture at his organization with mindfulness and employee well-being in mind. After the pandemic, he said he began to check in frequently with his staff, speak openly about his own meditation habits, and remind his team to take care of themselves.
“I often have to remind folks: ‘Listen, even in comic book superheroes, they need to take the time to regenerate. You can’t save the world if you’re not taking care of yourself,’” Swinarski said.
Swinarski said conversations and actions around stress and mindfulness within the industry are still a “work in progress.” He suggested security leaders advance these conversations by exhibiting healthy behaviors at the leadership level and leading by example.
“I like to tell folks as a leader, it’s your job to set the volume, rather than rise to it.”