Are all infosec grumpy / addicts? Alternatives to cope with stress!

This post hass three totally distinct inspirations:
1. This extract from a satiric French movie [1]
2. Jeff Hall being one of the most proficient PCIDSS people which assisted me (remotely through his excellent blog [2] and his participation to the PCI Dream Team podcast series) A LOT in getting understanding on the payment card industrie infosec field which identify himself publicly as an “InfoSec Curmudgeon” [3].
3. Movember [4] which is around the corner. Which is an annual event involving the growing of moustaches during the month of November to raise awareness of Men’s Health issues, such as prostate cancer, testicular cancer, and men’s suicide. As infosec professional we are faced with a non negligeable level of stress, especially during incident / crisis handling. As such our mental health is not to be neglected [5], [6]. This article will be my humble attempt at explaining strategies to cope with this.

Following this introduction, let’s get to the point of this article: Stress and how to handle it. Let’s first address the elephant in the room: no 2 people are equals when it comes down to stress and what stressing factors affect them (incidents, internal politics, external or internal audit, due diligence, etc.).
What is certain though is that infosec is a field populated by passionate people. And passionate people tends at caring about doing their jobs properly. On the other hand our jobs is tremendously difficult and the ever changing threat landscape is not helping us easing the burden. So you ought to expect stressing factors affecting you… I have already paraphrased the famous books / TV saga Game of Throne outlining that “CISO nights are dark and full of horrors” [7]. Let’s discuss some coping mechanisms you might implement.
– Let’s get through with the obvious one: sport, especially cardio (“healthy mind in a healthy body”)
– Meditation, should this be your thing it might works miracle if not there are plenty other options to pick!
– Practice gratitude, list your wins, when everything goes dark it is always nice to go back to your safety blanket: remembering yourself where you started and what you already accomplished. Bonus points: if internal politics is ticking you, affect your wins to the people assisting you achieving them, it might help avoid getting back too hard on annoying people !
– I have said it before here but… Network, nothing beats talking to a friendly peer about difficult situations, they probably went through something similar or might propose alternatives you would not have consider.
– On a more professional subject, if you have the financial means invest in safety mechanisms such as (non exclusive list): insurance, external incident response team, automatic AD forest recovery… This might elevates the stress associated with what is bound to happen: the big meany incident / breach.
– Lastly, I will leave you with some rather unorthodox uncharging strategies : what works for me won’t necessarily works for you, you have to know yourself or try different strategies to identify your most effective to your specific needs. Alternative options might include: nights off with your spouse, SPA/sauna, brainless video games (hello tunnel FPS I am talking about you !), futoshiki/crosswords/sudoku, etc. Juggling even ! [8]

You might have already understand this about me, I am but an humble infosec otter. As such this article is not aiming at replacing healthcare professional advice. Should your particular situation be dire and your financial situation allow you to get real pro advice please do it. Our mental health is something of tremendous importance. Our jobs are important yes, but our life is more important.

Sources:
[1] https://www.youtube.com/watch?v=Yy2qOWfW_K0&t=32s
[2] https://pciguru.wordpress.com/category/pci-dream-team/
[3] https://www.linkedin.com/in/jeff-hall-33b7871/
[4] https://movember.com/
[5] https://www.forbes.com/sites/daveywinder/2019/02/15/cybersecurity-mental-health-warning-1-in-6-cisos-now-medicate-or-use-alcohol/
[6] https://www.csoonline.com/article/3560604/driven-to-drink-how-cybersecurity-professionals-are-dealing-with-stress-related-substance-abuse.html
[7] https://www.goodreads.com/quotes/556511-the-way-the-world-is-made-the-truth-is-all
[8] How to Take a Brain Break | Jim Kwik


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *