When it comes to security teams, many people may assume that these specialists have some natural ability or extra mental strength for dealing with challenges. After all, these individuals are responsible for preventing cyberattacks and dealing with catastrophic incidents when they occur; they must always be on and ready. However, in my experience as a security leader, I have seen firsthand how alert fatigue, burnout, and mental health challenges can impact everyone in an organization, from newly hired graduates through to the best-trained and most experienced SOC staff.
The growing burden placed on security professionals has only exacerbated this problem. Being forced to understand increasingly complex threats while facing various business constraints, lack of executive alignment, understaffing, and inadequate tools can create feelings of failure and frustration that add to existing mental health struggles. While remote working has brought many benefits, it can also lead to a lack of support from management when people need it most. It’s often easier to overlook or minimize challenges when a team is remote or problems are out of sight. If we want to build resilient and robust security teams in this ever-changing environment, we need to take mental health seriously and give our people the support they need to thrive.
In light of Mental Health Awareness Month, we wanted to understand better the current state of mental health and wellness amongst cybersecurity practitioners. To do this, we surveyed 1,027 members of security teams from both the United States and Europe. We gathered their responses on a range of topics, including their daily struggles, how they rank their mental health in general, and whether or not they feel that adequate support systems exist for those with mental health needs.
Overall, the 'State of Mental Health in Cybersecurity: 2022' report paints a concerning picture. Despite growing awareness of the importance of mental health in the workplace, many security professionals still struggle to maintain their individual wellbeing over the long term. Ultimately, it is clear that more work needs to be done to support the cybersecurity community's ongoing mental health needs.
At Tines, this community starts within our own team. We’re not mental health experts, but we know the importance of supporting each other and normalizing this discussion. For this reason, and because it's the right thing to do as an employer, we are committed to introducing and evolving internal initiatives that support and nurture our employees.
Some of the ways we're taking action at Tines include:
A company shutdown day to allow the whole team to recharge and unwind without worrying about missing something.
Promotion and education about our company-wide Employee Assistance Program.
Social events and team-building activities that allow us to get to know one another better as colleagues and friends. By forging connections away from the daily grind, we not only create a more harmonious workplace but also cultivate a culture of resiliency and productivity that endures even through busy periods.
Employees can apply a health and wellbeing allowance to whatever they wish, whether it's a massage, a therapy session, a fitness tracker, or a personal trainer.
An all-hands session on normalizing the conversation around mental health with myself and our CEO Eoin Hinchy.
An internal Slack channel, 'TinesMinds,' for people to discuss health and wellbeing.
We want every Tines employee to feel seen, heard, and respected and to know that we are committed to prioritizing their wellbeing. By investing in our employees, we can also continue to provide an exceptional product and level of service to our customers.
With the publication of this report, our aim is to raise awareness about the challenges faced by security teams and the wider infosec community and spark critical conversations on how companies can better support employees’ mental health.
To help further encourage our customers and the wider infosec community to take care of their mental health, we are offering 400 cybersecurity professionals a free 12-month subscription to Headspace, a leading provider of meditation services. Through regular mindfulness sessions, we hope that individuals within the security community will be able to take better care of themselves and address burnout before it becomes a major issue. Subscriptions are assigned on a first-come, first-served basis, and you will not be added to our mailing list or receive any outreach for availing of this offer. (*This offer has ended)