Stretched and stressed: Best practices for protecting security workers' mental health

Security work is stressful under the best of circumstances, but remote work presents its own challenges. Here's how savvy security leaders can best support their teams today — wherever they're working.

Security researcher Amanda Berlin’s anxiety started when she was a teenager, but it went undiagnosed and untreated for a long time, as it took her many years to realize she needed help. One night, when she was 25 and married with two kids, she had a breakdown. “I remember getting out of the shower… and I just started bawling, sitting on the floor of the bathroom,” she told the audience at Northeastern Ohio Information Security Forum in 2017.

“The inside of me was all static. It physically hurt me when I tried to speak,” she said. “I realized at that point that I probably should try to figure out what was wrong with me.”

After she got better, Berlin started talking about her experience of managing depression and anxiety while working from home and caring for two small children. Her tweets got a lot of attention from infosec professionals facing the same struggle, and soon she founded Mental Health Hackers, an organization that aims to educate security professionals about “the unique mental health risks faced by those in our field.”

Berlin, who is also a senior incident detection engineer at Blumira, believes that the recent shift toward working from home has put even more pressure on infosec professionals. During the first months of the COVID-19 outbreak, remote workers were 30% more likely than others to say their mental health had declined, according to a survey carried out by SAP, Qualtrics and Mind Share Partners in March and April 2020.

“While many cybersecurity professionals already had experience with partial telework, most of us were unprepared to suddenly work from home 100% of the time,” says Dr. Celeste Paul, cybersecurity researcher at the National Security Agency (NSA), which has done a number of studies on the human aspects of working in infosec. “For a community who has such a strong self-identity tied to work, the inability to get work done only further contributes to the stress we carry.”

To continue reading this article register now

The 10 most powerful cybersecurity companies