As you may have seen, the C8 team was recently in San Francisco, at the RSA Conference (RSAC), pinning our ears to the ground exploring the burning topics in the cybersecurity industry and more! So, as our title suggests, here is what we learned.
Mental Health in Cybersecurity
It wouldn’t be a stretch to assume that everyone reading this has experienced feelings of burnout at some point. It has been a tough few years for us all, and the demands on IT teams to provide both security and ease of access have left them with a challenging balancing act, often leading to burnout. In recent years, the industry has become far more aware of these pressures, and the Mental Health in Cybersecurity Leadership Summit hosted by Cybermindz.org delved deep into the topic. The panel discussion included CISOs from PayPal, Zscaler, Proofpoint, and the State of Maryland, who shared their challenges, insights, and support strategies.
The discussion highlighted the immense pressure security teams are under, with panelists opening up about their experiences of emotional depletion, senses of doubt, and needing to shut down to protect their health. It came as no surprise to hear 40% of CISOs are considering leaving their job in the next 14 months due to the pressures they face. The summit was a constructive conversation addressing mental health in cybersecurity, one I hope will continue to be a main topic of discussion in the industry.
Real stories from Ukraine vs. Russia Cyber War
One of the most enlightening moments of RSAC was during a fireside chat with Ruslan Mikhalov. As Co-founder and Chief of Threat Research at SOC Prime, a Ukrainian cybersecurity company helping to defend against Russian attacks, he discussed how some of his colleagues chose to stay in war zones to assist in whatever way they could.
He talked about the tumultuous landscape that his team has been operating in over the last year, even once the majority of his Ukrainian colleagues had been evacuated to safety. It was humbling to hear the pragmatism that the company has had to adopt, even using a unique pod system in place of remote or hybrid working, to allow employees to get to the nearest shelter in an emergency. In the midst of RSAC, this session brought some much-needed perspective to us all.
Bridging the Cybersecurity Skills Gap
The cybersecurity industry is constantly evolving and, as a result, the industry is broadening in scope every day. This creates infinite possibilities for those willing to learn and adapt, but requires companies to continually invest in upskilling and reskilling programmes to ensure security teams are equipped to combat emerging threats.
As the famous quote goes, “the best way to learn is to do.” Training programmes must offer practical, hands-on experience to be effective: cybersecurity training using generic content will struggle to engage people in a meaningful way.
Another much-discussed approach to overcoming the skills gap is to broaden our opinion of who can become a cybersecurity professional. Alongside schemes focused on inspiring young people early in their careers, companies at RSAC were encouraged again and again to consider applicants from different backgrounds. Military veterans, for example, make excellent cybersecurity professionals. They have proven skills in strategic thinking, teamwork, and pressure management. Encouraging pathways into cybersecurity from other careers can help plug the skills shortfall and add breadth and depth of thought to the industry.
And as ever, retention is vital. I was pleased to see a growing emphasis on treating employees well, offering fair compensation and creating a positive work environment to retain talented staff. After all, the influence that employees have over the success of a business is enormous.
Check out the next blog where we look at what brings people together!
For more information about how C8 Consulting can help to create compelling campaigns and kick-start conversations for your business, or to understand more about the social and digital activities that we are undertaking for our clients please feel free to contact us.