Cybersecurity Awareness Month: Building Resilient Teams

A longer version of this blog originally appeared on VMware News & Stories

VMware is proud to be a 2021 Champion for Cybersecurity Awareness Month, a collaborative effort among the public and private sector to increase resiliency and raise awareness about cybersecurity. The initiative is co-led by the National Cyber Security Alliance and the Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security. As one of 15 members of CISA’s Joint Cyber Defense Collaborative (JCDC) and a Champion of Cybersecurity Awareness Month, VMware is committed to protecting our customers from cyberattacks and furthering collaboration across the private and public sector to better defend against evolving threats.

This month, we are taking the opportunity to bring attention to a critical issue impacting today’s defenders. With a surge in destructive attacks and a massive cybersecurity talent shortage, burnout is being felt by many in the industry. In a survey of incident responders and security leaders, VMware found that more than half experienced extreme stress or burnout during the last 12 months. Of that group, 65% considered leaving their job because of it.

Building Resiliency

To protect the defenders who are constantly working to stay one step ahead of attackers, the industry must combat burnout across security teams by prioritizing their well-being. For cybersecurity leaders, the focus must remain on building resilient, cyber-vigilant teams.

“Burnout is a huge issue with incident response teams, who are handling a spike in engagements in what is still a largely remote environment,” said Rick McElroy, principal cybersecurity strategist at VMware. “It only further underscores the need for leaders to build resilient teams, whether that means considering rotations of work, empowering individuals to take mental health days, or any number of other initiatives aimed at nurturing personal growth and development.” 

There are several best practices that infosec managers and cybersecurity professionals can implement to help each other stay healthy in this high-stress occupation. For infosec managers, consider adopting resilience-building techniques, and wherever possible, improve workflow and workload by embracing automation. For cybersecurity professionals, recognize the warning signals of burnout and find the practices that help you reset. For more best practices, check out the infographic at the end of this post.

“Burnout is an occupational hazard for security professionals and one we need to deal with effectively,” said Karen Worstell, senior cybersecurity strategist at VMware. “It is critical that we learn how to stay in-the-game and provide a strong set of shoulders for the next generation. By acting appropriately, we can all enjoy our work and help each other to stay healthy in this high-stress occupation.”

Hacking Burnout: Resources and Get Involved

  • Join the conversation about how to effectively address and prevent burnout as a security professional. Amanda Berlin, CEO of Mental Health Hackers and Lead Incident Detection Engineer for Blumira, will join VMware’s Rick McElroy and Karen Worstell for an honest conversation about burnout on LinkedIn on October 14 at 2:00 p.m. ET and on Twitter on October 28 at 2:00 p.m. ET.
  • Support the Mental Health Hackers mission to educate security professionals about the unique mental health risks faced by those in the cybersecurity field, provide guidance and support services. VMware employees can donate to Mental Health Hackers and secure a 100% match from the VMware Foundation on BrightFunds.
  • Explain how you maintain resilience in your cybersecurity career. Join @StaySafeOnline and @CISAgov for the #CyberCareerChat on Twitter on October 19 at 2:00 p.m. ET to inspire and promote the exploration of cybersecurity careers.
  • Read Karen Worstell’s latest blog post about combating cybersecurity burnout through self-care, empathy and empowerment and watch her interview on the Cyber Insecurity stream about her personal experience dealing with burnout.
  • Download VMware’s 2021 Global Incident Response Threat Report to read the latest on emerging threats that are leading to the burnout of the security professionals tasked to defend against them.
  • VMware employees can visit the Well-Being site for solutions that reflect our EPIC2values and range from the annual well-being stipend to emotional well-being support.  

To join the Cybersecurity Awareness Month conversation, use the hashtags #BeCyberSmart and #CybersecurityAwarenessMonth, and don’t forget to tag @vmw_carbonblack.