People Powered Cyber Security

Cyber security, like tech in general, is an industry and profession with a bit of a reputation for being a human meat-grinder – hard work, high demands, ever changing requirements and little room for mistakes in many areas.

Terms such as “burn out” are used commonly and, while it is hard to really parse how much of this is a US-centric approach to working culture that clearly filters through everywhere on social media, it’s hard not to see it in practice here in the UK.

Working for an MSSP, I get a glimpse into the innards of many organisations’ security sausage factories every year, alongside our own. It is fascinating to see company cultures from the outside looking in – seeing internal politics and external factors on specific industries play out. At their best, they’ve inspired us on how we can do things better ourselves, and at their worst, shown us what pitfalls to avoid. Most of the time the organisations we work with are trying hard to do better and are driven to improve, which is always something you can get behind.

Defining Your Mission in Cyber Security

In cyber security as well as any other work or task you spend a decent chunk of your life doing, there is the concept of “the Mission”. Asking yourself, “what is my Mission in this profession?” is a great question. In my most high-minded moments I dwell on the idea that at SEP2 we’re doing our small part to assuring and protecting modern society, but that can feel very abstract – a “beyond the horizon” outcome. I was considering this recently: what can we do that is visible to us and we can take personal pride in?

• Human-Centric Outcomes: Making our customers’ teams visibly more effective is an easy thing to take pride in. When we deliver excellent service to our customers, or teach ourselves new tech, that’s moving the needle another notch.

• Supporting Ethical Missions in Cyber Security: Ultimately, it’s our customers’ missions that matter too. We work with charities, healthcare organisations, local governments and many other organisations that have either a positive or fundamental place in society. In a previous organisation, I refused to work on a customer’s environment as I pointedly did not agree with the ethics behind their business – the leadership were luckily supportive of that. Looking back, that was quite bold, but I hope we can support more customer’s missions that do good.

• Balancing Work and Personal Well-Being: Finally, the personal factors. I had plenty of days in 2024 where I had 6+ hours of Teams, Zoom, Google Meet calls in a single day, and some of my direct reports have had quite a few days like that too. That’s not really very fun. I’m going to use that as a marker of failure this year – if that happens, then something has gone wrong that should be adjusted, in terms of process ownership or workload. Being a slave to the headset is a necessary evil sometimes, and modern collaboration definitely beats being tied to a desk, but I’m trying to do better to emancipate myself from the Jabra a bit more this year.

Looking Ahead

Although it’s probably too far into 2025 to talk about New Year’s resolutions, I think one thing I am going to try and do more of is talking without purpose and making conversation with my colleagues. So much time is spent being focused on the Mission, maybe it’s time to take a step back and enjoy looking at the horizon.