I can certainly empathize with folks who suffer from burnout, in any occupation. It is miserable and clinical and not to be minimized or swept under the rug. But if this whole mindfulness approach has shown me anything, it is that we control how we respond to situations. So yes, security is a tough job. Yes, you probably can’t win. Yes, your senior management has no idea what you do and can’t understand your value.
But that doesn’t mean you should go reaching for the hemlock at the first opportunity. You have to be able to handle the job – good, bad, and ugly – on a daily basis. Or find something else to do. And I say that from a position of kindness, not to be a dick. If you can’t find happiness, engagement, and a sense of accomplishment from your career, get a new career.
Krypt3ia posts his perspectives on the burnout issue. I am pretty sure he isn’t coming from a place of kindness but he delivers the facts. In order to survive and possibly even thrive doing security, you need to understand the job. And Scot has a great summary in a few bullet points:
– It is your job to inform your client/bosses of the vulnerabilities and the risks – It is your job ONLY to inform them of these things and to recommend solutions – Once you have done this it is up to them to make the decisions on what to do or not do and to sign off on the risks – Your job is done (except if you are actually making changes to the environment to fix issues)
Did you get that last one? Your job is done. Remember the Serenity prayer? I don’t care if you kneel at the alter of the Flying Spaghetti Monster or nothing at all – if you know the difference between what you control and what you don’t, you have a chance.
If you don’t, then you don’t.
Photo credit: “Nice Cup of Hemlock?” originally uploaded by Kova Shostakovich
Reader interactions
2 Replies to “Pass the Hemlock”
I’m like you in that I’m so tired of all the navel gazing that passes as insight. Security burnout is silly. I’ve said it before and it bears repeating: if you think you have a stressful, difficult, emotionally draining job go talk to a critical care or ER nurse. We have it easy.
Burnout comes from frustration which comes from a lack of competence. Either you don’t know how to influence others and you don’t know how to craft an influential message, or you don’t know how to accept risk. If this applies to you, don’t try to move up in the security world.
If you want to “blame” the audience for not getting your message or for ignoring your advice, get over yourself and realize there are lots of factors in any decision and security isn’t always the primary one. Try understanding the other factors; it will help.
Finally, if people don’t take your advice and bad things do happen, don’t gloat. Roll up your sleeves and help them. It is what we are paid for.
Amen.