In the spirit of Festivus, I’m airing my grievances and demonstrating my feats of strength. I don’t know about you, but I didn’t enter 2022 with a full tank. I started the year by joining the hordes of people revenge-travelling/shopping/connecting/renovating (I know!). It’s no wonder I feel utterly exhausted. It’s also no wonder that I find myself feeling like “I’ve not done enough!”

Through my research on burnout, I recognize this as “professional efficacy” — how well we think we are performing, a key burnout metric (exhaustion and cynicism being the two others). So before I look forward, I need to recover, put grievances aside, and celebrate my 2022 feats of strength, which include:

The Intersection Of Work And Life

According to soon-to-be-released research by Australian not-for-profit Cybermindz, cybersecurity professionals in 2022 seem to be more burned out than frontline healthcare workers. I’m not on the front line of anything, and yet I’m feeling the burn. I shared some of my learnings on managing my own workload, mental health, productivity, deep work, and self-care in my 2019 wrap, and I’m going to share a bit more here.

In 2022, like many, I was back in the world again. I loved delivering roundtables, keynotes, track sessions, strategy days, and meetings in Singapore, London, Corfu (don’t ask), San Francisco, Maryland, and Washington, DC, and connecting with everyone again. I managed to tag family holidays to most of these (in my household, we call this “holiworks”). As a family, we spent time relaxing in Koh Samui, we ate our way through Puglia, Campania, and Basilicata, we hiked and parasailed in the Swiss Alps, and I squeezed in a sneaky mini-break in NYC while in the US.

With a heavy and relentless schedule, travel back on the agenda, and keynotes and events going back to IRL, though, I leaned heavily on a series of personal and work habits to manage my mental health and burnout. These include:

  • My daily, weekly, quarterly, and yearly habits. Daily: I dedicate one hour to exercise, or close to 10K steps, my goal being mental, more than physical, fitness. Weekly: Every Friday afternoon, I review my calendar for the week ahead, making sure I stick to my boundaries. I book all my exercise sessions for the week ahead. I block out any days that start to fill up beyond my maximum comfortable number of meetings. Quarterly: I do a quarterly self-review (Wheel of Life). Yearly: I reflect on good and bad decisions I made, the biggest lessons learned, the biggest risks, and surprises.
  • The practice of gratitude. This year, I received a number of heartfelt gifts and notes of thanks from industry friends and colleagues, which touched me beyond measure. It reminded me that I don’t make enough time to practice gratitude, so I was grateful when Julia Steel wrote this excellent blog on 14 ways to say thank you.

Looking Ahead To 2023

For 2023, I’m very excited about research on how CISOs can become “trusted” leaders. I’ll be launching research on human-centered security. I’ll continue research on stakeholder engagement in security, with a focus on empathy. I’ll also revive my research on cybersecurity team culture. And I’ll of course continue my research into security awareness, behavior, and culture.