Are you afraid of making mistakes?

Welcome to the new 177 cyber warriors who joined us last week. Each week, we'll be sharing insights from the Black Hat MEA community. Read exclusive interviews with industry experts and key findings from the #BHMEA stages.

Keep up with our weekly newsletters on LinkedIn — subscribe here.

Our weekly delivery of insights and interviews. Be inspired by the global Black Hat MEA community. 

This week we’re focused on…

Being OK with making mistakes and not having all the answers. 

Why? 

Because we interviewed BHMEA Advisory Board member Jason Lau (CISO at crypto.com). We asked him what advice he’d give his younger self, and he said: 

“I'd tell myself to embrace challenges and uncertainties as opportunities for growth and learning.” 

It’s worth repeating

Embrace the challenges. Be OK with saying ‘I don’t know’. Because it’s impossible for anyone to know everything – even if you feel like you should. 

“Early on, I felt pressured to have all the answers and avoid mistakes,” Lau added. “However, I’ve learned that overcoming difficulties provides invaluable lessons. The cybersecurity field shares many parallels to the game of chess, and even the best grandmasters are not unbeatable.”

“Each day is a new challenge and it’s important to learn and evolve regardless of the outcome.” 

Cybersecurity is a high-pressure industry

The bottom line is that the stakes are high, which puts a lot of pressure on the shoulders of the people who are responsible for security. 

And that pressure is reflected in a growing body of research, including: 

• One study by ThinkCyber Security Ltd which found that half of employees are afraid to report security mistakes – and the fear of reporting can lead to higher risks for organisations, with errors going unrectified.
  
• Research that reveals cybersecurity professionals demonstrate poor decision quality when they’re working under stressful conditions – with pressure impairing their judgement.
  
• Studies that show a growing number of cybersecurity professionals are experiencing severe burnout; manifesting as exhaustion, cynicism, and a fear of making mistakes. One particular survey found that 85% of cybersecurity professionals across six Asia-Pacific countries were suffering from burnout.  

The fear of making mistakes holds cybersecurity professionals back from making sound, confident decisions 

Stress, pressure, and burnout are all linked to the high stakes of cybersecurity. And they’re also key factors that are driving a fear of making mistakes – which is holding cybersecurity professionals back from having confidence in their own abilities, and making sound decisions. 

This isn’t a good thing. Instead of reducing the number of mistakes made, the anxiety that builds can lead to negative outcomes: 

• Failing to report errors
• Impaired decision-making
• Putting off decisions for later, leaving vulnerabilities unchecked 

Ultimately, this can have a damaging impact on an organisation’s overall security posture. We need to create space for cybersecurity professionals to try, to fail, and to communicate their ideas and experiences confidently. 

Read our full interview with Jason Lau: Why cybersecurity professionals should study psychology 

Join the conversation: How can we ease the pressure on the cybersecurity workforce? 

From entry-level positions to global leadership roles, you are feeling the pressure. We want to know what you think: what can organisations, cybersecurity team leaders, and the broader cybersecurity community do to ease the pressure and create safer, more productive working environments? Open this newsletter on LinkedIn and tell us your ideas in the comment section.

Do you have an idea for a topic you'd like us to cover? We're eager to hear it! Drop us a message and share your thoughts. Our next newsletter is scheduled for 07 August 2024.

Catch you next week,
Steve Durning
Exhibition Director

Join us at Black Hat MEA 2024 to grow your network, expand your knowledge, and build your business.