Demystifying PTSD in the Cybersecurity Environment

The talk discusses the impact of PTSD in the cybersecurity environment and the need for the industry to better understand and support those who suffer from it.

• PTSD is a serious issue that can stem from a variety of sources, including military service and sexual trauma.
• The cybersecurity industry should not ignore or trivialize PTSD, but rather embrace and support those who suffer from it.
• Individuals with PTSD can bring unique skills and perspectives to the cybersecurity field.
• There is no one-size-fits-all approach to managing PTSD in the workplace, but empathy and support for colleagues is key.
• The speaker shares his personal story of PTSD and how it has shaped his life and work in cybersecurity.

The speaker shares his personal story of PTSD, which he attributes to his military service in Afghanistan and a unique medical trauma. He discusses how cybersecurity has offered him a sense of agency and a haven for his cognitive and emotional well-being. He also notes that while he does not want pity or analysis, he does want his colleagues to engage with him and others who suffer from PTSD in a supportive and empathetic way.

In February 2018, an article appeared concerning 'cybersecurity PTSD' and its impact on the security workforce, spurring a reaction to the terminology and the conditions referenced. More anecdotally, we as security practitioners have all heard co-workers lament of a stressful experience resulting in some sort of workplace 'PTSD.' While it is therapeutic to joke about serious issues at times, as a Post-Traumatic Stress Disorder sufferer and survivor there are limits – but also scope to identify moments for our industry to grow in facing such issues.Whether through sexual trauma, military service, or other traumatic experiences, the number of diagnosed cases of PTSD is increasing – and along with it the chances that you will encounter someone living with this condition in the workplace. As the security industry grows and matures, the proper response is not to ignore, avoid, or shun this topic, but to embrace PTSD and coworkers and colleagues experiencing it to better understand the condition and formulate a better, more understanding workplace.In this talk, I will speak to my own story of PTSD – from military service in Afghanistan to a very unique medical trauma – and how it has shaped not just my life, but my work in cybersecurity. Principally, cybersecurity has offered a haven for myself cognitively and emotionally - and I feel that I am not alone in finding peace and solace in our field. In providing this overview, I will touch on various points that we as a community can embrace to better understand and support those in our midst who may also suffer from such a condition. Overall, the goal is to keep matters reasonably 'light' so we as a community can discuss such subjects, while at the same time diving head on into how the security culture both supports and provides difficulties to PTSD survivors. Ultimately, developing a more empathetic, emotionally aware security community will only benefit us as a profession – and PTSD is an excellent starting point for such a conversation.