Taking Care of Business

Leave a comment

I remember back in early 1996 arriving home from work and telling the future ex Mrs Langford that was going to be very busy “for the next two to three months”. There was a project going on that I decided I was going to get involved in (outside of my normal IT Manager day job) and that it was going to be good for my career. In modern parlance, I had decided to “lean in”.

Those busy two to three months ended for me on the 10th September 2017. I had pushed myself professionally as hard as I could, burnt the candle at both ends, worked long hours, was only off work sick when I euphemistically “called in dead”, accrued millions of air miles, and was ostensibly successful in my career. Without wishing to dwell here on the events of that fateful night/morning in September 2017, I had reached the end of the line; all of that work and effort had ultimately netted my severe anxiety and stress, diabetes, alcoholism, and a desire to make it all stop very violently.

All of which brings us neatly to right now. I am currently off work sick. I’m very likely to head back tomorrow 9even though I am not 100%, but boredom is a keen medicine sometimes), but I have had the best part of five working days of, plus a weekend in between. I had been feeling under the weather for about a week or so beforehand, but at about midday on my first day off I decided to just switch off my computer and go to bed, and there I more or less stayed for the best part of a week. I had tested positive for COVID, but a few days later that was now negative and I still felt like a bag of rusty spanners had taken residence in my lungs, and my energy levels were depleting like a Death Star tractor beam. Looks like I worked through a second bout of COVID and then got taken down by another virus; but those are details for me and my GP and work HR I guess.

But “SO WHAT?!” I hear you cry? Well, throughout these last few days of being off I made a conscious effort to disconnect from work as much as possible and focus on my recovery. I learnt my lesson those few years back, and realised I needed to get myself back to fitness, despite the many pressing deadlines and meetings I was missing, and the importance of the work I was doing. I focussed on myself and my health as I knew I don’t want to go back too early and jeopardise not only my health but my work performance.

And you know what? Despite everything I had experience before and told myself, I still felt guilty about taking the time out.

This shouldn’t come as a surprise to anybody, anywhere though, not least the information security industry. A few weeks ago, my good friend and all round good chap Sarb Sembhi, who along with Peter Olivier and Paul Simms authored a paper on Mental Health in Cyber Security, and of which I was asked to peer review. I will leave you to read the paper yourself, but the figures in there are both unsurprising as well as making for uncomfortable reading regarding anxiety, depression, anger, alcoholism etc..

I was asked by a client over dinner recently “what keeps you up at night?”. Obviously they were fishing for gossip/insight into the state of our joint business, but I told them that basically nothing does because after my life changing experience back in 2017, I refuse to get stressed or anxious over work matters because it simply isn’t worth it, especially as I am not CISO for something that may save/take lives. And yet here I am feeling guilty about taking maybe another day off sick, and deciding to go back even though I am still not breathing right and feeling fatigued. Surely I should know better?!

To be clear, we are (normally) compensated well and a have privileged positions at work to get the job done properly; we have responsibilities to our colleagues and to the clients and markets we support to do the right job and put the effort in, and frankly most of us even enjoy our jobs. But I can absolutely guarantee you that none of that is worth anxiety, depression, anger, diabetes, alcoholism and suicidal tendencies if that pressure to perform is maintained indefinitely.

Taking care of business ultimately means taking care of yourself first.

I am going to be at InfoSecurity Europe in a few weeks time on stage with the Sarb and Peter, authors of the above mentioned Mental Health in Cyber Security paper.

Links to other interesting stuff on the web (affiliate links)

What Exactly is the Cyber Scheme?

Solving today’s Security Challenges With Device Centric SSE

Sneaky Tricks In Enterprise Pricing

Waving, Not Drowning

1 Comment

I have just stepped off the stage at the Pulse Conferences CISO 360 Congress in Rome having presented on “The True Cost of Security, A Personal Story”, recounting my experience of poor mental health. I published my life threatening experiences in my Blog, Drowning not Waving, published a few months ago, and those of you with good memories will recall those events also took place in Rome in September 2017.

I haven’t been back to Rome since then until now to do this talk, and so I am doing so with significant apprehension and unease. It’s an odd feeling, and one I haven’t experienced since my breakdown, but it is one that I will work through and will ultimately do me good. I also have to thank the incorrigible Clive Room of Pulse Conferences for giving me the opportunity to do this talk to a significant audience, and in Rome also. Personal stories are always so much more powerful, and if people in the audience either get the help they need, recognise others in their lives who need the help they need or even just understand that it is a perfectly normal thing to go through, then it will be worth it.

It is also the last time I will be publicly talking about this topic.

I have been approached many times since my original post by people thanking me, empathising with me or generally being extremely supportive as my post had a personal impact on them in some way. In short, the response has astounded me. However, I don’t want to be known as “the mental health guy”; the point of my story is that I recovered, got better, moved on and actually came out a better person. The point of my story was that it was a transitory period of my life and not one (for me) that I have to keep going back to in order to maintain my recovery. The point of my story was to let others know that they are not alone.

Does this mean that I don’t care about this topic any more? Obviously not, and I will always be happy to engage with people about it, help and support them if needed. I am always going to “available” if that is the word, to anyone that feels I may be able to help them.

It does mean that this will be the last time I blog about it, present or appear on a panel on the subject or make any kind of public appearances or endorsements on the topic. Some of you may think this is a bit odd, or maybe even callous and cold, and I understand that. However, this is what is the right thing to do for me in my pursuit of happiness, continued engagement with the InfoSec community and growth of my own business.

To be absolutely clear though, if you want to talk/DM/email with me about this topic then please do. If you feel the need to talk about your own struggles, or think I can help, then reach out, and I will make myself available to you as best I can. Depression and alcohol dependence is a an empty and lonely place to be, and if a kind word and a smile from me will help you then then don’t hesitate. You should also speak to a mental health professional as well of course, as you would have to be very unwell to think I am your best route to happiness!

Thank you to everyone who has shown support, love, compassion, empathy and friendship since reading my story, you know who you are, and I send it all back times three thousand