What does mental health have to do with cybersecurity? Are they related? In short, the answer is most certainly yes. Mental health can have critical implications on cybersecurity practices. It can also have an impact on professionals in the industry; hackers continue to find new methods of exploitation every day.
Whether through technical vulnerabilities or by executing a scam, they use any means necessary to steal your personal information. Social engineers rely almost entirely on manipulating their target. What separates the good from the bad is their state of mind and mental health.
Empathy
Empathy is the ability for one to relate to another person. It brings about compassion, understanding, and the ability to “feel someone else’s pain.” Empathy allows you to put yourself in another person’s shoes. Empathy creates remorse when doing something wrong or causing harm to another. Without empathy, you stop caring if you hurt others or destroy a system.
Threat actors who exploit the target are not concerned about the damage left behind. They do not care if they break the law or leave emotional damage in their wake. Every professional hacker I have listened to says empathy is not just required, but essential. Empathy is what separates the good from the bad.
Mania
Mania is a period of euphoria, extreme excitement and delusions. A person suffering from mania may experience a seemingly endless supply of energy, requiring little to no sleep. Manic episodes can even last for days and can also cause fits of anger and rage in a person.
The effects of manic rage can cause outbursts, or even paranoid delusions: if a hacker is suffering a manic episode, they may perceive an imaginary threat and lash out. The threat to safety and physical damage to systems could take a rather large toll. Professionals suffering from mania may work themselves into burnout, or a psychotic break.
Paranoia
Paranoid delusions can be very real. People who suffer from extreme paranoia may believe their homes are under surveillance. They may even be paranoid of strangers, coworkers and friends. If so, they could use this delusion to justify taking matters into their own hands.
This can have a huge, lasting impact on one’s sanity and health. Paranoid delusions can be used to justify destroying systems or steal data. Paranoia could manifest into constant fear of cyber-attacks. As a result, security professionals may overwork themselves, leading to elevated anxiety levels and frequent burnout.
Anxiety/Depression
There is a huge deficit in the number of security professionals. As a result, cybersecurity is one of the most stressful careers in the tech industry today. Enormous pressure to thwart off attacks causes professionals to work long hours, overexerting themselves.
This could also lead to pros developing severe depression. The increasing number of attacks and digital devices creates new attack vectors that must be protected. With the shortage of workers, those already in the industry have to step up and carry that burden and when someone begins to suffer from depression, thoughts of suicide can creep in.
What separates the good from the bad
What separates the good from the bad more than anything is empathy. It prevents professional hackers and social engineers from crossing the line. Anxiety, depression and paranoia can all lead to thoughts of suicide or extreme, erratic behavior.
There seems to be plenty of evidence to suggest a rise in mental illness among cybersecurity professionals, but mental health is not just essential to the professionals - home users can also be affected by it as well and this could cause lapses in their security practices.
The only way to stay ahead of the criminals is through cooperation and caring for ourselves. This starts with mental health awareness and solid cybersecurity practices.
Patrick Putman began his career 18 years ago with a degree in E-Commerce Web Programming and Design. He was introduced to Information Security while briefly working for a civilian contractor with the FAA. After a 12-year career in graphic design, his passion for cybersecurity was reignited after exposure from the T-Mobile and Equifax data breaches.
When it comes to computers, Patrick is a “jack of all trades, master of none” with experience in PC, Mac and Linux. Having been a hacker for more than a decade, Patrick has experience in OSINT, Pretexting, Social Engineering and physical cyber attacks.