Tackling Cybersecurity Staff Burnout with Val Dobrushkin
Play • 32 min

I invite Val Dobrushkin, Director of Risk & Compliance at Noname Security, into the studio this week to tap into his openness and transparency around his role as a security leader and his personal mental health journey. As compliance professionals, Val and I cover the technical side of his career, including his opinions and experiences with SOC 2, ISO, and GRC. As friends, Val and I dive deep into the difficult topics of workplace stress, labor shortages, career burnout, and mindfulness.

Timecoded Guide:

[00:00] Framework preferences & the benefits of SOC 2 vs ISO

[07:06] Compliance & security from a business perspective

[13:52] Cybersecurity labor shortages & tech skill gaps

[16:50] Workplace stress & the struggle of cyber career burnout

[21:15] Mental health advice for security practitioners 

 

Do you think GRC is a good entry point for cybersecurity? 

Much like myself, Val is a firm believer in GRC as a solid entry point in the cyber security industry. Junior security practitioners need an area where they’re exposed to a variety of positions and functions, and Val sees endless training opportunities for a young professional looking to get their start in GRC. Repeatable processes and teachable functions show entry-level cyber employees the value of compliance and how what we do as cyber professionals impacts the businesses we work with.

“When you rise up the ladder, you may feel like those standard beginning steps are tiring from having done them for many years, but it's those things that are easy to pick up. They're easily repeatable, and a very quick intro to say, ‘Hey, this is what this does for the business. There's some value in it.’” 

 

How do we solve the cybersecurity labor shortages and skill gaps? 

Anyone working in the industry understands the stress of the cyber workforce gap and how it has impacted both understaffed tech companies and overworked cybersecurity practitioners, especially in the wake of the covid-19 pandemic. With so much conversation around cybersecurity talent shortages, I asked Val where he saw potential for solutions. His advice fell on the shoulders of cyber industry leaders, urging them to acknowledge the security skills gap and the staffing issues taking place. Without acknowledgement, Val warns that leaders will not set themselves up for success when welcoming new security professionals to the workforce or training industry outsiders in new positions. 

“When we hire somebody, we can give them a set title, a set function. At the same time, we also have to leave them room so they can grow and do something more, something better, something different.”

 

Why do you think we’re seeing cybersecurity professionals burning out?

Not only are cyber staffing shortages weighing on us, but cybersecurity professionals are burning out at rapid rates. The great resignation feels far from over for many companies, and I have seen security personnel quickly burn out and leave the industry entirely. Considering Val’s vulnerability about mental health, he is quick to sympathize with those skilled workers feeling too exhausted to continue their roles. Security practitioners are often undervalued when businesses see cybersecurity as an expense, not something that can potentially save their business. Undervaluing combined with a lack of cohesiveness in teams and a lack of new opportunities, we are looking at a potential mental health crisis in cyber.

“Security is not usually appreciated. Things go wrong and then, security is often blamed for not fixing things beforehand, or not building these things right. There's always a lot of pressure…It’s really hard to compete.”

 

Can you tell me about your personal mental health journey and how it has impacted your cyber career and company?

Immigrating to America at a young age and pushing himself hard in his career led to Val learning his lesson about mental health the hard way. After struggling with depression throughout his adulthood and managing his mental health through mindfulness and spirituality, Val focuses more of his energy now on showing others the value of lifting yourself up. While focusing too hard on societal and career expectations led to Val’s personal burn out, he’s come out the other side of many of his mental health struggles with clarity and consciousness about what others are going through, as well as a motivation to guide others on a healthier mental health journey.

“I learned early on in my career, when I had my first subordinates, that when people were underperforming, it wasn't because they were bad or they weren't skilled, there was something else going on. Once we were able to figure out what that something else was, they performed well above my expectations.”

---------

Links:

Keep up with our guest, Val Dobrushkin, on LinkedIn

Learn more about Noname Security on their website and LinkedIn.

Connect with AJ Yawn on LinkedIn and Twitter

Follow ByteChek on LinkedIn and Twitter, or learn more about ByteChek on their website

Listen to more from the Hacker Valley Studio and To Comply or Not to Comply

More episodes
Search
Clear search
Close search
Google apps
Main menu