Drawing inspiration from Dr. Cal Newport’s concept of Slow Productivity, let’s explore how you can better manage your Mental RAM to thrive in the fast-paced world of cybersecurity—or life in general.
Cognitive Load in Cybersecurity
Dr. Ryan Louie is a board-certified psychiatrist who has taken an interest in the intersection of psychiatry and cybersecurity, dubbed “psybersecurity.” He claims there are dozens of studies showing the stress impact and mental health of cyber first-line defenders. In Ann Johnson’s Afternoon Cyber Tea podcast, Dr. Louie states: “There's an increasing and high level of burnout, of anxiety and depression and also from overall stress from responding to incidents. And it was recently found that ransomware is a very significant stressor causing this type of mental impact.”
This is coupled with 70% of UK Security Professionals working over the weekend (exceeding 40 hours), and 59% of Security Professionals suffering from burnout, impacting their job performance. With all of this said, I often wonder to myself: why is no talking about this? As in, why is this not being addressed? Here are some comments from current professionals:
- "The job feels like endless firefighting, with new threats constantly emerging and little support for prevention.”
- "Set reasonable work boundaries. Communicate limitations to management. Be prepared to change jobs if issues persist.”
- "Constant interruptions and shifting priorities make it difficult to focus on important projects.”
This is why at Security Blue Team, we believe looking after your mental health is extremely important, especially in this industry. We even worked with Dr. Louie to launch this FREE course titled Mental Health in Cybersecurity. If you are facing any of these conditions, learn how to better yourself and achieve a good mental health state by enrolling. Now, let’s get into the Multitasking Myth in this industry.
The Multitasking Myth
I am not an advocate of “spinnin’ plates.” This is an idiom that refers to having multiple tasks to complete simultaneously or being unable to focus on just one thing. One of the three tenets of Slow Productivity is Do Fewer Things. Now, depending on your position at work, this may not be possible. I won’t assume you have autonomy over the projects you take on at work, so eat the meat and spit the bones—another idiom. Now let’s bring it back to computers for a quick moment:
RAM is a computer's workspace, storing data that is actively being used or processed. It holds, at present, crucial information for quick access while handling multiple tasks, allowing the system (body) to run smoothly. As we all know, when demands exceed the capacity of the RAM, performance suffers, slowing the computer down.
Your brain has a similar workspace for handling information—and no you don’t need a surgeon to prove that. This goes back to the portion of the title: “Mental RAM.” Just like a computer, we have limits. If too many tasks demand your attention—whether it’s studying for a certification, investigating an incident, or responding to alerts—your brain can become overloaded. This cognitive overload leads to slower thinking, poor performance, mistakes, and eventually the B word: burnout. This all goes back to the idiom earlier; the more tasks we attempt to juggle at once, the less effectively we perform each one. Again, I am not aware of your role. I am just going with the studies presented earlier. You may say, “This guy does not know what I have to do at work” or “We are under constant alerts. I can’t just pick up ‘fewer’ tasks.” Noted, but all these actions will lead to the eventual B word. It does not matter if I am wrong and you are right—something needs to change.
Lastly, let's cover context switching: the act of shifting your attention between different tasks, apps, or projects. Most studies point to it being harmful to work. In cybersecurity, an example would be tackling an incident response engagement, then responding to an email, jumping on a call, checking on your DoorDash meal, to watching a live podcast that started 30 minutes ago.
Your brain needs time to refocus, and we are going to talk about some potential solutions that may help.
Slow Productivity for Mental RAM Efficiency
This guide will be inspired by some of the solutions in Dr. Cal Newport's recent book, not all of them will be applicable for cybersecurity professionals. In the last section, we talked about limiting the number of tasks you take on so that you can give each one your full attention. If you have some sort of autonomy, see if that is possible at your workplace. Studies show that your brain works more effectively NOT buried with too many tasks.
Another heavy point is carving out more time for projects. Assuming deadlines are not strict, you can offer to work at a natural pace, rather than rushing to complete it. For example at Security Blue Team, we have a small group of engineers working on many projects, most months, a few years. This gives our team more cognitive resources to process the entire project. Also, by pacing yourself, you give your brain the space to absorb, retain, and master the foundations of your career, seeing a third of your life is spent working.
Here is another good point: prioritize quality over quantity. We can go in many directions with this one! In cybersecurity, quality work is everything—whether it’s ensuring that your configurations are secure, writing clean code, or conducting a thorough incident response. Rushing through tasks—to meet a quota or seem productive to others—only reduces the quality of your work. This could then put a stain on the business service/product as we saw with recent events a few months ago.
Lastly, remember to prioritize tasks based on their importance and complexity, making sure to allocate enough “Mental RAM” to each one. You are still a human at the end of the day. Take breaks, PTOs, sabbaticals, or leaves if it's within your power. There is no reason to give your entire soul to a role and neglect health (i.e., yourself). Oh, that rhymed!
Slow and Steady Wins the Race
We have all heard of The Tortoise and the Hare story. The story highlights the beauty of slow and steady progress throughout the race—which some may liken to life. Limiting your commitments, taking time for important goals, and obsessing over quality—provide a framework for balancing productivity with sustainability.
Cybersecurity professionals should strive to manage their Mental RAM wisely, avoiding the pitfalls of cognitive overload and multitasking. I spoke with many professionals dealing with this. Heck, even some former colleagues of mine. This is a very serious issue, and I wish more light was spread on it. If we can reach one reader with this article, that would suffice. I am also speaking to myself in this article as well. To protect myself from burnout in this demanding field, I must focus deeply on fewer tasks, pace myself through complex challenges, and commit to high-quality work. Thanks for reading. Best of luck to you all!
