Mindfulness Manages Mishaps

Recently one of our Pythia Cybersecurity co-founders, Brendan Hemingway, posted an entry about mindful technology use. Here is a part that caught my wandering eye:

While I am a fan using software tools to protect me, I struggle to imagine software tools ever replacing mindfulness in the arms race of scammers versus systems programmers.

He continues:

We now live in a world where scammers are trying to craft attacks that push our buttons, trying to take advantage of the simple rules, trying to leverage your best intentions to hurt you. 

Disclaimer: we at Pythia don't like fear, uncertainty, and dread as motivation. We like facts. Facts are very important in cybersecurity because you have enough hype in your daily life.

Fact: your system is under attack, right now.

Fact: you probably have not improved your cybersecurity skill. I discount that nice new certificate you have because let's face it that's a chit you got from a course you paid to attend and you got a certificate for "passing" in terms of increasing knowledge not for excelling your skill. What's the difference? Think of it this way: how many people who have a driver's license, therefore "know" how to drive, go around driving like idiots? Case closed.

Fact: low-level attacks such as spam, and even moderately sophisticated attacks, rely on you not noticing there is something odd going on.

Mindfulness is not mindlessness. The goal of mindfulness is to be aware so that you notice, but not become attached to, your thoughts and emotions and sensations. My advice to people is: you are not your thoughts. By detaching and being aware of the experience of your thoughts and feelings, not becoming them, you can maintain or regain equanimity. You are not afraid, for example, you experience fear (and so on).

Cybersecurity is not scary. Cybersecurity apprehension and fear come from remaining unaware of what's going on, from resisting change, and believing that you have no agency so why bother.

Mindless cybersecurity feels fearful and pays 'whatever it takes' to get a new shiny product platform in the hopes of being less fearful.

That does not have to be your fate.

Mindful cybersecurity is about being aware that you and your systems are being attacked or manipulated. It is about knowing that you have options that include reconceptualizing the problem into solvable parts and processes. This then brings you the opportunity to, as our friend Dr Brett Steenbarger might say, 'rage to master' cybersecurity. Only then you can mindfully choose your path.

Be mindful. It is the way that you can master not only your awareness and emotions, and own your development and cybersecurity program success also.

Ask us how you can achieve mindful cybersecurity. Leave mindless fear behind.