If you are like most infosec professionals, each day brings new and interesting challenges.

However, like most jobs, there are valleys that we fall into along the course of our professional development. How long can you stare at your SIEM tool before you start to experience some mild tunnel vision, or worse, severe burnout? Neither of these are productive paths for you or your employer.

When I find myself heading down that path of waning motivation, I exercise a 3-step plan to get back on track. I call it the Do Something, Know Something, Learn Something plan.

Here is how it works:

Set three recurring calendar events, each lasting an hour with a 30-minute break in between each task. For the first task, assign some of your daily activities that need your attention. This may be writing up a report, updating your monitoring logs, or performing triage on the security events under your responsibility. This is the “Do Something” phase. This one is most important, as it is probably the bulk of what is required of your job duties. This task will not only recur daily, but should be set to recur multiple times throughout the day.

The next task that should be on your calendar is the “Know Something” task. This is the task where knowledge is the goal. If you maintain any certifications, this is where a continuing professional education (CPE) credit-eligible webcast can fill the task requirement. This task time-slot can also be used to familiarize yourself with a new regulation or perhaps to just catch up on some of the infosec news of the day. The purpose here is to increase your knowledge about infosec topics that may come up during a lunch conversation, or perhaps an impromptu conversation with a senior executive in your office. (Read more...)