It's mile 22, the moment in the marathon when my legs feel like concrete, my brain is foggy, and every part of my body is telling me to stop.
The noise of the crowd around me dissolves into white static as I hit the dreaded wall—the point in the race when your body begins to give in and your mind must decide whether you will submit to its demands.
But that's not the only time I remember feeling this tiredness.
How cybersecurity Leader, I hit the same wall at work where fatigue, adrenaline and strong emotions collide. In both cases, the only option is to keep moving forward.
With fall marathon season in full swing, I'm reminded of the many parallels I can draw between my job and my life's passion.
Cyber Threat Analyst at LastPass.
Both marathon training and working in a fast-paced and stressful industry require consistency, patience and long-term focus.
Running a marathon is a grueling endeavor for obvious reasons, but whether you've laced up a pair of running shoes or not, working in cybersecurity exercises the same muscles.
In short, the lessons you'll learn over 26.2 miles apply directly to a career in one of the most stressful and fast-paced industries.
Taking the time to make these thoughtful connections between endurance and persistence in both training plans and safety strategies—you're set up for success on the track, on the road, and in the office.
Finding the right step
I started my cybersecurity career right before the COVID-19 pandemic, with no idea of what was just around the corner. As the pandemic settled and its effects quickly began to emerge, it became clear that the health, social, and cybersecurity impacts of COVID would be long-lasting.
Industry veterans were quick to point out how busy this period was: malware, ransomwarephishing and social engineering attacks are on the rise. During this time, I often worked long hours from home on projects that were a priority for our management.
Learning to be a good threat information The analyst's job of navigating this increasingly complex threat landscape while establishing personal boundaries was challenging during this period.
I was immersed in information overload, and later—while leading our team's annual threat assessment process—I had to learn tedious processes that required intense coordination among many moving parts.
It all seemed overwhelming, but I began to feel like I had been in this position before. Once I drew the first parallel, I couldn't stop. That's when I realized that marathons taught me everything I needed to survive in one of the most challenging industries.
Using the power of movement and thinking
Running a marathon, like working in cybersecurity, is all about your mindset. If you want to have a good time in competition or achieve positive results at work, you have to put in the time and effort. Both marathon running and the ability to effectively lead cybersecurity require a level of mental toughness that is not natural, but rather learned and earned over time.
I love running because it forces us to overcome challenges, overcome obstacles, and remain resilient. One of the first things I learned while running was to create small, practical goals for myself instead of focusing on a complex end goal.
Instead of asking, “How can I run 600 miles in a 16-week training block?” it was just, “Here’s what I need to do today.” I applied the same logic to my challenging work projects, learning to block out the noise and focus on the one step that would get me closer to the finish line.
The value of learning
Running a marathon is not something you can wake up one morning and do; it takes months of dedicated training, from long, fast runs to tempo training and recovery.
It's a careful balance of consistency and strategy, and it's highly individualized. I'm not going to follow an elite runner's training plan; I'll probably just get injured.
The same mentality applies to cybersecurity. Just as training for a marathon requires focused, ongoing preparation, maintaining a safe environment requires proactive efforts well before race day, or in this case, before an incident occurs.
You can't expect enhanced protection unless you continually test systems, monitor vulnerabilities, and refine response plans. The first step is to make sure you have the essentials – good password hygiene, strong multi-factor authenticationand increased awareness of phishing.
Personalized training and preparation will help you excel in both work and sport by helping you stay sharp, forward-looking and constantly adapting.
Cybersecurity is a marathon, not a sprint
The longer I ran and the longer I led, the more I realized that endurance is a discipline, not a destination. The habits that help you overcome a marathon are comparable to those that help cybersecurity teams thrive under stress and adapt to constant change.
Some of these lessons have proven to be universal, whether I'm training for a race or just getting ready for the next day at work:
Tempo is critical: Every runner knows that the fastest mile is not the first. If you start the race too fast, you'll burn out before you see the finish line. Cybersecurity is the same; it cannot be fixed overnight with one product or patch. Maintaining strong security requires consistent effort, regular patches, and constant vigilance to get you through the entire journey.
Watch out for fatigue: In the cybersecurity industry, burnout or complacency can leave the door open to breaches. As with long running, you have to encourage yourself to push harder, dig deeper, and continually improve. The best cybersecurity leaders are those who constantly monitor and stay several steps ahead of threat actors.
Determine who your fans are: Seeing a familiar face on the track or even hearing strangers shout my name printed on my race bib always gives me that boost.
Whether it's my running club teammates who spend hours training with me, my husband who prepares nutritious meals to help me recover, or even volunteers on race day, you can't succeed without community.
When I think about the mentors, bosses and teammates who have taught and supported me throughout my career, I realize that my success is truly the sum of its parts.
Transform more of your company's employees into cybersecurity champions. The more cybersecurity can influence business decisions, and the more community we build, the safer we will all be.
The finish is not the end: Even after you cross the finish line, recovery and reflection are still part of the marathon process.
In cybersecurity, analyzing and improving after an incident is vital to maintaining resilience. And like marathon runners who are always looking forward to the next race, cyber leaders must continue to build and change their defenses, especially as the threat landscape continues to rapidly change.
Running has taught me that there is no final finish line, only the next race, the next challenge and the next opportunity to become stronger. Cybersecurity feels much the same.
Every project and each lesson affects how we respond when the next step comes. When we look at both marathons and cybersecurity, we realize that endurance is not built in one moment of triumph, but in the quiet, consistent work we do day in and day out.
Both on the road and at work, progress manifests itself in the form of confident miles, patience and perseverance. By pushing forward with the same mindset – the one that drives us to continue to show up even when it's hard – there is no limit to what we can achieve.
We have introduced the best identity management software.
This article was produced as part of TechRadarPro's Expert Insights channel, where we profile the best and brightest minds in today's tech industry. The views expressed here are those of the author and do not necessarily reflect those of TechRadarPro or Future plc. If you are interested in participating, find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
