We’re at mile 22, the point in a marathon when my legs feel like concrete, my brain is foggy, and every part of my body is telling me to stop.
Around me, the cheers of the crowd fade to white noise as I hit the dreaded wall: the moment in the race when your body starts to give up and your mind has to decide if you want to submit to its demands.
But it wasn’t the only time I felt this fatigue.
As a cybersecurity manager, I encountered a version of the same wall at work, where fatigue, adrenaline and intense emotions collide. Either way, the only option left is to move on.
As fall’s marathon season reaches its peak, I’m reminded of the many parallels I can draw between my work and my lifelong passion.
Training for a marathon and working in a fast-paced, high-pressure industry requires consistency, patience and a long-term perspective.
Running a marathon is exhausting for obvious reasons, but whether you’ve laced up a pair of running shoes or not, working in cybersecurity uses some of the same muscles.
Ultimately, the lessons learned over the 14 miles are directly applicable to a career in one of the most demanding and dynamic industries.
By taking the time to make these thoughtful connections between stamina and endurance in your training plans and safety strategies, you’ll set yourself up for success on the court, on the road, and in the office.
Find the right rhythm
I started my career in cyber security just before the covid-19 pandemic, blind to what lay ahead. When the pandemic hit and its effects were quickly felt, it was clear that Covid’s impact on health, society and cyber security would be long-lasting.
Industry veterans quickly noticed how challenging this period was, as malware, ransomware, phishing attacks and social engineering attacks increased significantly. During this time, I often worked long hours from home on projects that were a top priority for our leaders.
During this time, learning how to be a good threat intelligence analyst while navigating an increasingly complex threat landscape while setting personal boundaries has been difficult.
I found myself trapped in information overload, and later, when leading our team’s annual threat assessment process, I found myself with long processes that required intense coordination between many moving parts.
It all seemed overwhelming, but I felt like I had been in this situation before. After I made the first parallel I couldn’t stop. Then it dawned on me: running the marathon has taught me everything I need to survive in one of the most complex industries.
Harness the power of movement and mindset
When you’re running a marathon, like when you’re working in cybersecurity, your mindset is the most important thing. If you want good response times or positive work results, you have to invest time and effort. Running a marathon and working as an effective cybersecurity leader requires a level of mental toughness that does not come naturally, but must be learned and acquired over time.
I love running because it challenges us to deal with pressure, overcome obstacles and remain resilient. One of the first things I learned while running was to set small, doable tasks instead of focusing on a daunting end goal.
Instead of “How can I run 600 miles in my 16-week training block?” It was just, “I have to do this today.” » I applied the same logic to my complex work projects and learned to ignore the noise and focus on the one step that would get me closer to the goal.
The value of exercise.
Running a marathon is not something you can do in one morning; It requires months of specific training, from long, fast runs to tempo and recovery drills.
It’s a fine balance between consistency and strategy, and it’s very individual. I will not follow an elite runner’s training plan; He would probably get hurt.
The same mentality applies to cyber security. Just as training for a marathon requires conscious and continuous preparation, maintaining a safe environment requires proactive efforts well in advance of race day or, in this case, even before an accident occurs.
Better protection cannot be expected without systematically testing systems, monitoring vulnerabilities and refining response plans. The first step is to ensure the essentials are addressed: strong password hygiene, robust multi-factor authentication, and increased phishing awareness.
Through individual training and preparation, you can go far in both work and sports, stay up-to-date, look to the future and know how to continuously adapt.
Cybersecurity is a marathon, not a sprint
The more I ran and rode, the more I realized that endurance is a discipline and not a goal. The habits that help you get through a marathon are similar to the habits that help cybersecurity teams thrive under pressure and adapt to constant change.
Some of these lessons have proven universal, whether I’m preparing for a competition or just another day at work:
Rhythm is the key: Every runner knows that the fastest kilometer is not the first. If you start running too fast, you will tire yourself before you reach the finish line. Cyber security is the same; It cannot be solved overnight with a single product or patch. Maintaining strong protection requires constant effort, regular patches and constant vigilance – this is how you get the best.
Beware of fatigue: When it comes to cybersecurity, exhaustion or complacency can open the door to breaches. Just like a long race, you have to encourage yourself to try harder, dig deeper, and constantly improve. The best cybersecurity leaders are those who continuously monitor and stay ahead of threat actors.
Decide who your cheerleaders are: Seeing a familiar face on the field or hearing strangers call my name on a bib always gives me a big boost.
Whether it’s my running club friends who train with me for hours, my husband who cooks nutritious meals to help me recover, or even the volunteers on race day, you can’t be successful without a community.
When I think of the mentors, managers and teammates who have taught and supported me throughout my career, I realize that my success is truly the sum of all its parts.
Train more people in your organization to become cybersecurity champions. The more cybersecurity can influence business decisions and the bigger the community we build, the safer we all become.
The goal is not the end: Even after crossing the finish line, recovery and reflection are still part of the marathon process.
In cyber security, post-incident analysis and improvement are critical to maintaining resilience. And like marathon runners with their eyes always on the next race, cyber leaders must continue to expand and adapt their defense methods, especially as the threat landscape continues to rapidly evolve.
Running has taught me that there is no finish line, only the next race, the next challenge, and the next opportunity to get stronger. The situation is similar with cyber security.
Each project and lesson determines how we will react when the next step comes. Looking at both the marathon and cybersecurity, we realize that resilience comes not from a single moment of triumph, but from the quiet, steady work we do day after day.
Whether you’re on the road or at work, progress comes in the form of consistent miles, patience and persistence. If we continue with this mindset—which drives us to be present even when it’s hard—there are no limits to what we can achieve.
