Defending the Defenders: How Cybermindz.org Is Tackling Burnout in Cybersecurity

Defending the Defenders: How Cybermindz.org Is Tackling Burnout in Cybersecurity

by Petar Vojinovic

 [This article is reposted from SafetyDetectives.]

In the high-stakes world of cybersecurity, burnout has become an invisible threat undermining the mental resilience of those protecting our digital frontlines. Founded in 2022 by Peter Coroneos, Cybermindz.org emerged from a deep personal and professional reckoning: the realization that the minds behind the systems were being neglected. With a unique blend of neuroscience, lived experience, and mission-driven innovation, the organization is pioneering a new era of cyber defense—one where mental readiness is as critical as technical skill. Petar from SafetyDetectives sat down with Peter to explore the origins, evolution, and impact of Cybermindz.org.

Can you share the story behind the founding of Cybermindz.org and how the organization has grown and evolved over time?

Cybermindz.org was founded in 2022 after I realized the mental health of cybersecurity professionals was being overlooked, despite the critical role they play in protecting national infrastructure, private data and public trust.

“I was tired of seeing my colleagues in cyber burning out. We’d been talking about the problem of burnout for years, but nothing was really shifting. The pandemic was making things worse as the attack tempo increased, and I realized we had to move beyond the conversation and start doing something that actually helped people recover, regain purpose and remain physically, mentally and emotionally available to support the mission.

Cybermindz Founder, Peter Coroneos 

I was seeing the deeper impacts of cyber incidents on the teams involved—the trauma, the sleeplessness, the heavy burden of personal responsibility. I was seeing CISOs feeling powerless to support their teams. All of it was contributing to a decline in self-worth, and even post-incident skills loss at a time when talent was already in short supply and attacks were intensifying.

It was clear to me that doing nothing was not an option and that our collective security was only as good as the minds behind the tech tools, those minds belonging to the selfless workers who spend day and night keeping critical systems and national infrastructure secure.

There was growing awareness that burnout was a problem in the industry. But for me, awareness alone wasn’t enough. We needed real, measurable, practical interventions that could actually move the needle on mental resilience and restoration. We needed something that worked not just in theory, but in the gritty, consequence-laden trenches of cyber defense.

The idea for Cybermindz came from a very personal place.

I’ve been engaged in self-development and meditation practice for decades. These had been my own survival tools in high-profile and high-stress roles. Through my own experience and my studies in neuroscience, I’d come to see the potency and indeed necessity of mental self-care. With over 25 years in cyber leadership roles—advocating and steering policy, legislation, industry best practice, and user empowerment—my background gave me insight into both the psychological demands of the industry and the need for tools that could help restore resilience.

I was fortunate during COVID to have the opportunity to study with Dr Richard Miller, a globally recognized mental health pioneer who’d brought his groundbreaking Integrative Restoration or iRest® protocol into the US military in 2004 to treat traumatized veterans returning from Iraq and Afghanistan. When I asked if it had ever been used in cybersecurity, he simply said, “No.” That was the moment I realized what we needed to do.

We needed to bring this neuroscience-based, field-tested mental health tool into cyber and start reversing the burnout, stress, anxiety, and the emotional toll of our peers. We began with a pilot using the iRest® protocol. Then another, and then more. The early results were promising: clear, measurable reductions in stress and burnout—even among elite teams working under intense pressure. That’s when I knew we were onto something.

Since then, Cybermindz has evolved into a not-for-profit with global reach. We’ve delivered programs to major enterprises, defense contractors, healthcare systems, and government agencies across Australia, the US, Europe, and beyond. Along the way, we’ve developed a suite of offerings—BaseCamp™, RapidReset™, SteadyShields™, and CISOSupport™—each designed to support cyber professionals at different layers of challenge and responsibility.

We’ve also conducted original academic research into burnout in the cyber sector. Led by Dr Andrew Reeves, our cyber-specialist advisor in organizational and behavioral psychology, one of our first studies made international headlines when it revealed that cyber professionals were burning out faster than frontline healthcare workers—particularly on the burnout dimension most predictive of resignation. Our second study on sleep showed clear evidence of a profession lacking in regular, basic restorative rest—significantly below the adult population norm. Not that surprising when we see ‘inability to switch off’ and ‘overwhelm’ as recurrent themes in the profession.

As we enter our fourth year, we’re developing a deeper understanding of role-specific stressors within cyber and tailoring interventions that speak directly to a host of cognitive and emotional burnout drivers. We are also embarking on the first longitudinal study mapping burnout against a decline in operational performance of security operations teams, as we continue to roll out our preventative and restorative programs to major organizations and institutions.

At its core, Cybermindz is not about wellness—it’s about operational readiness.

We exist to advance a laser-focused, strategic imperative: to ‘Defend the Defenders’ as we say, because behind every threat response, every system safeguard and every mission-critical decision is a human mind under pressure.

What inspired its mission to support mental health in cybersecurity?

The mission of Cybermindz emerged not from abstract concern, but from an urgent operational reality: that the cognitive and emotional load carried by cyber professionals directly affects performance, decision-making and system security.

We saw a clear gap—while the sector has invested heavily in technical solutions, it has largely neglected the optimization of the human element. Mental health has too often been treated as a side issue or individual problem, when in fact it’s a systemic and organizational risk factor—and strategic lever.

We realized early on that there is a business case for ensuring defenders are mentally agile, emotionally stable, and physically capable of maintaining high performance in sustained threat environments. When you strengthen the human layer, you strengthen the whole system. We see optimizing human performance under pressure as a risk reduction measure, every bit as important as network or data risk management.

What results have you seen from implementing the iRest® protocol with cyber teams?

On the data side, participants report significant reductions in symptoms of stress, anxiety, and burnout across multiple measures. Our pre/post psychometric assessments show positive shifts in resilience, sleep quality, and emotional regulation. The first 12 pilot programs showed an average reduction in stress of over 27% across ten stress metrics in just eight weeks.

On the qualitative side, we’ve heard from analysts and CISOs alike who report such changes as:

“This gave me my clarity back. I’m now making better decisions.”

“It was the first time I felt I could switch off in months.”

The iRest® protocol developed by clinical psychologist Dr Richard Miller and applied for over 20 years in the defense sector, is particularly well suited to cyber teams because it requires no special posture, belief system, or prior experience. It works at the level of the nervous system—supporting restoration, regulation, and focus. That’s what makes it effective in fast-paced, high-consequence environments. The fact that measurement and pre/post assessments mean we can demonstrate a clear uplift in human resilience factors that map directly to performance and reduced burnout risk, while simultaneously supporting individual wellbeing.

What unique challenges do cybersecurity professionals face when it comes to burnout and resilience?

Cybersecurity professionals operate in a perpetual conflict footing—asymmetric threats, constant alertness, lack of off-switch and fear of blame in the event of a breach.

Add to that under-resourced teams, poor work-life boundaries and a stigma around vulnerability and you have the perfect conditions for chronic burnout. Chronic unmanaged stress, often compounded by cultural factors in the workplace, is driving unsustainable levels of burnout in our profession.

We’ve identified core themes such as:

  • Anticipatory stress: waiting for the next incident
  • Cognitive overload: managing constant alerts and multitasking
  • Hyper-responsibility: feeling personally accountable for systemic risk
  • Emotional exhaustion: often hidden behind professionalism
  • Imposter syndrome: never feeling good enough (because success in cyber is largely invisible).

Traditional EAPs and wellness offerings don’t meet these needs. They are underutilized, stigmatized, and not measured… and usually too late. That is why it’s fundamental to our approach that programs are tailored for engagement, speak to cyber people in their language, respect their roles and offer practical, evidence-based solutions that fit within their demanding lives.

How do your programs adapt across different sectors like healthcare, education, and government?

While the underlying protocol is grounded in universal human neurobiology, its delivery is contextually tuned to meet the specific demands and stress dynamics of each sector. We don’t offer a one-size-fits-all approach—our strength lies in understanding how stress manifests differently in distinct operational environments. It is important to recognize that the iRest protocol is designed to configure to the needs of the individual in the moment, whatever their stressor is. It may be emotional, cognitive, belief-based or simply stemming from exhaustion.

Where it is clear there are context-specific stressors, then we theme our delivery according to the needs of the people we work with.

In healthcare, for example, we address the emotional toll of high-stakes care, the impact of shift work on sleep and cognition and the effects of moral burden. In education, our work supports digital wellbeing leaders and school system IT teams who face increasing cyber pressure with limited resources. In government and defense, we tailor our programs to support sustained vigilance, threat fatigue and resilience under mission-critical conditions.

We achieve this by adapting our language, case studies and delivery style—not the science—so that participants feel seen and understood within their own operating culture. Each program also offers optional mentoring and role-specific support, making the experience both relevant and actionable.

Ultimately, our goal is to make the protocol land where it matters—at the point of lived experience—without losing fidelity to what we know works.

What kind of partners or supporters is Cybermindz currently looking to collaborate with?

Cybermindz’ ambitious vision goes well beyond providing effective resilience training—we’re catalyzing a global movement to humanize the frontline of digital defense.

To further that end, we’re seeking partnerships across four areas:

  1. Strategic Delivery Partners – organizations (like vendors, MSSPs or consultancies) that want to bring human resilience into client engagements and move beyond merely pitching technology to building deeper relationships with the community they serve. Vendor fatigue is a real thing and, in fact, a CISO stress driver in its own right. By authentically engaging on a common industry concern, we can have the conversation with security practitioners at the level to which they are most receptive and can also provide an avenue for our vendor-partner to have a later discussion around the technology.
  2. Funders & Sponsors – philanthropic, corporate or government entities interested in measurable impact in mental health, workforce resilience or cyber defense. As a non-profit, we seek donations and support for our research and program development work. The more resources we have, the greater the impact we can make on individual, organizational and ultimately societal cyber resilience.
  3. Research Collaborators – universities, think tanks or agencies looking to deepen the evidence base for mental resilience in high-stakes digital work. We offer research partnerships to organizations and tech companies who are genuinely interested in furthering our understanding of factors that are impacting our human level (ie. neurologically based) resilience.
  4. Sector Champions – individuals and leaders willing to advocate for a more humane approach to cyber and help shift culture from within. We have a CISO advisory council in the making which will serve as a two-way interface from practitioners in cyber to our mental health experts so we can continue to develop programs and conduct research of the highest actionable value.

About the Author

Petar is a passionate cybersecurity writer with a deep curiosity for how digital systems work—and how to keep them safe. With a keen interest in everything from ethical hacking and malware analysis to privacy tools and emerging threats, Petar turns complex security topics into clear, actionable insights. He’s dedicated to helping individuals and businesses stay informed, protected, and ahead of the ever-evolving cybersecurity landscape. When he’s not writing, you’ll find him exploring new security tools, testing VPNs, or digging into the latest data breach reports.

Back to blog