MHinCS Foundation Charter
Links to Other Mental Health Foundation Pages
Awareness Level Charter text
The standard text to be used for the Level 1 Charter is:
“As an organisation we recognise that:
- Effective cyber security is fundamental to supporting successful business outcomes;
- cyber security resilience is critical in protecting all organisations;
- The delivery of sustained, effective cyber security of an organisation relies in part on the resilience of its cyber security teams and leaders;
- cyber security teams operate in a relentless high-pressure environment;
- stress, burnout and the deteriorating mental health of cyber security professionals is a real threat to the cyber security industry and the organisations they serve;
- investing in the effective management of mental wellbeing within cyber security teams can help address this threat.
In response we will:
- promote our signatory to this Charter to key stakeholders;
- raise awareness at all relevant decision-making levels (including HR and recruitment);
- foster an environment of understanding, openness and transparency for all staff when experiencing feelings of stress / burnout or are becoming / have become mentally unwell;
- monitor practices which lead to stress / burnout in the short term and impact mental wellbeing in the longer term and take steps to control and ultimately reduce them.”
The text following the above standard text will be any specific Pledges made by the organisation, and because the Pledges need to be relevant to the business of the organisation and what it wants to commit to, we have provided several examples below.
The examples provided below are for:
- Enterprises (who employers of cyber security professionals),
- Recruiters (who place cyber security professionals into roles);
- Professional / Certification Bodies (who set the professional working standards of cyber security professionals);
- Industry Bodies (who set the technical standards of operation for cyber security professionals);
- Event Organisers (who bring cyber security professionals together to share knowledge and information);
- Cyber Security Wellbeing Providers (who are providing services to enterprises and individual cyber security professionals).
Enterprise Pledge Example
In addition to the above, we will take the following actions:
- Actively promote the Charter
- establish a system to enable us to help affected staff in a timely and effective manner
- support security leaders in creating tailored working practices for teams / individuals that help to manage stressful situations
- establish open effective communication with cyber security teams, with a focus on long-term mental wellbeing
MHinCS Foundation Content
How Do We Sign-up to the Charter
Professional Body Pledge Example
In addition to the above, we will take the following actions:
- Promote the Charter
- Encourage all Fellows, Members and Associates of the body adopt the Charter
- Review our “products” (Bodies of Knowledge, Certification, etc.) to ensure they adequately address the ambitions of this Charter
Industry Body Pledge Example
In addition to the above, we will take the following actions:
- Promote the Charter
- Encourage all Fellows, Members and Associates of the body adopt the Charter
- Review our “products” (Bodies of Knowledge, Certification, etc.) to ensure they adequately address the ambitions of this Charter
Recruiter Pledge Example
In addition to the above, we will take the following actions:
- Actively promote the Charter to enterprise clients, to adopt the Charter
- Encourage enterprise clients to implement the principals of the Charter and safeguard the mental health of their cyber security teams
- Encourage enterprise clients to create and respect a working environment of openness and transparency for staff who feel negatively stressed, are near burnout and/or those who are having mental wellness issues. Encourage support in these areas, as per the Charter.
- Assist enterprise clients to ensure they recognise and identify (with full transparency) the roles, teams and environments that might present higher levels of stress and risk of burnout than others, within their organisations.
- Encourage employers to clarify in advance of starting hiring processes, the roles, teams and environments which might present higher levels of stress and risk of burnout than others, within their organisations, with full transparency
- Ensure (with the best of available knowledge) full transparency with candidates who have left or are leaving roles due to stress, on the realistic environment of a new opportunity, where the new opportunity, role and environment is a high-stress environment.
Consult and guide the candidate as to whether the next environment is a beneficial place to join for the candidate’s current needs. Allow the candidate to choose if they would like to be represented in application or not personally. - Aim to work to deliver a non-discriminatory culture in relation to stress and transparency between organisations and candidates.
- We will establish a monitoring system to enable us to consider how we can help more effectively
- Ensure that the quality talent pool is not being eroded due to stress, burnout or mental health, flag and discuss any identifiable issues to the market.
Event Organiser Pledge Example
In addition to the above, we will take the following actions:
- Promote the Charter at Cyber Security related events
- Take steps to encourage the inclusion of sessions that cover and discuss the issue of “Stress, burnout and the mental health of cyber security professionals as a cyber threat issue
- Where possible encourage open discussion on this topic for all levels of cyber security professionals, signposting to relevant support, guidance and the Foundation.
Service Provider Pledge Example
In addition to the above, we will take the following actions:
- Promote the Charter prominently in marketing
- Encourage clients to adopt the Charter
- Refine and amplify existing best practices around employee mental health and well-being that a client already has in place.
- We pledge to prioritize the well-being and mental health of every cyber professional during our work, recognizing that healthy and engaged individuals are fundamental to success.
- We commit to educating our clients on best practices and tools for fostering an environment of open communication, where employees feel empowered to express their thoughts, concerns, and ideas without fear of judgment.
- We embrace a culture of continuous learning and commit to teaching our clients best practices and tools for acknowledging that the ever-evolving landscape of cybersecurity requires us to adapt, share knowledge, and grow together as a cohesive unit.
- We pledge to practice perspective-taking and inclusivity and commit to teaching our clients best practices and tools for understanding that diverse perspectives strengthen our ability to address cybersecurity challenges and create innovative solutions.
- We commit to educating our clients best practices and tools for individuals—at all levels of an organization—to embrace ownership at an individual, team, and multi-team level, recognizing that each employee plays a crucial role in shared success.
- We are committed to providing clients with survey-based tools that value individual perceptions of the work environment, team dynamics, leadership behaviours, and personal experiences in the workplace.