Original Broadcast Date: 12/21/25

Francis Rose is joined by Jothi Dugar, Chief Information Security Officer of Center for IT at the National Institutes of Health, to discuss how agencies can support cyber professionals working in one of government’s most demanding and high-pressure environments.

Dugar begins by emphasizing the importance of honesty and transparency when bringing people into cybersecurity roles. She explains that cybersecurity is defined by constant uncertainty and disruption, and leaders should not present it as a calm or predictable field. Adversaries do not pause for vacations or personal time, and crises are inevitable. Setting realistic expectations, she says, helps build trust and prepares staff for the realities of the job.

She stresses that meaningful change starts with leadership. Dugar believes leaders must demonstrate genuine care for people, not just for the tasks they perform. Rather than viewing employees solely through the lens of job functions, she encourages leaders to understand what motivates their teams, recognize individual strengths, and support overall well-being. From her perspective, this human-centered approach strengthens both morale and mission performance.

A central theme of the discussion is “cyber wellness,” a concept Dugar uses to describe the need to integrate emotional and mental well-being into cybersecurity operations. She argues that wellness should not be optional, particularly in a field that is always on, highly visible during crises, and often taken for granted when systems are running smoothly. Security operations center analysts and other frontline cyber staff face constant alerts and high stress, which can lead to fatigue and burnout if not addressed.

Dugar explains that emotional stress has real consequences. She notes that prolonged emotional strain can affect the body in ways similar to physical illness, and ignoring these signals can lead to longer-term health issues. Because of this, she believes leaders must operationalize wellness in the same way they operationalize security controls or incident response processes.

She offers practical examples of how leaders can support wellness without relying on complex tools or new infrastructure. Simple actions—such as starting meetings with a brief mindful moment, a breathing exercise, or a quick personal check-in—can help create a sense of calm and psychological safety. These small practices encourage people to feel comfortable, present, and supported, which matters when high-pressure situations arise.

When crises occur, Dugar explains that people naturally enter a fight, flight, or freeze response. In these moments, teams often react out of fear rather than clarity. She encourages leaders and staff to pause, step away briefly, and introduce physical movement, even for 30 seconds to a minute. She believes that movement helps regulate emotions and clears the mind, allowing individuals to return to problems with a more thoughtful and effective response.

The conversation also highlights the importance of readiness and performance under pressure. Dugar says teams that practice stress management techniques are better equipped to handle incidents because they are more responsive and less reactive. This approach applies not only to cybersecurity events, but also to challenges at work and at home.

Dugar identifies accessibility and approachability as critical leadership traits in cyber organizations. She notes that cybersecurity professionals are often connected to technology 24/7, which increases stress and fatigue. Leaders who remain distant or unapproachable can unintentionally amplify these pressures. To counter this, Dugar makes a point of walking around, talking with staff, and creating listening hours where employees can share feedback without judgment.

She emphasizes that listening alone is not enough. Leaders must act on what they hear and demonstrate that employee feedback leads to meaningful change. This follow-through builds trust and reinforces the idea that leadership genuinely cares about the well-being of its people.

Toward the end of the discussion, Rose observes that many of these practices do not require new tools or budgets—only awareness and intention. Dugar agrees, pointing to leadership consciousness as the key driver of culture change. She reflects on how small moments of encouragement or guidance from leaders can have long-lasting impacts on individuals’ careers and lives.

The conversation closes with a clear message: strong cybersecurity is not built solely on technology, controls, or infrastructure. It is built on people who feel supported, heard, and prepared. By prioritizing wellness, authenticity, and human connection, federal cyber leaders can strengthen resilience, improve performance, and better protect their organizations in an increasingly complex threat environment.