Worklife News | BY OLIVER PICKUP | JANUARY 10, 2023 | Cybersecurity | Cyber Liability Insurance
In an attempt to clamp down harder on the increased risk of cybersecurity threats to businesses, tech leaders are actively hiring neurodivergent people because of the strong problem-solving and analytical skills they can offer.
The neurodiversity spectrum is wide, ranging from attention deficit hyperactivity disorder (ADHD), dyslexia, dyspraxia, and Tourette syndrome, to autism and bipolarity. But common characteristics of neurodivergent individuals – including pattern-spotting, creative insights, and visual-spatial thinking – are finally being realized, not least in the cyber security sector.
Holly Foxcroft, head of neurodiversity in cyber research and consulting at professional search firm London-centered Stott and May Consulting, said that neurodivergent individuals have “spiky profiles.” Foxcroft, who is neurodivergent herself, explained that these visual representations highlight the strengths and areas needed for development or support. “Neurodivergent profiles show that individuals perform highly in areas where neurotypicals have a consistent and moderate line,” she said.
The areas in which neurodivergent individuals have “exceeded skill” include high-level problem-solving, creative “out-the-box” thinking, hyper-focusing, and pattern spotting. “These are much-needed attributes and skills in cybersecurity,” added Foxcroft.
Unique skills for unknown unknowns
Perry Carpenter, chief evangelist and strategy officer at KnowBe4, a global cybersecurity awareness platform, said: “As someone on the autism spectrum, I’m very encouraged by the efforts of the security community to recruit neurodivergent employees actively.”
The resident of Little Rock, Arkansas, is proud his work community is leading the way. He said these recruitment efforts mark an essential step in helping to overcome some of the ”inherent stigmas” associated with neurodivergence. However, Carpenter also warned against yet more generalizing “Just because someone is neurodiverse doesn’t mean that they will naturally be great coders or analysts. We don’t want to create new stereotypes.”
Perry Carpenter, chief evangelist and strategy officer at KnowBe4.
KnowBe4’s Carpenter listed the main reasons cybersecurity leaders are “actively recruiting” neurodivergent staff. First, the community understands more than most that “unique individuals” can offer “unique skills” suited to cybersecurity. Different ways of thinking are critical in the fight against cybercriminals, who also know the benefits of employing innovators. “Our adversaries are not universally neurotypical, so it makes sense for us to have a defensive force that is also diverse and representative of their thinking patterns and skillsets,” said Carpenter.
Whether “hyper-focused” or offering out-of-the-box thinking, neurodivergent workers enable “teams to continually grind data, identify patterns, or find solutions to complex problems that someone else might miss,” according to Carpenter.
Paul Baird, the chief technical security officer in the U.K. for cybersecurity firm Qualys, built on this theme. “If you have a neurodiverse team, they will react differently when a problem arises,” he said. “The alternative is that you have a cookie-cutter approach to security where every problem gets handled the same way each time.”
The latter strategy struggles with unknown unknowns or unexpected events. “At that point, you need people with multiple views and backgrounds to solve these problems effectively,” Baird added.