3 minute read
NEURODIVERSITY IN CYBER SECURITY: TIME TO THINK DIFFERENTLY
by Ricki Burke , Founder at CyberSec People
In the rapid changing world of cyber security we're always hunting for fresh perspectives, new solutions and innovation. These fresh perspectives are not just nice-to-haves; they're the lifeblood of progress. The diverse population of our society holds the key to this necessary innovation, and among this population, neurodiverse people are an untapped gold mine.
According to the National Symposium on Neurodiversity, up to one in seven people are neurodiverse, along what is known as the 'neurodiversity spectrum'. This spectrum spans Autism Spectrum Disorder (ASD), Attention Deficit Hyperactivity Disorder (ADHD), Dyslexia, Tourette Syndrome and other conditions. Yet, despite their prevalence, employment rates for neurodiverse individuals are staggeringly low. The National Autistic Society in the UK, for example, states that only 22 percent of autistic adults are in any kind of employment. This, to put it plainly, is a huge waste of potential.
Last year, at the AISA Australia Cyber Conference in Melbourne, I had the privilege of running a careers village. One session that struck a chord with attendees was a panel on neurodiversity in cyber security. This was the last session of the day yet the most attended of the career village. The panel was open and engaging and provided a platform for participants to share their experiences. There was a definite buzz suggesting that, not only do roles in the industry play to the strengths of neurodiverse folk, but we absolutely need their unique viewpoints.
CYBER SECURITY NEEDS NEURODIVERSITY
Why is neurodiversity important for cyber security? Well, these conditions, often seen as impairments, can also give those affected by them a unique lens through which to view the world, thereby bringing novel ideas to the table. People with ADHD, for example, often display exceptional creativity and 'out of the box' thinking — skills that are invaluable when trying to anticipate cyber threats. Similarly, individuals with ASD can have outstanding attention to detail and a high tolerance for repetitive tasks, making them excellent candidates for roles requiring deep dive analysis or extensive coding.
However, acknowledging the value of neurodiverse talent is not sufficient. As an industry we need to make cyber security an inviting place for these individuals. Creating a truly inclusive workplace requires more than just acknowledging diversity or making room for it. It requires conscious effort and initiative to make neurodiverse individuals feel welcomed, accepted and valued for their unique contributions.
Acceptance of neurodiversity needs to start with recruitment. Unfortunately, traditional recruitment practices are often unsuitable for neurodiverse individuals who might struggle with a requirement to submit a formatted CV and with formal interviews, or feel discouraged by the mere thought of disclosing their condition. The problem is not their ability or potential; it's how we have structured our recruitment processes. Thus, we must redesign these to be more accommodating and less intimidating. For example, we could consider skills based tests or trial periods instead of traditional interviews.
Catering For Neurodiverse Employees
But inclusion does not stop with recruitment. Employers should also aim to provide neurodiverse employees with a comfortable working environment. This could mean offering flexible working hours, allowing remote work, providing noise cancelling headphones or creating quiet zones within the office. Furthermore, fostering a culture of acceptance and understanding among all employees is crucial to ensure everyone feels valued and respected.
Companies need to be more open about their efforts to create supportive environments. It is all well and good to have these measures in place, but if they need to be communicated internally, how will potential neurodiverse candidates know their organisation is a safe space for them?
Neurodiversity is not a limitation but a reservoir of untapped potential. With thoughtful changes to our recruitment and work practices we can create a more inclusive and diverse cyber security industry thereby reaping the benefits of these unique perspectives. It is time we recognised the power of neurodiversity. Not only would such recognition significantly boost our cyber security arsenal, it would also pave the way for more inclusive practices across other sectors.
Recognising the power of neurodiversity would also foster a workplace culture that includes and cherishes neurodiverse individuals. We would build a workforce that genuinely reflects the diversity of our community and contributes to our future resilience and success. A concerted effort from all stakeholders — industry, academia and the community — is needed to bridge the gap between rhetoric and reality to make cyber security a truly welcoming field for all.
It is important not only to safeguard our systems well but also to value each individual contributing to that security. By integrating neurodiverse talent into our ranks, we are not only doing the right thing, we are doing the smart thing. www.linkedin.com/in/cybersecricki
