The neurodiversity opportunity in cyber security -TEISS® : Cracking Cyber Security
Vendor View: James Hadley, CEO of Immersive Labs shows us how considering neurodivergent individuals for employment in a cyber security role can reveal a hidden pool of talent.
The cyber skills shortage is the industry’s worst kept secret. Day in and day out we see news stories, panel discussions and conferences that highlight the issue as we embark on a mission to try and resolve what is sure to be a huge problem for years to come.
Of course, organisations across the world have every reason to be concerned about the skills gap, as the threat landscape continues to diversify, and the number of security incidents grows every year. The thought of workforces not having the expertise to deal with the increasing risk cybercrime poses is worrying. Cybercrime is a big business, and with more people operating connected devices and living an ‘online’ life every day, the threat shows no sign of slowing down.
To combat the skills gap, the industry ideally needs to attract and retain large numbers of skilled, trained and properly educated individuals – this is inescapable. This does not, however, mean traditional recruitment methods are the answer. By moving away from the standard computer science graduates, employers can look for individuals with practical skills and other characteristics that make them ideal for the job. By removing degree-focused limitations, the industry can begin to not only expand, but also diversify their workforce.
One way to do this is by tapping into under realised pools of talent, such as considering neurodivergent individuals for employment in a cyber security role. Individuals with neurodiverse conditions, such as those on the autistic spectrum, often have a completely different skill set to those seen to be neurologically typical.
For instance, they often approach problem solving in a different way; their technical thinking is often more structured with greater attention to detail, thus enabling them to excel in subjects like maths. As analysis and the mathematical side of cyber security can often be incredibly complex, this immediately gives them an edge over others – something that could be hugely beneficial in an industry where threats are constantly evolving.
Although neurodivergent individuals often excel academically, they can also face unique challenges when it comes to interpersonal communication. The prospect of applying and following through with the recruitment process can be particularly daunting.
Traditionally, when recruiting for roles in the field, organisations ask for criteria including complex and lengthy job specifications or requiring specific degrees, which are non-essential if the individual is skilled. By removing this from the process, organisations can begin to appeal to – and more importantly, start a dialogue with – a group in society that is often overlooked, thus already beginning to close their internal skills gap.
For example, Immersive Labs was recently awarded a grant as part of the Cyber Skills Immediate Impact Fund from the Department for Digital, Culture, Media & Sport (DCMS) to create a Neurodivergent Digital Cyber Academy as part of the ongoing effort to bridge the cyber skills gap.
The Digital Cyber Academy (DCA) for neurodivergent individuals is designed to help them upskill, develop knowledge and hone technical skills required for a career in cyber security. In their own time and at their own pace, individuals can complete labs in a browser-based environment; and once they achieve certain badges, they can apply for jobs with corporate sponsors of the academy based on these demonstrable skills. The DCA hosts over 250 labs on the platform, challenging those everyone from novice to expert. And as they climb the leaderboard, more jobs are unlocked.
By ensuring the recruitment process is inclusive of neurodivergent groups, organisations can begin to diversify their workforce and build upon their cyber security skills. Approximately 700,000 people in the UK are on the autistic spectrum, and it is believed ¾ could possess the skill set for a career in cyber security.
With the skills gap predicted to grow to 1.5million globally by 2019, it not only makes business sense to tap into this talent pool, but as an industry we should embrace the chance to diversify. Ultimately, it is up to us to give these talented individuals the start they need.