enterprisesecuritymag

Neurodiversity: The Untapped Potential in Cybersecurity

Craig Froelich (CISO) at Bank of America

Craig Froelich (CISO) at Bank of America

In the real-time cybersecurity race, having different, concurrent approaches and unique talents to spot patterns can make the difference between winning and losing. Neurodiversity, an umbrella term for many different conditions including dyslexia, ADHD, and autism, can be the key to harnessing the untapped potential in the cybersecurity space. An inclusive work culture where neurodivergent individuals are accepted, understood, and celebrated is the need of the hour!

In cybersecurity, we face a dynamic set of problems every day. So we have to develop the skills to anticipate adversary threats long before they are at our doorstep. Looking at a problem from all different angles with a diverse and inclusive team is essential for success. Neurodivergent individuals have an extraordinary ability to see patterns, and their information processing skills are highly advanced. In the long run, neurodivergent individuals will have a more significant advantage in some areas to solve complex cybersecurity problems.

Understanding Neurodiversity

At Bank of America, my journey of incorporating neurodiversity started a few years ago during a casual conversation with my cybersecurity team. During these conversations, I realized that there were many people inside our organization who were neurodivergent. Still, they were not comfortable coming out and talking about their neurodiversity. And it was fascinating to note that these individuals were among those who gave us the most useful insights when it comes to cybersecurity. I quickly realized their untapped potential and understood the need to create an inclusive and flexible workplace for neurodivergent individuals.

There are four things that one should keep in mind when working with neurodivergent individuals. The first is, when developing a program around neurodiversity, understand that it should not be a “bolt on”. It should be incorporated into your diversity and inclusion efforts, and tie into your overall business strategy.

The second thing is adopting a learning approach. It is vital to form partnerships along the journey. Reaching out to nonprofits who specialize in this area or companies who are interested in building similar efforts can be a rewarding and educational experience. The third thing to keep in mind is to start identifying neurodivergent individuals within your organization. Assess and recognize their talents and the value they add to the organization. Also, explore the possibility of creating a potential pipeline for filling in highly qualified positions with the organization.

And the last is to recognize and work on creating workplace flexibility. Neurodivergent people require additional support in creating a wholesome environment to bolster their productivity. For example, they may need noise-canceling headphones or office spaces which have less traffic.

Redesigning a new workplace

Cybersecurity is a challenging career with its own technical space and language. It has various approaches and requires proven problem-solving skills, making it difficult for individuals to break into this market. So it is essential to create inclusiveness by providing a level playing field. It helps us bring more neurodivergent individuals to the table. In terms of employment, the recruitment processes need to change and be more specific, actionable, and tangible. After consultation with our partners, we devised a single hiring strategy, which involved rewriting job requisitions and conducting interviews for potential candidates. It helped bring neurodivergent people into our organization and allowed us to more easily hire other talented individuals who were not neurodivergent.

Unexplored Opportunities

Neurodivergent individuals are seen as different, but I think this difference makes them shine. There are a lot of specialized jobs for those who are neurodivergent. Cryptography is one of them. It is a highly technical, mathematically bound space and the insights that these individuals can provide in terms of cybersecurity are limitless. For example, we have a neurodivergent woman in our security team who is probably one of the world's best cryptographers. She is skilled in deep cryptography and can explain cryptography to an average individual with utmost ease. Although she is neurodivergent, she holds her neurodiversity as a badge of honor. Other jobs such as malware reverse engineering, artificial intelligence, machine learning, etc., are also fertile grounds for a neurodivergent individual.

Just do it

If you are wondering if the time spent on a program like I described will be worth it in the end, trust me, it will be. Neurodivergent individuals can be an asset to any organization, not just for cybersecurity. They just want to be heard and given the support and encouragement to bring their whole selves to the job so they can do their best work and help your organizationbe successful.

Weekly Brief