Cyber Security Needs Workers Who Are 'Neuro Diverse'
A British Governmment Survey finds that a high proportion of UK businesses lack staff with the technical, incident response and governance skills needed to manage their cyber security, with nearly half of all UK businesses reporting a basic cyber skills gap.
In the cyber security sector, almost 70%% of businesses attemped to recruit suitable candidadtes in the last three years, with 35% of vacancies considered as ‘hard to fill’. Of these just over a third wrere entry level roles. The most common reason why roles are considered ‘hard to fill’ is that candidates lack both technical skills and the quality of neuro diversity,
Neurodiversity refers to the different ways the brain can work and interpret information. It highlights that people naturally think about things differently. We have different interests and motivations and are naturally better at some things and poorer at others.
In the cyber security sector some neuro diverse traits are seen as strengths and these include being logical and methodical, cognitive pattern recognition, ‘outside the box’ thinking, attention to detail, reliability, loyalty, integrity and being task focused, which in some other settings might be considered very mild forms of learning disorder.
Some firms have taken extensive measures to support neuro diverse employees, including giving colleagues with autism ongoing training on how to manage relationships with line managers and hiring a welfare officer to assist with employee wellbeing. These initiatives were regarded as highly successful, and the firms felt that it was far more innovative as a result of its diverse workforce.
A third of UK businesses think they need to hire people with advanced technical cyber skills, including penetration testing, forensic analysis, security architecture/engineering, threat intelligence, interpreting malicious code and user monitoring. The most in-demand cyber security roles in the UK market include IT Security Specialist (average salary £46,000 / $ 57,000), Security Engineer (average salary £32,000 / $40,000) and Information Security Analyst (average salary £40,000 / $50,000).
These roles are suitable to those with a talent for IT in general and a desire and willingness to learn more about cyber security. For those without a cyber specific qualification, a great way to start is to do an apprenticeship in IT. There are many different types of IT apprenticeships available in hardware, network, cloud and infrastructure, software development, analysis and of course, cyber security. There are also apprenticeships in digital marketing and sales which are also vital to support the IT industry.
All of the apprenticeships are at a range of levels and are suitable to learners of all ages from school leavers through to more experienced professionals looking to enhance their experience. Apprenticeships also benefit people who have often not flourished in more traditional education.
Across the cyber sector, 9% of employees have neuro diverse conditions or learning disorders (the definition includes autism, Asperger syndrome, dyslexia, dyspraxia and ADHD).
Of the near 70% of cyber firms that have tried to recruit people in the last three years, 16% say that they have adapted their recruitment processes, or carried out specific activities to encourage applications from people with neuro diverse conditions or learning disorders.
Amongst some employers, there is a sense that diverse cyber teams would benefit from new ways of thinking and problem solving, which could lead to greater productivity and innovation. For example, one highlighted that cyber teams needed to match the diversity of those carrying out cyber attacks. Cyber security analysts help to protect an organisation by employing a range of technologies and processes to prevent, detect and manage cyber threats. This can include protection of computers, data, networks and programmes. Job titles vary and may include information security analyst, security analyst, information security consultant, security operations centre (SOC) analyst and cyber intelligence analyst.
In the UK there are geographic hotspots of activity in the cyber security labour market, which include London, Edinburgh and Belfast, as well as parts of the West Midlands including the Malvern area in Worcestershire and the South West, such as Bristol, Cheltenham and wider Gloucestershire.
While technical skills and qualifications are important, so is having the right mindset and good security analysts need to be innovative and be able to think like a creative hacker.
As the skills gap widens in almost every sector of IT, but especially cyber security, the industry will need to find new and innovative ways to both train and attract new and diverse talent from every area of society. Schools, universities and training providers need to give young people and training recipients a holistic cyber skillset, covering the relevant technical skills and soft skills that employers demand, and the ability to implement those skills in a business context.
You Might Also Read: