vege -

Investment in neurodiverse talent a win-win for security

Current careers guidance and recruitment processes for security jobs are not working for people with ADHD, autism, dyslexia and dyspraxia, but the problem is fixable with a little attention to detail

Employers are missing out on a large pool of potential cyber security talent by failing to take account of the needs of neurodiverse people with conditions such as attention deficit hyperactivity disorder (ADHD), autism, dyslexia and dyspraxia, according to security accreditation and testing body Crest.

In its report, Neurodiversity in the workplace, Crest argues that both the careers advice and guidance, and the overall recruitment processes are not well-tailored for neurodiverse people, but says that with a little creative thinking they can easily become more inclusive.

“As a society, we’ve put great emphasis on literacy, numeracy, concentration and social interaction in terms of fundamental skills for the workplace, but the tide is turning as employers recognise they cannot afford to ignore large and previously untapped reservoirs of talent,” said Ian Glover, president of Crest.

“Embracing a workplace that offers different thinking styles and approaches to problem solving and innovation can thrive simply makes good business sense.”

However, the Crest report stresses that neurodiversity strategies should go beyond one-size-fits-all initiatives and, as a result, employers and recruiters need to change their thinking and adopt a more bespoke approach, which includes listening to neurodiverse people about their needs and how they prefer to work.

It is thought about 10% of the UK population is neurodiverse to some extent, and the link between neurological conditions and high-performance in technical roles has long been acknowledged, especially in security – GCHQ, for example, is one of the largest employers of autistic people in the country, while the National Crime Agency (NCA) assesses that some teenagers with autism are at risk of grooming by cyber criminal gangs.

The report goes on to lay out some of the skills that neurodiverse people bring to cyber security work. For example, people with ADHD often hyperfocus on certain passions, interests or working very intensely, a restlessness that can translate into a desire to explore uncharted terrain and calculated risk-taking, something that is clearly beneficial in threat research, for example.

Equally, and subject to investment in an appropriate work environment and training, people with autism can be a great asset to security organisations. They are often very methodological and detail-oriented, with a high degree of focus and integrity, absorbing large amounts of information and memorising it, taking pleasure in complex tasks and pattern recognition, and naturally spotting minute details that don’t seem quite right – again, a desirable set of skills in security roles.

Crest’s report goes on to explore how employers can rework their recruitment processes to bring neurodiverse people into security roles.

Its guidance suggests organisations begin by investing in neurodiversity as part of their brand. For example, it is worth producing case studies on how neurodiverse people have met with success within the organisation, which can help attract people who fearing the worst, might otherwise not bother to apply for roles.

For the recruitment process specifically, job descriptions should be inclusive, clear and precise. It should be easy for people to identify the core skills requirements and expectations and include a diversity and inclusion statement. During the process, plentiful opportunities should be provided for candidates to disclose their neurodiverse status if they wish.

For people with ADHD, employers should recognise that they may appear distracted or impatient in interviews, or give the impression they have become jaded during the process of writing an application statement. People with autism, meanwhile, may benefit from a more empathetic interview style that is not biased, for example, against different social skills sets, lack of eye contact, anxiety, or unconventional body language.

The full report, including further guidance on recruitment processes and building a workplace that fits the needs of neurodiverse people, can be downloaded from Crest’s website, along with similar reports covering topics such as gender diversity and physical disability.

Read more about IT recruitment, jobs and skills

  • Adults in the UK are becoming increasingly interested in digital skills, with over 80% saying they will become even more important over the next year.
  • IT is facing renewed scrutiny into its lack of diversity. Explore the unique barriers minorities in cyber security face and why hiring approaches are ill-equipped to address them.
  • Coding bootcamp operators must actively engage with issues of access, diversity and inclusion if they want to stop reproducing the same gendered, racialised and class-based outcomes the tech sector keeps promising to address.

Read more on Security policy and user awareness

Data Center
Data Management