German security specialists advocate diversity and neurodiversity. Bitdefender study: 47% see neurodiversity as a strategy against skills shortages and blind spots. A comment from Liviu Arsene, Global Cybersecurity Researcher at Bitdefender.
There is no doubt: the shortage of IT security specialists and expertise is dramatic. According to a Bitdefender study, around three out of ten cybersecurity specialists in Germany predict a serious effect if the lack of cybersecurity expertise continues for another five years: 21% of German respondents say it will cause “serious disruptions”. Another 7% even say it will destroy companies. For the study, 513 cybersecurity and IT employees in Germany were interviewed as part of a large-scale international study.
Respondents advocate greater diversity
But there seems to be a way out: A high proportion of German respondents advocate greater diversity in IT security. This could both alleviate the shortage of skilled workers and ensure greater security through more sophisticated strategies. The statement "There is a lack of diversity in cybersecurity - and that is cause for concern", according to their own assessment, would have agreed 2015% in 47. Now, in 2020, with 54%, well over half of the participants agree with the statement. Seven in ten respondents (71%) believe there is a need for more diverse skills in cybersecurity.
Cybercriminal groups have always been heterogeneous
What is often overlooked: threat actors and cybercriminal groups have always been a heterogeneous bunch. If we take a look at some of the most prolific APT groups, such as Carbanak, we will find that they work across borders, that they are of different ethnic backgrounds, that they have different IT skills, and that they are likely to have different religious beliefs. It can be assumed that they are also mixed-gender. Cybercriminal groups have no rules about a university background, education, or application process.
Cyber security should obviously learn a little from cyber criminals in order to remain superior in the long term. Companies should be more open-minded when it comes to recruiting and look for people with unique talents. In this way, security teams can also use colleagues who may not be particularly technically qualified, but who can communicate excellently. It could be of great use in helping non-technical language achieve goals and gaining board approval for essential investments.
Neurodiversity against a shortage of skilled workers
Neurodiversity could play a special role in strengthening the defenses of companies. This means a stronger involvement of people in the autism spectrum or with dyslexia, dyspraxia, ADHD and other neurological peculiarities. Almost half of the German respondents (47%) believe that the cyber security sector should become more neurodiverse in the next five years.
Neeraj Suri, Professor of Cybersecurity at the University of Lancaster, explains the advantage of neurodiverse cybersecurity teams: “Any group that has the same understanding of a subject, be it because of their origins or the way they think about a particular subject , will make the same assumptions. The concept of neurodiversity is about people from different backgrounds looking at the same problem but interpreting it differently. "
Reveal false assumptions
Different skills and neurodiversity are rightly considered keys to improving cybersecurity defenses because they reveal blind spots and false assumptions. Organizations should become more flexible and open-minded in building security teams by looking for the individuals who can do the job best, rather than people who can fit into templates.
Directly to the “10 in 10” report at Bitdefender.com
About Bitdefender Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de