The atypical population is truly gifted for hacking and cybersecurity. What is the relation between their brain structure and this gift? And why are Atypicals at the heart of innovation in cybersecurity?
The atypical brain is wired differently than the classic or “neurotypical” brain. If we look at a 3D scan of two brains, one atypical and one classic, the zone of the brain used for the same cognitive functions are widely different. Those with atypical brains are part of a population that includes Autistics, Aspergers, and High IQ, among others. We evaluate that population to be around 3% of the total population.
This difference in the way people physically apprehend and solve problems has a real impact on the solutions. For example, lots of innovations are born from distinctive brains. A study of the Silicon Valley, a place where an above-average number of innovations were discovered, shows an abnormal number of atypical brains, especially among the founders of start-ups.
This cognitive difference has a strong impact on the world of cyber defense and cybercriminals. Incidental proofs are in the number of famous hackers that are said to be on the spectrum (i.e. Atypical). If we think about the way software and architecture are created, we can understand the process in which cybercrime flourishes.
Software and architecture are built with contradictory goals: speed, price, quality, increased number of features, zero defects and, more recently, security. 'Secure by design' is new and based on the anticipation of an attack. The way a group of developers and architects anticipates problems is based on their brainstorming and the industry standard.
A group of cognitively similar brains will always have a “cognitive blind spot” – the response to a question is mostly based on their experience, raw intelligence and the way they solve problems cognitively. The brain will not be able to see, or easily see, some patterns or certain types of solutions or problems due to its own structure. Thus, the software/architecture created will have holes that are part of theses cognitive blind spots. The atypical brain, not having theses blind spots (but having others), will easily see these holes and, depending on the individual, will use them to penetrate systems.
The reason that most hackers are atypical is probably that the characteristics of a good hacker fit with the Atypical characteristics (obsession, gifted with technology, etc.) Moreover, their brain structure makes it easy for them to identify cracks in the system and makes them “naturals” to hack. It is possible that, in turn, their habitual social isolation and difficulty in earning a living turns them into black hats.
Smart companies and governments have structured their recruiting processes to hire this type of individual. Russia, China, Israel and now the USA have more or less secret programs to attract them. The Autism Advantage Program (Microsoft, SAP, HP, EY) was created to attract Autistic talent.
The inclusion of Atypicals in the software/architecture building process will reduce the cognitive blind spots and increase the security of the systems.
The challenge is to attract and manage this type of individual in a classic company. Most of the experiments done by large tech companies had lukewarm results. The Atypical individual is an enigma for the Neurotypical company and thus the way they approach the Atypical at work is usually inefficient and does not allow the full use of their atypical capabilities.
ASPertise was created and is managed by Atypicals and has developed unique know-how to manage and attract this population. Its intimate understanding of how Atypicals behave and relate to the world around them makes ASPertise uniquely positioned to efficiently work with them and leverage their unique abilities.
Listen to Frédéric talk about all this and more in his Diverse IT interview with Selena Templeton!
About Frédéric Vezon
Frédéric Vezon is President and co-founder of ASPertise. After graduating from higher education establishments ("Grandes écoles"), he held several management positions in major French banking groups and Canadian investment funds. Frédéric has gained extensive experience internationally and has created several technology companies in France, the United States and Canada.