November 2, 2018 By David Millar 4 min read

Cybersecurity attacks are increasing in size and complexity, organizations are using too many tools from too many vendors — which is driving operational complexity — and there is a massive skills gap, expected to result in more than 3.5 million unfilled cybersecurity positions by 2021. Clearly, the industry cannot keep going at its current course and speed. We must take an alternative approach to enable the full digital transformation of our organizations.

A Different Kind of AI

AI has the potential to change the cybersecurity landscape. It is focused, intelligent and great at pattern recognition. If you invest in AI, it will change the way your teams work together and improve your business outcomes. In fact, AI could have the same power to change our world as Isaac Newton, Nicola Tesla, Albert Einstein or Alan Turing.

The AI I’m referring to here is not artificial intelligence as you might think, but alternative intelligence. Alternative intelligence is the ability to acquire and apply knowledge or skills that are considered unconventional or seen as challenging traditional norms. The famous scientists mentioned above all used their alternative intelligence to change our world.

Shawn Bolshin also has alternative intelligence. After three promotions in three years, Shawn is now a team lead in the cybersecurity organization at the Canadian Imperial Bank of Commerce (CIBC). He has tremendous pattern recognition capabilities and is hyper-focused, brilliant, honest as the day is long and fiercely loyal.

Like many trailblazers in history, Shawn has autism — specifically, Asperger’s syndrome. Asperger’s is defined by Merriam-Webster as “an autism spectrum disorder that is characterized by impaired social interaction, by repetitive patterns of behavior and restricted interests, by normal language and cognitive development but poor conversational skills and difficulty with nonverbal communication, and often by above average performance in a narrow field against a general background of impaired functioning.”

Growing up, teachers treated Shawn poorly, thinking he had a behavioral problem. He was the “difficult kid.” His classmates knew he was different, but they didn’t know why — and Shawn didn’t know either. It wasn’t until he was 20 years old that Shawn was finally diagnosed with Asperger’s. And even though he graduated with a degree in computer science from the University of Ontario Institute of Technology, Shawn didn’t get his first job at CIBC until he was 30 years old.

Why Alternative Intelligence Is Under-Utilized in Cybersecurity

The real tragedy is that Shawn’s story isn’t out of the ordinary. According to Forbes, the Centers for Disease Control and Prevention estimated in 2016 that 1 in 100 children have been diagnosed with autism spectrum disorder (ASD), which includes Asperger’s. What’s more, although around 60 percent of people with ASD have average or above-average intelligence, 85 percent are unemployed. Why are these numbers so low?

One reason is that job interviews are inherently biased and a terrible predictor of job success. Yet we continue to use them as our primary source of decision-making on new hires. As Alan Kriss, CEO of Specialisterne Canada — an organization dedicated to helping 25,000 neurodiverse people join the workforce — has said, “The interview is a barrier to people like Shawn in the same way a step is a barrier to people who are in a wheelchair.”

We have to find a better way to recruit and hire phenomenal resources like Shawn, because our industry may soon depend on it. But what’s in it for us? Why would we bother going through all this change to find different ways to hire people?

Hiring Adults on the Autism Spectrum Could Help Fill the Skills Gap

As mentioned before, the cybersecurity skills gap is rapidly growing. The bottom line is that we need more skilled people now — people who think differently, who are honest, who have integrity, and who are good at pattern recognition need to be contributing to our companies as soon as possible. What if we could hire and train just a small percentage of adults with ASD who are looking for work? That could bring in thousands of individuals to help us bridge the growing skills gap and transform our organizations.

The catch is that you have to be open to change and to doing things differently. You need to place a higher degree of importance on management performance and expecting more from your employees. You need to demand patience and compassion and focus on servant leadership. In doing so, you can transform not only the lives of the people you are hiring, but also your entire team.

Mihai Saveschi, director of IT security at CIBC, noted that “Shawn’s talent and unique eye for problem-solving and detail has helped propel our program further than we could have imagined. Today, I find that the team works better together, forming a cohesive and diverse unit that is much more adept at tackling dynamic information security issues.”

In other words, it took someone with ASD to improve the dynamics of the team. This is possible because everyone else becomes easier to work with as they grow more tolerant, compassionate and empathetic toward others.

Transform Your Organization With Alternative Intelligence

In a world where cyberthreats change every day and qualified professionals are so hard to come by, we can no longer ignore this very capable group of individuals. We must find an alternative way to recruit great cybersecurity professionals, and we must hire alternative intelligence by employing autistic adults to help us transform our cybersecurity operations.

For its part, IBM Security is currently conducting a pilot process in Canada to hire autistic individuals with the help of Specialisterne Canada. This process may be rolled out to other countries where IBM Security has a presence, including the U.S., Poland, India and others.

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today