By Domini Clark, Founder & CEO
If you are outside the cybersecurity community — and especially if you are interested in joining it or recruiting from it — you may be interested to learn of a unique and engaging practice in the profession: cyber badges. I want to share a little bit about this practice with you not only because the badge world is fun and interesting, but also for two other reasons. First, it might spark some team-building ideas you can use in your own organization, and second, I hope it will dispel some misconceptions about the cybersec community.
Some people have shared with me that they find the community insular and intimidating, with its specialized knowledge and cloak-and-dagger focus. That makes the community seem distant and closed, both to those who wish to pursue a career in it and those who need to find candidates from it. But don't be scared! Read on to learn why.
What we're talking about are conference badges. They come on a lanyard, like the hello-my-name-is ones, but the similarity ends there. In fact, they are circuit boards creatively designed to perform functions, typically as part of games or competitions. They're basically high-tech gadgets ("badgets"?) and right off the bat, they get the full attention of just about any technical professional.
Def Con, the world's largest hacker conference, is famous for these badges (at least within the cyber community) and, according to Daniel Oberhaus, the tradition goes back longer than a decade. Other conferences use them as well. The badges may have creative shapes and, in addition to the circuit board, other hardware such as buttons, small displays and more. Badging didn't slow down during the pandemic, either — the badges were shipped, and badging villages went virtual.
Most importantly, I believe, is the fact that the badges promote collaboration and interaction.
Usually, they incorporate challenges that require collaboration. They represent a brilliant idea for getting strangers to interact, particularly a group of strangers known to include introverts. Challenges have included requiring attendees to touch badges (and meet others), with prizes going to those whose badge registers the most touches. Another badge required at least 26 attendees to connect their badges together, creating a device capable of decoding a message. This same badge, individually, was capable of acting as an Enigma machine, a particularly challenging cipher device used by Germany in World War II.
If you lead an IT team, you can create variations on this practice for team building, professional development and employee engagement. Oh, and don't forget fun. Just make sure your challenges incorporate these essential characteristics:
Collaboration is required to solve the challenge or win the game; the activity blends both technology and social interaction.
The puzzle or challenge requires some serious thinking and problem-solving skills, such as reverse-engineering.
Participants must deal with both hardware and software.
As conferences have demonstrated, you can hold these events virtually. In fact, it may be a great virtual team-builder. You can use platforms like Teams or Slack to create team rooms, etc. One word of caution: Badgelife is addicting.
Welcome To Our World
If you are an individual considering a career in cybersecurity, I hope this makes it clear that the community is welcoming and not isolationist. There is a definite need for new talent. As a career consultant, I strongly recommend that you attend a conference or two. It's a great way to learn about the profession, but also focus on meeting people. Don't be shy. If there is a badge event, participate. You might make connections with people who can help you advance in the profession and even get a job.
If you are an HR or IT professional responsible for recruiting, badgelife offers some suggestions for engaging and attracting talent. As a specialist in recruiting security and IT professionals, I can't argue that insider insight isn't valuable in connecting with this community — it is. However, the cyber community isn't completely impenetrable.
I think the badge culture helps demystify the profession a bit and reminds us that cyber professionals are, after all, human. Are some of them quirky? Absolutely, but I admire how fearlessly they embrace their quirkiness. Are many of them guarded? Absolutely, and if you knew what they knew about cybercrime, you probably would be, too.
To take advantage of the badgelife concept, encourage IT leaders to host internal games that enable their teams to "sharpen the saw," as Steven Covey puts it. Assuming word gets out that your company offers this opportunity (ask your social media team for help here), you'll increase your talent-pulling power. If your company has the bandwidth to support a larger event, host a challenge open to external participants and take advantage of social media to promote it.
In addition, keep in mind those who are looking to enter the profession and the dire need for new talent. I know how attractive it is to bring on board seasoned professionals, but the current talent market is more competitive than it ever has been as the economy recovers from Covid-19. Imagine your organization as a technical talent nebula — those cosmic clouds of dust and gas where stars are born — a place where cyber stars can shine and grow brighter and brighter. All these strategies will help you develop a reputation as an employer with a culture that welcomes these professionals and is collaborative (but safe for introverts), open to all experience levels and values knowledge sharing and professional growth.
More Great Ideas
If you explore badgelife further, you'll find lots of great ideas, whether you are a prospective employee or employer; here is a great place to start. I'm confident you'll discover an open community of professionals who enjoy sharing their insight. It's all part of changing the perception of cybersecurity, one badge at a time.