Beyond the binary: Creative problem solving in cyber security

One of the greatest skills you can nurture as a cyber security professional is creativity. 

This does not mean you need to take up oil painting to succeed in the industry – but rather, it is about understanding the value of creativity in problem solving. 

From bricks to bytes

I am an architect by profession. After a nearly 20-year career in the construction industry, my decision to venture into cyber security was driven by my belief in the power of imagination. Despite one industry being founded in bricks and mortar and one based in the digital space, with a bit of imagination, there are a number of parallels. 

To excel in their field, architects must provide tailored, practical, and creative solutions. Each building they design should be functional but also aesthetically pleasing.  

To excel in cyber security, an IT professional must find creative solutions to complex digital problems. The systems they design and work within must be fit for purpose and accessible for users.  

Cybercriminals adapt and change tactics daily, making traditional approaches obsolete at a rapidly increasing rate. To combat and stay ahead of this frightening change, we have to be truly creative.  

The secret to building a creative skillset

There is an aura of mystery around the word ‘creativity’, and people often disassociate with the word without realising they too have potential for creativity. Everyone can learn to be creative, but creativity needs to be treated as a skill. There are management and leadership courses, but why don’t we talk about courses for creativity?  

The psychology behind problem solving is innately interesting. Consider how the pathways are formed in the brain. These pathways are not always the most direct path, leading to gaps in our knowledge. The more we build these pathways, the more automated our responses become. However, creativity shines when facing uncharted territory. We can train our brains to be creative problem solvers, reducing the effort needed to tackle unfamiliar problems effectively. 

There are many frameworks and ways of thinking that can inform a creative approach to problem solving, but two of my favourites are the 5 Whys and Provocation.

The “5 Whys” technique, originally developed by Sakichi Toyoda, is an iterative method that explores the cause-and-effect relationships underlying problems. Toyoda developed this to demonstrate the importance of correctly identifying problems by providing a concrete example. 

“Provocation”, developed by Edward De Bono, involves presenting provocative statements to stimulate creative thinking within teams. The approach challenges team members to generate innovative ideas by attempting to prove a chosen statement wrong, rather than prove it right, by channelling the inherent human desire to challenge a provocative statement. 

To maximise the outcomes from these sessions, it is important to lay down a few ground rules. A maximum of 5-6 participants, short 10-minute sessions, and encouragement to share unfiltered ideas and unformed ideas, ranging from the crazy to the practical. These rules promote a collaborative and open environment where the most promising ideas can be developed into actionable solutions. 

Looking forward

The ideal situation to be in is one in which all cyber security professionals adopt creative problem-solving approaches. A collective effort by teams to think creatively can significantly improve their ability to address complex challenges. By fostering a creative mindset across the field, we can take steps towards making the digital world more secure. 

By harnessing the collective creativity of cyber security teams, we can better equip ourselves to combat the ever-evolving landscape of cyber threats.