Related Posts
By Lisa Ventura MBE FCIIS
On Saturday 14th February 2026 I did something I rarely do. I stepped entirely away from the world of cyber security, traded my laptop for a mixing bowl, and spent the morning at a Chocolate Feast baking workshop led by Giuseppe Dell’Anno, the winner of The Great British Bake Off 2021, in Cheltenham.
It was gloriously, unashamedly out of my comfort zone, and I loved every moment of it. But it was what happened during the lunch break that I keep returning to, because it sparked a conversation I have had many times before, and one I suspect I will keep having for the rest of my career.
The Question at the Lunch Table
Over lunch, Giuseppe and I got talking. He is a curious, warm and genuinely engaged person, and when one of the others in the group shared that they were “on the spectrum”, I immediately knew what they meant and shared that I too am neurodivergent with autism, ADHD, dyspraxia, and dyscalculia. I am very open about it and proud to be #OpenlyNeurodivergent, because I believe that visibility matters, particularly in a field like cyber security where neurodivergent professionals are both underrepresented and often underestimated.
Giuseppe asked what dyscalculia was. I explained that it is a specific, brain-based learning disability that makes it difficult to understand, learn, and perform mathematics, arithmetic, and number-based concepts. It is, in many ways, to numbers what dyslexia is to words.
He paused for a moment and then said, with genuine curiosity, “But don’t you work in a very technical field?”
While it is a fair question, it is one that I’ve heard many, many times before, and one that is a persistent myth in the cyber security industry.
Dismantling the Myth
Here is what I told Giuseppe, and what I want to say clearly here. The idea that you need to be a mathematician, a coder, or a deeply technical specialist to work effectively in cyber security is one of the most persistent and damaging myths in the industry.
Yes, cyber security contains technical elements. There are engineers, penetration testers, threat intelligence analysts, and security architects who work at extraordinary levels of technical depth, and their work is vital. But the field is vast, and the assumption that technical proficiency is the only route into it, or the only marker of credibility within it, is simply wrong.
My work sits at the intersection of communication, strategy, education, and awareness. I take information that is often dense with acronyms, laced with jargon, and impenetrable to the people who most need to understand it, and I translate it. I make it accessible. I strip away the complexity not to oversimplify it, but to make it genuinely useful to the people sitting on the other side of the table, whether that is a board of directors, a small business owner, a frontline employee, or a primary school child being taught about online safety for the first time.
Dyscalculia does not prevent me from doing any of that. If anything, having a brain that processes the world differently has made me better at recognising when communication is inaccessible, when language excludes rather than includes, and when the people delivering a message have forgotten who they are supposed to be speaking to.
Raising Awareness Over Lunch
I explained to Giuseppe and the other attendees of the workshop over lunch about the work I do, and how I founded the UK Cyber Security Association some years ago and I’m now on the cusp of launching the AI and Cyber Security Association to raise awareness of the safe, secure, responsible and ethical use of AI. I also told him that my specialism is in cyberpsychology, raising awareness of online scams and making cyber security accessible to the general public, sole traders, small businesses and SMEs.
I imagine that Giuseppe had not previously thought about cyber security as something that affected him personally or professionally. He runs a business. He has a public profile. He has a website, a following, and a brand. Like many people, he had perhaps assumed that cyber threats were someone else’s problem, the concern of large corporations or government agencies, not a baker in the Cotswolds with a passion for Italian pastry. The scale of the cyber threat landscape today along with the rise of AI-enabled attacks, the targeting of small and medium-sized businesses, the social engineering tactics that exploit human psychology rather than technical vulnerabilities are likely things he had not considered, like many sole traders, small business owners and SME’s
Neurodivergence as a Strength in Cyber Security
I want to be clear about something. I do not share my neurodivergence as a disclaimer or an explanation for any perceived limitation. I share it as part of an honest conversation about what cognitive diversity actually looks like in practice, and what it can bring to a field that desperately needs more of it.
Cyber security has a communication problem. The technical community is brilliant, but too often its knowledge stays within a closed loop of people who already understand it. The threats, meanwhile, keep evolving, and the people most at risk are frequently the ones least equipped with the language to protect themselves.
I bridge that gap. Not despite being neurodivergent, but in many ways because of it. My autism gives me a precise, pattern-focused way of thinking about information. My ADHD fuels a relentless drive to make things engaging rather than dry. My dyspraxia has taught me to adapt and find alternative routes when the conventional path is not available. And my dyscalculia has ensured that I have never mistakenly believed that fluency with numbers is the same thing as intelligence, or that the absence of it is any barrier to expertise.
The Conversation Continues
I left Giuseppe’s workshop that afternoon carrying four trays of genuinely beautiful bakes, a sense of quiet pride, and the memory of a conversation that reminded me exactly why the work I do matters.
Cyber security awareness does not begin in a boardroom or a technical briefing. Sometimes it begins over lunch, between a winner of the Great British Bake-Off series and a cyber security awareness specialist, in the middle of a chocolate baking workshop, on Valentine’s Day. If that conversation made Giuseppe and the others in the room even a little more aware of how to protect themselves online, it was worth it.
That is what I do. That is why I do it. And I would not change a single thing about my brain that allows me to do it.
Lisa Ventura MBE FCIIS is the Chief Executive and Founder of the AI and Cyber Security Association (AICSA) and Unity Group Solutions Limited. She is the author of Artificial Intelligence in Cybersecurity, which will be published by Kogan Page on 3 April 2026.