Oliver Grant is an Analyst in KPMG’s Cyber Security team, which sits within the Technology Risk Consulting department. He joined the firm in October 2016 having graduated from the University of Bristol with a degree in Politics. In the last year he has gained experience in programme assurance, internal audit, access management, and seconded to KPMG International, working to increase profitable revenue growth and foster collaboration between KPMG’s cyber security departments around the globe. He loves to travel and is an avid sports fan.
Tell us about yourself
My name is Oliver Grant and I am on the Cyber Graduate Programme at KPMG. I studied Politics at University, then took a year out, interning for a few months at a technology recruitment firm and travelling around South America. After this I joined KPMG and I am usually based in its London office, although I have recently moved to Amsterdam for a client engagement.
What made you choose a career in Cyber Security?
I often get asked this! Particularly as I studied Politics at University, I’m often met with raised eyebrows when I tell someone that I work in cyber security. However, there’s a bit of a story behind it. After graduating, I worked in a small Technology recruitment firm which was subject to frequent and persistent social engineering and ransomware attacks. I was struck by the fact that a modest business with just half a dozen employees was a target for criminals. Watching the company suffer (and crucially those who worked for it) was a wake-up call, and was not an experience I would wish upon anyone. Ironically you could say this was good timing for me as I’d always been fascinated by the power of technology, and now the need to protect the information within it is greater than ever. This experience gave me the motivation to pursue a career in cyber security.
What are the greatest positives about working in Cyber Security?
I certainly think that the usual clichés ring true, particularly the variety of opportunities and challenges that one faces on a daily basis, and this is a real positive. In addition, I think that the rise of cyber security up the boardroom agenda in recent years has meant that the importance of what we do is now far more widely acknowledged than it was just a few years ago.
What are the greatest challenges in Cyber Security?
The constantly evolving nature of the industry can be both a blessing and a curse. On the one hand it is fascinating to work in an industry where the landscape is frequently shifting. However, whilst the tools at our disposal are rapidly maturing, so too are the capabilities of those who wish to cause harm, as we are noticing with the increasing sophistication of attacks. One other challenge I have encountered is trying to change the way that cyber security is viewed by many. It should not be regarded purely as a cost to the business, but also as an enabler of growth. Cyber security is not just about risk management, compliance, and controls, but also about giving your organisation a competitive advantage, such as by increasing trust with customers.
What are the highlights of your career?
The project that I am currently working on has to be the highlight for me. We are working with a fascinating client that works in an extremely agile manner, and has IT at the core of its business model. We are supporting them with Access Management, and it has been rewarding to work side by side with a group of immensely talented people. I have really enjoyed the challenge of learning from, and adapting to, their ways of working. Living in Amsterdam has been great too…There are definitely worse places to be!
Another highlight that stands out was working for the KPMG Global Cyber SGI (Strategic Growth Initiative), which is an internal project team which collaborates with the cyber departments of KPMG member firms around the world. It was exciting to be involved in efforts to define our global strategy at such an early stage in my career.
What has been the biggest influence on you?
I think my travel experiences have influenced me the most. I have been lucky to work in and travel around Uganda, South East Asia, South America, India, and now the Netherlands, and my exposure to other cultures has certainly shaped my outlook on, and approach to, life.
Where do you see Cyber Security in 10 years?
With Juniper expecting the number of Internet of Things (IoT) devices to surpass 46 billion by 2021, we will see connected technologies rapidly become a part of the fabric of our societies in the coming years. Our reliance on these technologies will pose enormous challenges, as well as opportunities, as the range of potential attack vectors will rise dramatically. To date, our rush to adopt these technologies has led to a complacent approach to security, the consequences of which were felt in the DDoS attack which used a Mirai botnet to knock Dyn’s services offline in October 2016, bringing down sites such as Spotify, Twitter, and GitHub. Hopefully this will act as a wake-up call, because the potential for insecure IoT devices to cause harm is enormous.
On a more positive note, I expect to see significant development in the growth of ‘smart cities’ the world over, whilst AI will be highly disruptive, fundamentally changing the way many companies in our industry operate. One thing we can be sure of is that organised crime groups will seek to exploit these technological advances, so the cyber security industry will have to be on the front foot at all times.
What are your career ambitions?
I hope to continue working with clients across multiple industries and sectors, as well as working across multiple service lines within our cyber security team. Eventually I’d like to make the transition from working as a ‘generalist’ to a ‘specialist’, where one becomes ‘the go-to-person’ for a certain industry, sector, or service offering. A few months ago, I didn’t expect to be working and living in the Netherlands, so the unpredictable nature of the working world means that whilst having a plan is important; and so too is flexibility and spontaneity!
What would you do if you were not a consultant?
A tough question! I would love to continue travelling the world and exploring new cultures, all whilst working remotely, before settling down. Following more of a Project Management route is on my radar too.
What advice would you give young people hoping to enter a career in the field?
Do your research, then throw yourself out there. There are dozens of forums for discussion, groups for like-minded individuals, and experienced and knowledgeable people within the industry who are more than happy to offer their advice. Get reading, writing, speaking, and meeting, and you will not only gain an understanding of the opportunities that exist in the industry, but also of the type of company that would suit you, the type of role that interests you most, and, crucially, what it is that you can bring to the table and offer to a prospective employer.