Meet the Team – Louis Head, Cyber Security Consultant

Louis’ journey into the world of cyber security was a little unusual, starting out as a prisoner custody officer. But since arriving in the space he has not looked back. In this interview, he talks about what attracted him to cyber security and his role at CRMG, and how the momentum building behind AI and its greater adoption by organisations is leaving them exposed to new attack vectors. 

Tell us more about your role at CRMG? What are your day-to-day duties? 

I can say without hesitation that most of my days are extremely varied. One thing I’ve learned is that to run a small, agile, yet influential consultancy, all employees have to lend a hand. This has led to me working on some really exciting projects and adding value in ways I could not have imagined. My day-to-day duties range from policy uplifting to product development and learning from others in the business, each of whom comes with their own wealth of experience.

 What attracted you to the cyber security industry? Have you always worked in this space? 

 My journey to CRMG was an odd one, yet I am obviously glad it took place! I started as a prisoner custody officer but ended up moving into the SaaS space. It was here that I was introduced to many key aspects of information security, and began to learn the trade. After a year there, I went looking for a new challenge and was lucky enough to be swept up by the team here at CRMG. I find that the work ethic, standards and knowledge here are unparalleled – with a notable level of banter, too.

What’s the most interesting part of your job? 

The most interesting part of my job is taking on projects and tasks that I have not done before. I think the team is aware that there are aspects of this ‘ocean’ of cyber security that I have not yet encountered, as it is for most infosec professionals. In response to that, they go out of their way to ensure I get exposure to these things in a way that pushes me to deliver for clients at a level of high quality, despite sometimes being out of my comfort zone. 

What is your most feared cyber threat and why? 

I believe any form of social engineering is one to be wary of, for a couple of reasons. With humble roots in the traditional Nigerian prince scam, phishing, vishing and other deception-based attacks have become much more advanced over the past few years, to the extent that I now believe there is far less individual shame around being caught out. Whether we’d like to admit it or not, humans are almost always the weakest link when it comes to the security of an organisation. The likelihood of non-technical employees falling victim to this kind of threat is also significant, especially if they are not exposed to infosec training, education and awareness.

What’s the biggest change to the cyber threat landscape you have seen in the past few years? 

From where I stand in the industry, it is increasingly clear that AI will have a profound effect on the threats organisations face. There are obviously concerns that AI can be used to increase the efficiency and frequency of phishing attempts, but there is also the issue of adversarial AI. With many businesses looking to hop on the AI trend without considering information assurance, exploiting an AI that is a key part of day-to-day business operations could certainly become a popular practice for malicious parties.

How will cyber security continue to evolve?

It goes without saying that we will see exponential levels of advancement in tech during our lifetimes, perhaps even “man-made horrors beyond your comprehension” as Nikola Tesla put it! All of these will need consideration and assessment from those in the cyber security industry, just as they have in the past and today. To speak bluntly, I think we as an industry will have plenty of puzzles to solve for the foreseeable future.