When Oliver Lind Nordestgaard’s teachers went on strike in his 7th grade, he spent a whole month watching YouTube videos and online tutorials about cyber security. Today, he is one of Deloitte’s young talents that keep our clients’ IT infrastructure protected and safe.
Two days every week, Oliver Lind Nordestgaard leaves his home in Odense and travels to DeloitteHuset in Copenhagen to join his colleagues in Cyber Detect & Respond, Risk Advisory. The rest of the week, he is a student at SDU (University of Southern Denmark) where he is only one year away from finishing his master’s degree in software engineering.
For almost as long as he can remember, he has had an interest in computers, largely inspired by his father:
“My dad is also a software engineer, so it was natural for him to teach me how to program as soon as I got interested in computers. It was on the back of these basic skills that I really started to look into cyber security. During a teacher lockout at school, I remember watching videos on cyber threats and cyber vulnerabilities. I discovered an amazing world that is so remarkable and fascinating. Today, I still feel that fascination.”
Years later, Oliver found himself enrolling in the software engineering programme at SDU and now also working as a junior consultant at Deloitte:
“At university, you read all the literature and research, but at Deloitte, you work with real clients and real problems. I love looking at different systems and applications, and I love that we make a real difference for our clients. No two days are the same. As consultants, we are constantly faced with new challenges to overcome.”
Cyber Security Championships whetted the appetite
Besides studying and working at Deloitte, Oliver recently participated in the Regional Danish Cyber Security Championships, and in 2021 he even represented Denmark in the European Championships as part of the national team:
“Denmark has a national team for cyber security, which I am hoping to join again. It is a group of some of the best young ethical hackers in the country. It is a great way to test your skills, meet your peers and find that kind of competitive spirit, which is a lot of fun.”
Putting yourself in the hacker’s shoes
But how do you help clients fight off cyber-attacks? There are basic skills – and then there is creativity, according to Oliver:
“Whenever we are testing a homepage, an application or even the entire IT infrastructure of a company, we always look for the most common mistakes and vulnerabilities that cybercriminals could exploit. This could be problems with user rights and accessibility. However, once the basic work is done, we need to be much more creative, because cybercriminals will be creative, too. This is where the work starts to get really fun. Essentially, you have to think and work like a hacker to see if you can enter the system by simulating an illegal attack.”
As Oliver points out, fighting against cybercriminals is much like fighting against a global army:
“What most people do not understand is how organised the hacker groups are. Many of them have a better telephone support system than an average Danish company. Their goal is, of course, to get as much money out of their victims as possible, so they are very skilled in terms of communication and negotiation. Some of them even have their own IT supporters that will help the companies get their systems set up again, although with varying results. It is just a bizarre situation all around.”
Endless opportunities
Oliver does not have a clear goal for his career, but he knows that he will continue working with cyber security – an area in constant development:
“One of the ways to look at cyber security is to see it as a mirror of IT because every time you have a new kind of software or infrastructure there will be a corresponding new aspect of security. So, the field is extremely broad, and there are so many areas in which you can specialise. It goes all the way from creating cyber strategies and identifying vulnerabilities to cleaning up after attacks and helping companies recover. There are always new things to learn.”
The payoff of creativity
Championships aside, the best thing about working with cyber security is still finding that weak spot that no one else saw, says Oliver:
“One thing is finding a basic mistake in a system but finding something that no one has spotted is what makes it all worthwhile. It is a huge payoff when you have done all you can to be as creative and cunning as the best cybercriminals out there, and then you finally find the weak spot that you have been looking for. I love that feeling – and of course, our clients love it too because that is ultimately what keeps them safe.”