Meet Steven, a cybersecurity consultant whose tinkerer's mindset shapes secure growth

Could you tell us a little bit about yourself?

I’m Steven, 27 years old, and I’ve been working at IG&H for over three years now. After growing up in Singapore, Amsterdam and Haarlem, I wanted to study in a city I wasn’t yet familiar with, which turned out to be Utrecht. I studied Information Sciences at Utrecht University.

Technology has always been a passion of mine. During high school, I worked as a watchmaker and later started designing and building my own drones. Nowadays, I spend most of my free time tinkering with classic cars. On weekends, you can usually find me lying on the pavement underneath one, with oil on my face and the strong conviction that this time I really know what I’m doing. The problem-solving skills I picked up during these not-always-successful tinkering sessions translate surprisingly well to my work at IG&H. If one approach doesn’t work, take a step back, try a different one or ask someone more experienced for advice. That mindset still guides me every day.

What drew you to IG&H?

I knew I wanted to work at a consultancy. The fast pace, variety of projects and need to continuously adapt really appealed to me. The bureaucracy I perceived at Big Four consultancies made me look for a smaller firm, with shorter lines, more room to be seen and more freedom to develop myself. IG&H stood out because of its entrepreneurial culture and the trust people are given to take ownership early on.

What is your role & what does it involve?

I’m a Consultant in the Cybersecurity team. This department is relatively new. Two good long-term friends of mine had built impressive careers at a Big Four firm. Together, we started exploring the idea of building a cybersecurity business. The market was growing quickly; we had complementary skillsets, strong confidence in each other and the entrepreneurial drive to build something meaningful.

At the time, IG&H was not yet active in the cybersecurity domain. We proposed setting up the capability within IG&H, invested a lot of time in shaping a clear vision and worked out a solid business case. Thanks to the trust and support from the partners and board, we were given the opportunity to move forward. A few months later, my friends joined IG&H, and today we’re running the capability together. Having already started working for three large organizations gives us confidence that we’re on the right track. My role combines helping grow and lead the capability, developing client relationships and working hands-on to deliver value in projects.

What does a typical day at IG&H and the Cybersecurity team look like?

A large part of my time goes into growing the cybersecurity capability. This includes recruitment, knowledge development, research, marketing and client relationship development, always in close collaboration with the team. Alongside that, my role involves focusing on solving concrete problems and creating practical improvements in client projects. The mix between building something long-term and delivering value in the here and now is what makes the work so engaging.

What do you enjoy most about working at IG&H?

IG&H feels like a flat organization, where faith is put into your colleagues, and everyone can be heard and seen. That creates a strong sense of ownership and collaboration. It genuinely feels like your contribution matters, regardless of role or seniority. The people at IG&H are open, ambitious and supportive, which made the transition from being a student to becoming a consultant feel very natural.

What was your proudest moment at IG&H?

It has to be the moment we received the green light to launch the cybersecurity capability. From that point on, the focus immediately shifted to execution: building the team, delivering quality for clients and laying a strong foundation for the future. Seeing how quickly the department is taking shape and how the team is growing together makes me very proud. I’m genuinely excited about what lies ahead of us on this journey!

What is something we tend to underestimate when it comes to cybersecurity?

Many people significantly underestimate how much the simple practice of avoiding the reuse of passwords across multiple accounts can improve their own, and their organization's, cybersecurity. In 2025, a substantial share of cyber incidents was driven by compromised accounts and stolen credentials.

Today, numerous high-quality, trustworthy and user-friendly password manager applications enable individuals to use strong, unique passwords for every account. Examples include 1Password, Bitwarden, Apple’s Passwords app, Google Password Manager. These tools automatically generate strong, unique passwords and securely store them. My call to action to colleagues is simple: start using a password manager today and gradually transition all your accounts to strong, unique passwords!

What are some common cybersecurity pitfalls you see across healthcare, financial services and retail?

One of the biggest pitfalls I see across all three sectors is the tendency for cybersecurity teams to focus heavily on the latest technologies or trends, such as AI, while neglecting the fundamental building blocks of security. Over the past few years, I’ve seen several organizations launch large AI initiatives and internal transformation programs, only to discover later that their assets registry is incomplete or poorly maintained. This is a critical foundation: if you don’t have a clear and accurate view of your assets, it becomes extremely difficult to protect them effectively. Innovation is essential to remain competitive, but it becomes a risk when the excitement around new capabilities distracts you from basic cybersecurity hygiene and governance.

What do you like most about your role?

The freedom to take initiative and help shape something from the ground up, while being supported by experienced and inspiring colleagues. On top of that, the cyber team itself is a huge source of energy: working with smart, motivated people who aren’t afraid to challenge each other makes it incredibly rewarding.

Curious?

Discover IG&H's cybersecurity services.