Technology

From Network Intrusion Battles to Cloud Security Breakthroughs: GiOlufemi Owolabi on Securing Healthcare IT in Globalized World

By Ihesiulo Grace 3 June 2025 736 No comment

As cyber threats evolve faster than policies, GiOlufemi Owolabi stands out as a new-generation security engineer who blends technical expertise with business intelligence. With over 7 years of hands-on experience spanning telecom, enterprise, and healthcare IT, the Nigerian-born cloud security specialist has navigated his way from crisis response in Lagos to defending sensitive healthcare data at a cutting-edge digital health firm in the UK.

In this exclusive interview, Owolabi shares his journey from Nigeria to the United Kingdom, the defining moment that sparked his passion for cybersecurity, and his insights into the future of cloud security powered by AI, automation, and resilience.

GiOlufemi Owolabi

Your journey spans telecom, healthcare, and enterprise IT. What would you say has been the most defining moment in your 7+ years of experience?

The most defining moment in my career came when I led the response to a major security incident early on. A few years ago, while working as a Network Security Engineer, our organization faced a coordinated network intrusion attempt that could have severely disrupted critical services. I remember it clearly. It was after hours, alerts were coming in quickly, and the pressure was intense.

I took the lead on the incident response. From isolating compromised systems to deploying countermeasures, I coordinated our efforts to contain the threat with minimal downtime. That experience was a turning point. It proved that the years I had spent building a broad foundation in IT support, network engineering, and systems administration had real value when it mattered most.

Handling that crisis not only boosted my confidence but also solidified my passion for cybersecurity. It confirmed my decision to specialise further and move into cloud security. Protecting the organisation during that moment and seeing the impact of our response reinforced my drive to keep growing in this field.

From Nigeria to the UK—what motivated your transition to international business with data analytics, and how has this shaped your approach to cloud security?

My transition from Nigeria to the UK was driven by a strategic goal: to expand my technical expertise while gaining a global perspective on business. Data analytics provided the perfect bridge. After several years working hands-on in IT, network engineering, and security roles across telecom and enterprise sectors in Nigeria, I wanted to better understand how data drives large-scale decision-making, especially in critical industries like healthcare where technology and insights can directly impact lives.

Pursuing an MSc in International Business with Data Analytics at Ulster University gave me the tools to connect infrastructure with strategy. I didn’t just learn how to use analytics platforms. I learned how to think holistically about risk, performance, and compliance from both technical and managerial standpoints. That shift has made me a more effective and well-rounded security engineer.

At 10mg Health, this dual mindset shapes how I approach cloud security. When I implement controls or assess threat surfaces, I consider not only the technical risks but also the operational and reputational impact of a potential breach. I’m more confident communicating risk and compliance concerns to non-technical stakeholders, and I focus on aligning security measures with both business goals and regulatory requirements. The UK experience has sharpened my ability to design security that supports resilience, trust, and growth.

As a Cloud Security Engineer at 10mg Health, what are the most critical security challenges you face daily in the healthcare IT space?

At 10mg Health, I’m responsible for securing the systems that support our digital healthcare financing platform. One of the main challenges I face each day is protecting sensitive patient and provider data while ensuring that authorized users can access the information they need without delay.

Because we deal with both health records and financial information, I have to make sure our cloud infrastructure follows strong security practices and meets compliance requirements like GDPR. That means implementing data encryption, hardening our workloads, and using continuous monitoring tools to catch any unusual behavior before it becomes a threat.

Identity and access management is another major focus. We have users across different roles and locations, so I’ve put strict access controls in place, including MFA and least-privilege policies. I also run regular reviews to make sure no one has more access than they need.

System availability is just as critical. Our platform supports real-time healthcare financing, so downtime isn’t an option. I’ve designed high-availability setups, built in redundancy, and tested disaster recovery procedures to make sure we can bounce back quickly if anything goes wrong.

How do you approach securing cloud-native platforms in a constantly evolving threat landscape? Can you walk us through a typical scenario or solution?

My approach is to embed security into every layer of the cloud environment from the start and automate wherever possible. Cloud environments are fast-moving, so security must evolve alongside infrastructure.

Let’s take a typical example: deploying a cloud-native patient portal using microservices and containers. I follow a secure-by-design strategy, starting with Infrastructure as Code and Policy as Code. Using tools like Terraform or ARM templates, I define networks, IAM roles, firewall rules, and segmentation in code. This ensures consistent enforcement of security baselines, and anything non-compliant is flagged during deployment.

With certifications in CCNA, ITIL v4, Microsoft AZ-900, and Aviatrix, how do you keep your skills sharp and relevant in such a fast-paced industry?

I stay active and consistent with learning. I use labs, take Udemy courses to explore new technologies, and get involved in community events and competitions. Judging tech challenges also keeps me engaged with what’s current. Whenever I learn something new, I try to apply it in a live environment/simulated environment. That’s where the real understanding comes in.

You’ve worked with firewalls, VPNs, and automated network monitoring—what tools or technologies do you currently find indispensable in your day-to-day operations?

As a Cloud Security Engineer, I work across several layers of security. Each tool in my stack serves a critical purpose, from monitoring and automation to identity and network protection.

I rely on Microsoft Sentinel for SIEM. It aggregates logs from cloud and on-prem systems, helps detect anomalies, and gives me a central view of our security posture. Defender for Cloud is another key tool. It provides real-time posture management and alerts us to misconfigurations or active threats.

Identity and access management is a daily focus. I use Azure Active Directory, conditional access policies, and multi-factor authentication to enforce secure access. Reviewing access controls and ensuring least privilege is part of my routine.

For infrastructure, I use Terraform and ARM templates. These tools ensure our environments are deployed securely and consistently. Git is essential for tracking changes and collaborating across the team.

In terms of network security, I manage Azure Firewalls, network security groups, and sometimes virtual appliances. I also use tools that support secure connectivity and visibility in multi-cloud environments.

Endpoint and application security is handled with tools like Defender for Endpoint and CrowdStrike. I also work with web application firewalls to protect public-facing services, and use scanners like Nessus to identify and track vulnerabilities.

Scripting is key. I often write Python and PowerShell scripts to automate reports, pull data from APIs, or manage cloud resources more efficiently.

Lastly, I rely on tools like Jira to document playbooks, track incidents, and collaborate across teams. Strong communication and shared knowledge are as important as the technical tools we use.

Your research interests include intrusion detection and real-time threat mitigation in programmable networks. What recent innovations in this space excite you most?

I’m especially interested in the growing use of machine learning in intrusion detection and the potential of explainable AI in cybersecurity. Right now, I’m co-authoring two papers for submission to IEEE.

The first is titled “Adopting Network Intrusion Detection Through Enhanced Ensemble Machine Learning Models with Hybrid Feature Selection Methods”, which focuses on improving detection accuracy while reducing false positives.

The second, “Improving Organizational Cyber Resilience Through Custom Bash Scripting for Penetration Testing”, explores practical ways to strengthen system defenses through tailored automation. Both projects aim to advance real-time threat response, especially in high-stakes environments.

How do you see the future of cloud security evolving over the next five years, especially in relation to AI and automation?

Cloud security is entering a new phase, shaped by AI, automation, and the need for greater resilience. I see us moving toward what I call “autonomous cloud security” systems that don’t just detect threats but respond in real time.

AI will be central. Beyond detecting anomalies, it will handle predictive analytics, filter alert noise, and dynamically adapt access controls. Think of it as a co-pilot that learns from the environment and threat Intel to support real-time decisions or take safe automated actions.

Automation will also go deeper. Infrastructure as Code and Policy as Code will become the default, enabling self-healing systems that can auto-patch vulnerabilities or isolate risks without waiting on human input. This reduces response time to near zero for many common threats.

Zero Trust will become standard, with identity-based security enforced and adjusted by AI. Access will be monitored and adapted in real time based on user behavior. Multi-cloud security will be managed through unified platforms that overlay across providers, abstracting complexity while maintaining consistent controls and compliance.

We also need to prepare for AI-powered threats. As defenders adopt machine learning, so will attackers. Intelligent phishing, evasive malware, and model poisoning will be real risks. The next battleground may be AI versus AI and we’ll need explainable AI models to ensure transparency and trust.

Ultimately, as AI handles more of the operational layer, security professionals will shift toward strategy, governance, and oversight by designing the systems and ensuring ethical, compliant use of automation.

You’re a member of both the BCS and IET. How important has professional networking and recognition like RITTech been to your growth?

Professional networking and recognitions like RITTech have played a major role in my growth. Early in my career, I gained a lot from local tech meetups and online forums in Nigeria. Moving to the UK and joining professional bodies like BCS and IET took that further. Through events, panels, and mentorship opportunities, I’ve learned from industry leaders, kept up with emerging trends, and connected with peers who’ve helped shape my career direction.

One of my most impactful experiences was attending a cloud security panel hosted by BCS. The insights from seasoned CISOs directly influenced how I approach threat management today. Networking has also opened real opportunities.

Recognition like RITTech gave my profile added credibility. It also validated my competence and commitment to professionalism. Being active in these communities also pushed me to keep learning and start mentoring others, which continues to strengthen my own leadership skills.

In short, networking helped me grow, and recognition helped me stand out. I’d recommend both to anyone serious about a career in IT or cybersecurity.

What advice would you give to young professionals in Nigeria or abroad who are aspiring to build a career in cybersecurity or cloud infrastructure?

I’ve been in their shoes, starting in Nigeria and working my way into cybersecurity and cloud. My first advice is to master the fundamentals like networking, operating systems, and scripting are the core of everything in IT. These basics gave me the confidence to handle more complex technologies down the line.

Next, get hands-on. Don’t just chase certificates. Build labs, experiment with cloud accounts, and take part in platforms like TryHackMe or Hack The Box. I learned a lot from setting up my own test networks and solving real-world challenges.

Certifications help when chosen strategically. My CCNA and Azure Fundamentals opened doors, but I always focused on applying the knowledge, not just passing exams. There are also plenty of quality online resources, even free ones, which can build real skills if you’re consistent.

Networking has also been key. Early in my journey, I joined local tech forums. Later, I became active in global communities and joined professional bodies like BCS and IET. These connections brought mentorship, learning, and even job opportunities. My current role at 10mg Health actually came through a professional contact.

Lastly, be adaptable and resilient. Tech evolves fast, and opportunities may come from unexpected places. Don’t be afraid to start small, keep learning, and think globally. Whether you’re working locally or remotely, your skills can have global impact. Stay grounded in ethics and always build with integrity, trust is everything in security.