Interview with Thorsten Greiten

December 23, 2015

BSidesHH Logo

Interview with Thorsten Greiten

Here we are, back again with Security-BSides in Hamburg! Last December’s event was an overwhelming success, and encouraged by the participants we felt we needed to offer a second conference whilst 32c3 was in town. Minimum time-frame, scarce resources, but yet again some awesome people around us made it happen!

This is why we want to introduce some of them to you. We’re currently interviewing sponsors, speakers, participants, workshop-leaders, supporters, and community members who spread the word even if they can’t make it to Hamburg. So join us in meeting our great BSides family!

This is Thorsten Greiten. Managing Director of the NetFederation in Cologne/Germany. NetFederation is a management consultancy firm specializing in digital communications. The company’s clients are renowned DAX, MDAX and TecDAX corporations from diverse industries including automotive, chemicals, finance, logistics and sports & lifestyle who seek advice corporate communications, from the analysis, evaluation, conceptualization and design of corporate websites and intranets to investor, client, personnel and media communications. Therefore, it is only natural that NetFed looks equally at all risks and opportunities for the future of digital business.

Thorsten's picture

1. Thorsten, you spend a lot of effort advising German companies on Digitalization, digital business models and digital communication. What does security have to do with this?

I do believe that the future of all business in Germany is digitalization. This is probably the most important megatrend we face: everything and everybody is connected. Time zones and places are not relevant any longer - we are decentralized, mobile, agile, and therefore the expectations of stakeholders are changing. Technology has created a tremendous impact to digital culture. By now everyone sees chances in this development - finally! Many do not know how to change yet, but most managers understand that they have to chance. I am very pleased with this development. However, I try always to be a step ahead in order to give my customers the best advice I could possibly think of. And this is why my enthusiasm is accompanied by concerns connected to the opportunities. Along with digitalization we see an increase of risks due to the vulnerability that lies in the nature of decentralized systems. It is important to adjust to the requirements of trends, but it is just as important to do this in a cautious manner. This is why I invest a lot in security research and communication.

2. You are one of the most faithful BSides supporters that we have. But you are not only a BSides supporter - you have also organized a number of Cryptoparties, talks, presentations, discussions, etc. to raise awareness for IT security risks in economy. Why are you so committed?

That’s right. I try to show my community in many ways that IT security is an extremely important topic. Decisions made out of fear are just as weak as they are unpopular. This is why people principally don’t feel comfortable talking about risks. We try to find ways to address risks in a responsible but at the same time entertaining manner so people find a benefit in give considerations to it. Also we do not only talk about risks. More importantly: we try to show people how to mitigate their risks. This certainly starts with the individual. An organization is as strong as its weakest member. If a whole company sets up an expensive and complex security system - and someone picks up a USB stick in a cantine to check it in his or her work computer to see what is on it - and ends up infecting the whole system with malware, then the company has a problem - to say the least. Therefore, it is a grassroot endeavour. And I try to do my share.

**3. Regarding all your activities in favour of the IT community - what is the particular meaning of BSidesHH to you now? **

BSidesHH is a bit of a highlight to me. As I mentioned - I deal with German Top Managers. I have friends in the IT security scene obviously - I learn a lot from them that I am transferring to Managers in the language they are used to. But my action is specialized, whereas BSidesHH is divers and therefore very inspiring. I know BSidesHH seems to want to have a proof of real engagement since it is one of the most difficult dates to conduct an international conference. Most people spend time with their families on their christmas holidays in peace and reflexion. But at the same time people who really mean it seriously sacrifice this time for something they truely believe in. I am very impressed by this and therefore, the least thing I can do is to support this endeavour with the financial and communicative contribution I can possibly make.

4. In your opinion, what are the main issues in terms of IT security in 2016 and which role would you like the BSides community to play?

To be very honest: IT security in 2016 is still a matter of teaching people how to put together a strong password and make them aware of the meaning of data privacy and just basic kind. The problems remain trivial. Of course there is the 2.0-security that deals with issues like surveillance, industry espionage, fraud, etc. etc. - but as long as there is no solution to general encryption praxis and basic security hygiene, the solutions on the political levels won’t be solved either. As someone said to me recently: data privacy means to the information age what protecting the environment meant to the industrial age.

5. In Germany, we have quite an active IT Security scene - CCC is certainly the biggest organization, but there are a number of Initiatives and Conferences like Hack4, IT Defense, BerlinSides and others - all very known a) to Hackers and b) in Germany. What would you think would be necessary to make all the initiatives visible and understandable a) to Non-Hackers (Managers, Politicians, etc.) and b) internationally?

I believe in diversity. I build my own company as diverse as I possibly can because diverse groups learn so much more from each other than homogeneous ones. This applies to all communities. We all get knowledge and inspiration from different perspectives and this is why we should always strive for as many opportunities as we can get to mix people with different experiences, specializations, perspectives and so on. As for me: I am not the person who hides back from Hackers because I do not believe that all of them are dangerous. I try to bring hackers into management circles to let them exchange. And I will continue doing so.

How to book tickets

You can book tickets to the conference, via our Eventbrite page.