Am dritten und letzten Tag des CloudFest 2026, kurz vor Ende dieser fabelhaften Veranstaltung, durften wir noch ein allerletztes Videointerview führen. Es brachte uns mit Ralph Echemendia zusammen, der sich selbst als Ethical Hacker bezeichnet. Ralph hat auf dem Gebiet der IT-Sicherheit schon so viel erlebt, wir hätten mit ihm eine ganze Stunde plaudern können.

So sind es leider nur dreieinhalb Minuten geworden, die es auf jeden Fall wert sind, gehört und gesehen zu werden. Darin spricht Ralph über seinen Fireside Chat mit Soeren von Varchmin, der am ersten Tag stattfand. Und über die wichtigsten Regeln, die für den Schutz der eigenen digitalen Identität beachtet werden sollten, hat er auch gesprochen.

How would you summarize your Fireside chat at CloudFest 2026? 

Well, we called it Hollywood OpSec about how operational security works in Hollywood, but really, it kind of went all over the place. Because the point is that it’s not just an issue that Hollywood has to deal with or operational security within filmmaking or things like that. It really is something that applies to everyone because we’re all on the cloud, if you will. It doesn’t matter whether it’s Hollywood or whether it’s a journalist’s story or a startup founder’s idea and vision or whether it’s a filmmaker’s vision.

At the end of the day, we are protecting data. We are protecting what is ultimately the things that make the world go round now, from an idea to its implementation. So we kind of were talking about that as a whole and what it means, especially since everything is based on shared and the importance of identity. The perimeter in the past used to be this idea that we were protecting applications and networks, and that’s not true. What we protect is identity because everything is based on identity. Most hacking happens from somebody stealing credentials and then when somebody steals credentials, the system is doing exactly what it’s supposed to do. So how would you know that it’s not that person in there? So how important identity is to what we do from the perspective of safety and security?

What should user mainly look at in order to secure their identity?

Keep in mind that we are, think of it as if you’re in the park. We are using public services, whether it’s Gmail or another service, these things are in the public. So you can’t expect the level of privacy you think you should expect when you’re in a public place. But identity is the mechanism that gives you at least the perception of privacy. So what they can do is, you know, utilize whatever is allowed to you, like two-factor authentication, turn on all of these different, whatever capabilities you can to better authenticate yourself that it is you. That’s from a technical perspective, the most important.

And the other thing is: Don’t trust anything that you see. Because it’s virtual, people tend to think that because something is virtual, it has no physical impact because the opposite of virtual is physical. But that’s not true at all. In fact, the virtual has more of an impact on our lives, physical lives, than the physical sometimes does today. So don’t trust anything you see on a computer. Validate it, question it. Question, is that my cousin who just emailed me? The great majority of what’s happening today has to do with just fooling people. It’s not some exotic technical flaw that the hackers are using. It’s really a matter of using psychology against you. We are the weakest link. And in fact, I know that you’re into AI too. AI is learning to weaponize that weakness even better. So question everything.