Safety training for companies: “The truly dangerous attacks seldom come out of the blue”
Interview with Jörg Dreger, CEO DREGER Group GmbH

European Business: For the last few years you have offered training courses for employees in small and medium-sized businesses who are about to be deployed in crisis regions. Has the security situation really become so dangerous – and can your training really increase the chances of a lawyer or IT specialist surviving an attack?
Jörg Dreger: The security situation nationally and internationally has become a hundred times more complex, from knife attacks on individuals to ransomware attacks on companies and even full-scale terrorist attacks. We prepare our customers for greatly elevated threat levels because preparation makes dealing with their reality much easier. The positive feedback we receive from customers after certain events shows clearly that training helps improve our ability to remain calm and function under extreme pressure.

The security situation nationally and internationally has become a hundred times more complex. Jörg Dreger
European Business: What specifically do you teach people in your security seminars?
Jörg Dreger: Our introductory course is entitled “The Violent Non-State Actor - The power to act in uncertain times” and lasts an entire day. The course teaches the core principles of the subject and the typical behaviours of potential attackers: What do they do, and how can I stay in control even in an emergency? In the theoretical part of the course, we examine past attack scenarios like the well-known terrorist attack in Mumbai in November 2008. But we also look closely at possible future challenges and the methods with which they can be countered from an organizational, technological and personal standpoint. At the same time, we have a professional training ground for practical exercises that can be adapted to suit the needs of the emergency services and security firms as well as vulnerable individuals and companies. There are two training houses for scenario-based security training as well as a shooting simulator for laser, live munitions and laser training systems for force-on-force training. At the end of the seminar, the participants are usually happy to finish off with a joint debrief and reflection on the theoretical input and numerous practical experiences.
European Business: In the 1990s you worked for IBM in Russia where the security situation was far from straightforward. Did your experiences there provide the foundation stone for the DREGER Group – and how did you convince your current business partners of the necessity for your expertise?
Jörg Dreger: As a twelve-year-old I was already fascinated by espionage and counterintelligence [laughs]. But laughing apart, my varied experiences both at home and abroad have been very important. Russia and IBM were very instructive, but so were stints in the Middle East, China, India and Africa where I was involved in the subjects of cyber security and general Business Continuity Management, and which played an important role in my current activities. Due to the very different possible approaches - some more organizational in nature, others more technological or physical - it is particularly important that a team is made up of specialists from a variety of disciplines. Only in this way is it possible to ensure that the suggested and practiced measures are truly relevant. A broad understanding of these topics and equally broad escalatory levels are what sets our team apart.
European Business: What do you consider to be the most important measures a company can take in order to safeguard its activities in conflict regions?
Jörg Dreger: First, you need to be clear about your own reasons for being there. Asking the following questions can be helpful: What are the objectives? Who are the partners? Who may respond less than enthusiastically to what you are planning to do? Who might be inclined to demand a larger piece of the pie? How is the situation set to develop? Once you have formulated an honest answer to these questions, you can prepare your own personnel to deal the local customs and methods and train them if necessary in the relevant skills and competences. The opposition will always try to attack at the weakest point. Furthermore, your own head office must be in a position to provide support in the event of an incident. However, the local preparations and networks that are put in place - in terms of personnel and technical equipment as well as safe accommodation for seconded staff, their supply with provisions and, if needed, evacuation - are equally important.

It is much easier to ease back a notch when things don’t turn out quite as badly as feared than it is to cope unprepared with a rapid escalation. Jörg Dreger
European Business: Your expertise is not just in demand when it comes to physical training but also in cyber defense. How can IT specialists profit from your experience and expertise in non-virtual combat scenarios?
Jörg Dreger: You always have to plan for the worst. It is much easier to ease back a notch when things don’t turn out quite as badly as feared than it is to cope unprepared with a rapid escalation. Potential attackers are in much closer contact with each other and have a range of weapons at their disposal that are not always aimed at causing physical harm. Think for instance how your data or that of your loved ones could be appropriated to blackmail you. With the help of Open Source Intelligence, you can find out if you have already been targeted by potential attackers. The truly dangerous attacks seldom come out of the blue.
Interview: Julian Miller | Photos: DREGER Group GmbH