Profiles in Leadership: Gökhan Yalçın, CISO, Yapı Kredi BankThe Virtue of Shifting Between Hands-On Cybersecurity and Vendor Consulting Roles
Working across multiple domains, including not just defending corporate networks but also working for security vendors and as a consultant, has been integral to becoming the CISO of one of Turkey's largest private banks, says Gökhan Yalçın.
By working as a consultant, he says, he learned how to bolster both his technical and nontechnical skill sets, including presenting essential information and recommendations to many organizations and executives across numerous sectors.
Now, as the first-ever CISO of Istanbul-based Yapı Kredi Bank, Yalçın oversees security for all aspects of the organization - from infrastructure and application security to safety and governance. He reports to the CEO and sets the bank's cybersecurity strategy while also regularly communicating the latest threats and risks to the board. At the same time, Yalçın serves as the executive vice president of Yapı Kredi Teknoloji, which is the technology side of the bank.
In a video interview with Information Security Media Group as part of the CyberEdBoard's ongoing Profiles in Leadership series, Yalçın discusses:
- The positives of moving between hands-on cybersecurity roles and working for security vendors;
- Best practices for communicating with C-level executives and the board of directors;
- How cybersecurity in the financial industry will evolve in the near-term future.
Yalçın has more than 15 years of experience in cybersecurity services. He is the executive vice president for security in Yapı Kredi Technology and the CISO for Yapı Kredi Bank. Yalçın started his career in the security team of Istanbul-based financial services technology provider Garanti Technology, and after working as a network security manager, he began working in the Yapı Kredi Bank as a cybersecurity operations senior manager. He built a 24/7 security operations center in the bank and then continued his career as a regional security consultant for two leading vendors in the cybersecurity industry.