Meet Metin!
My name is Metin Kortak, and I’m originally from Turkey. I was sent off to a boarding school in the United States when I was 12, and I have been living in New York City ever since. I was part of a robotics club and then pursued computer science as my major, so I’ve always had a passion for the technology field, which later developed into a passion for cyber security. When I started at Rhymetec, only Justin and I were working for the company. To grow and scale the business, I converted what I was doing for our clients into a service offering, which now benefits hundreds of our clients with their compliance journeys.
Tell us a surprising fact about yourself…
I didn’t cry when I was born, the doctors thought something was seriously wrong with me but turns out I just didn’t want to.
If you could have any superpower, what would it be?
Telekinesis.
What are some things you enjoy doing outside of work?
I love cooking, specifically baking. I like to challenge myself with new recipes. I’m also a big foodie, I always look up the best restaurants and tasting menus to try when I travel. I have a very long list of restaurants to try.
Tell us about your role at Rhymetec…
I’m the Chief Information Security Officer at Rhymetec. My job involves building and improving our service offerings and managing our security team. I’m responsible for ensuring that our customers are satisfied with the level of service we offer while implementing above-industry standard cyber security best practices. I create the majority of our internal procedures, and I set the baseline for what we do. I love working for Rhymetec because I get to see the results of what we have built. It is very rewarding seeing organizations attain their cybersecurity goals with guidelines and procedures I have created. It is also important to give credit to my amazing team for executing our services.
Why did you pursue a career in the cybersecurity industry?
They say to do what you love but I say; do what you are good at. You may be bad at something you really love. I did have a passion for technology, and that’s why I studied computer science. But I didn’t consider pursuing a career in cybersecurity until an opportunity was brought up to me and I took it, and I thought I was good at it.
What is your favorite part about working at Rhymetec, or in the cybersecurity industry?
The cybersecurity industry is very stressful, I will be honest about that. There are constant incidents, audits, paperwork, and regulations you have to deal with, so it’s a very stressful industry. My favorite thing about cybersecurity is making it less stressful and complicated for our customers so they can focus on what really matters.
What is the best advice you have ever received?
This isn’t really advice I received, but I absolutely believe in Karma. I think it’s important to give out positive energy in order to receive it. I have a pretty positive outlook on life, and if I’m having a bad day, there is always a new day tomorrow.
From a security or compliance perspective, what advice would you give to a potential client or SaaS business?
Cyber security is not a DIY job. There are several domains within cyber security, and you need to have the skills and knowledge to understand these different domains.
My one advice would be to hire professionals who understand governance/compliance and technical aspects of cyber security.
Rhymetec is a fast-growing company. Can you talk about what it’s been like to watch Rhymetec grow and transform over time?
It has been quite challenging, and growth only makes it more challenging. Scaling is crucial to the growth of our business and this is why we have made significant changes in our team structure to ensure as we grow, our customers retain the same level of service, if not better.
What trait do you think has been the most instrumental to your success?
I do not emotionally react to everything right away, I like to think about my feelings/thoughts and then make a decision. Sometimes this takes several hours to days, but it’s the only way to avoid making the wrong decision. I think this has helped me not just in my personal life but also in my professional life by thinking through everything and making more articulated decisions.
What’s one piece of advice would you give to someone aspiring to enter the field of cybersecurity?
Cybersecurity majors in schools used to be not so common, and because of that, there is a significant lack of education on cybersecurity. If you are planning on pursuing a career in cybersecurity, it’s important to take cybersecurity courses, boot camps, and certifications to prove that you have the necessary skills and knowledge.
What’s something about cybersecurity that you think would surprise most people in the general public?
We share our personal information with millions of software applications. This is already a fact. What most people don’t realize is how data-sharing practices with sub-processors work: Sub-processors are third-party vendors that businesses use to provide services to their end users. Almost all businesses use sub-processors.
When you share personal information with a company, you are also agreeing to share that information with the sub-processors that the business utilizes. For instance, when you share information with a company like Facebook, you are also agreeing to share that information with sub-processors Facebook uses, such as Amazon Web Services (AWS) for cloud storage. Sub-processors can also have their own sub-processors, so this network continues to expand. Simply put, by sharing your information with a single entity, you may be sharing it with hundreds or thousands of entities.
If you could invite anyone from history or fiction to a private breakfast or lunch, who would they be and why?
I would love to have lunch with Samantha Jones and gossip.
You’ve been in the cybersecurity industry for a while, and it’s a quickly evolving field – What are the most notable changes you’ve seen?
Organizations are using automated monitoring systems more than ever. There are more applications for security and compliance monitoring than there have ever been and this is allowing organizations to identify security issues and threats more easily.
What would you say is the most common error you’ve seen companies make in terms of data security and cybersecurity?
Redundancy and business continuity. Most organizations, even enterprise-level companies, do not have proper business continuity measures in place. They are all one outage away from a complete shutdown.
Lastly, in your opinion, what makes Rhymetec stand out as a company?
Cybersecurity operations have several different domains from governance and compliance to application and network security. Take it from me, it is very difficult to find cyber security professionals who have knowledge of all domains. And even when you do find cyber security professionals, your organization’s needs change every year.
You need to find someone who understands cyber security frameworks and regulations while maintaining knowledge of underlying technologies that build up your products. It’s hard for one person to have all of this knowledge, so you need to hire a team of professionals who have expertise in different areas of cybersecurity.
This can be costly and time-consuming. Rhymetec gathers cyber security professionals who all have extensive knowledge of different domains of cyber security and provides all-in-one services to companies to help them with their cyber security needs. We not only offer help but take the lead on cybersecurity projects by integrating ourselves with our clients and building a team of cybersecurity professionals for them. What makes us stand out is our unique capability to handle diverse cybersecurity problems.