Germany’s banking sector spans global universal banks, public and cooperative institutions, asset managers, and digital-first lenders, all operating under some of the world’s most stringent regulatory and supervisory frameworks. With requirements such as BAIT, MaRisk, DORA, and ECB oversight shaping daily operations, cybersecurity leadership in German banking is deeply embedded in risk governance, operational resilience, and executive decision-making. The leaders featured below represent how German banks integrate cyber risk management into core business, technology, and regulatory strategy.
Carsten Fischer — Chief Technology Officer for the Chief Security Office, Head of Technology, Data & Innovation Germany, and Deputy Chief Security Officer, Deutsche Bank
Carsten Fischer plays a central role in shaping Deutsche Bank’s security technology and innovation agenda. As Chief Technology Officer for the Chief Security Office and Deputy Chief Security Officer, he leads technology and architecture initiatives that underpin the bank’s global cyber defense capabilities. His work focuses on establishing standards, driving innovation, and implementing ecosystem-based solutions to strengthen cyber resilience. Fischer executes a threat- and architecture-led strategy that aligns cybersecurity execution with enterprise risk priorities, ensuring that security capabilities scale effectively across Deutsche Bank’s complex global environment.
Peter Lassig — Group Chief Information Security Officer and Divisional Board Member Cyber Risk & Information Security, Commerzbank AG
Peter Lassig serves as Group CISO at Commerzbank AG, where he is accountable for global ICT risk governance, including information security risk, cyber risk, and third-party risk management. Reporting directly to the Chief Risk Officer, he plays a key role in aligning cybersecurity with enterprise risk management and operational risk governance. In the event of a cyber incident, Lassig leads and coordinates the bank’s response activities. His position on the divisional board underscores the strategic importance of cybersecurity within Commerzbank’s overall risk and governance framework.
Alberto Gusella — Chief Information Security Officer, HypoVereinsbank (UniCredit Deutschland)
Alberto Gusella brings more than two decades of experience in cybersecurity and corporate security to his role as CISO at HypoVereinsbank, part of UniCredit Deutschland. His focus is on elevating cyber and security capabilities to meet the demands of a large, internationally connected banking environment. Gusella has led cybersecurity improvement programs and managed incident response efforts, helping strengthen the bank’s defensive posture. His work reflects a long-term commitment to building resilient security structures that support both regulatory expectations and business continuity.
Dr. Ana Petkova-Schmidt — Director Technology Risk, Bank Julius Bär Deutschland AG
Dr. Ana Petkova-Schmidt leads Technology Risk at Bank Julius Bär Deutschland AG, overseeing risk management across technology, information security, and business continuity. Her background spans senior roles in governance, risk, and compliance, including serving as Manager GRC with a CISO focus at PwC Deutschland and leading IT governance functions at Union Investment IT Services. She also held senior operational risk roles at Viridium and KfW IPEX-Bank. Her career reflects deep expertise in technology risk, regulatory compliance, and integrating information security into enterprise risk frameworks within financial institutions.
Sascha Grund — Chief Information Security Officer, LBBW Asset Management Investmentgesellschaft mbH
Sascha Grund is the Chief Information Security Officer at LBBW Asset Management Investmentgesellschaft mbH, where he is responsible for information security governance and protection of the organization’s IT environment. His career spans IT governance, compliance, data center project management, and security roles across multiple industries. Prior to his current position, he held IT governance and compliance roles and worked on critical infrastructure projects. Grund’s background provides a strong operational foundation for managing information security within a regulated asset management environment.
Michael Wähler — Head of Information Security, DKB | Deutsche Kreditbank AG
Michael Wähler leads the Information Security function at DKB, where he is responsible for building, operating, and continuously developing the bank’s Information Security Management System (ISMS). His remit includes asset management, risk management, audits, and governance structures. With more than two decades at DKB, Wähler has held senior roles across non-financial risk, credit risk, and enterprise risk methodology. His progression reflects a deep integration of information security within broader risk management and regulatory compliance functions at one of Germany’s leading direct banks.
Kim David Zessin — Information Security Officer / IT Governance & Compliance, Volkswagen Bank
Kim David Zessin is responsible for information security, IT governance, and compliance at Volkswagen Bank. Prior to this role, he served as Chief Information Security Officer at Fichtner IT Consulting, where he led the implementation of ISO/IEC 27001-certified information security structures and advised organizations, including critical infrastructure operators and public-sector entities. His experience spans ISMS implementation, risk analysis, audits, and cybersecurity governance. At Volkswagen Bank, his role reflects the growing importance of structured security governance within specialized and captive banking institutions.
Cybersecurity Leadership in German Banking
German banks operate at the intersection of financial stability, digital innovation, and regulatory intensity. As cyber threats increasingly target financial institutions and their supply chains, CISOs and security leaders in German banking are embedded directly within risk governance, executive decision-making, and operational resilience. The leaders featured here illustrate how cybersecurity in German banking is not a supporting function, but a core pillar of trust, stability, and long-term institutional integrity.