Khalid KarkPrincipal Analyst
Governance, Risk, & Compliance, IT Compliance Management, IT Risk Management, Regulations & Legislation, Security & Risk, Security Performance Management, Security Policies, Security Program Governance, Security Services, Security Standards, Regulations, & Legislation, Security Strategy
Khalid's research primarily contributes to Forrester's offerings for the Security & Risk professional. He is a leading expert in information security program governance; security services; strategy; and governance, risk, and compliance (GRC) initiatives. Khalid's research focuses on building and maintaining effective security programs and making information security leaders more successful in their role.Khalid covers security service providers offering managed as well as pure consulting services. He also covers security governance and risk management topics such as security metrics, budgets, strategy, compliance, awareness, training, and organizational structure. Khalid also advises clients on security standards, industry and government regulations, and IT compliance. Khalid has codeveloped Forrester's information security framework and assessment methodology.Khalid has been widely quoted in the press, including such media outlets as Boston Globe, CSO Magazine, and The Wall Street Journal. Khalid is a frequent keynote speaker at national and international conferences.
During his career, Khalid has worked in both the consulting and enterprise sectors. Prior to joining Forrester, he worked for a global insurance company where he provided leadership and direction for the information security program. Khalid has consulted for organizations in healthcare, finance, entertainment, and communication industries on information security strategy and architecture.
Khalid holds a master's degree in telecommunications management from University of Pennsylvania and a bachelor's degree in business and economics from University of Texas at Austin. Khalid is also a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CISM), and a Certified Information Security Auditor (CISA).
CISO Handbook: How To Plan For A Security Breach October 22, 2009 BookmarkPDF
IT Compliance: From Painful To Pleasant July 31, 2009 BookmarkPDF
Articulating The Business Value Of Information Security July 24, 2009 (Rating: 9) BookmarkPDF
Healthcare Security: Ready Or Not, Here It Comes July 24, 2009 (Rating: 10) BookmarkPDF
Case Study: DTCC Implements A Process-Based Approach To Security Metrics April 29, 2009 BookmarkPDF
Market Overview: Managed Security Services Providers (MSSP) November 2009 Receive an alert when this document is published: email RSS
Hackers Versus Executives December 2009 Receive an alert when this document is published: email RSS
