Khalid KarkVice President, Principal Analyst
Governance, Risk, & Compliance, IT Compliance Management, IT Risk Management, Regulations & Legislation, Security & Risk, Security Performance Management, Security Policies, Security Program Governance, Security Services, Security Standards, Regulations, & Legislation, Security Strategy
Khalid's research primarily contributes to Forrester's offerings for the Security & Risk professional. He is a leading expert in information security program governance; security services; strategy; and governance, risk, and compliance (GRC) initiatives. Khalid's research focuses on building and maintaining effective security programs and making information security leaders more successful in their role.Khalid covers security service providers offering managed as well as pure consulting services. He also covers security governance and risk management topics such as security metrics, budgets, strategy, compliance, awareness, training, and organizational structure. Khalid also advises clients on security standards, industry and government regulations, and IT compliance. Khalid has codeveloped Forrester's information security framework and assessment methodology.Khalid has been widely quoted in the press, including such media outlets as Boston Globe, CSO Magazine, and The Wall Street Journal. Khalid is a frequent keynote speaker at national and international conferences.
During his career, Khalid has worked in both the consulting and enterprise sectors. Prior to joining Forrester, he worked for a global insurance company where he provided leadership and direction for the information security program. Khalid has consulted for organizations in healthcare, finance, entertainment, and communication industries on information security strategy and architecture.
Khalid holds a master's degree in telecommunications management from University of Pennsylvania and a bachelor's degree in business and economics from University of Texas at Austin. Khalid is also a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CISM), and a Certified Information Security Auditor (CISA).
Security Organization Trends 2010 February 04, 2010 BookmarkPDF
Twelve Recommendations For Your 2010 Information Security Strategy January 11, 2010 (Rating: 3) BookmarkPDF
Case Study: Intel Implements People As The New Perimeter To Mitigate Social Computing Risks December 09, 2009 BookmarkPDF
CISO Handbook: How To Plan For A Security Breach October 22, 2009 BookmarkPDF
IT Compliance: From Painful To Pleasant July 31, 2009 BookmarkPDF
