Paul   McKay

Paul McKay

Senior Analyst Serving Security & Risk Professionals

Paul is a senior analyst on the security and risk team and a Certified Information Systems Security Professional (CISSP). Paul works with organizations to help them shape and deliver their cybersecurity strategies to support the delivery of their core business vision. Paul’s research coverage includes cybersecurity, Europe-specific regulation for cybersecurity, cyberstrategy/governance, cyber-risk management, and the managed security services provider and consultancy market in Europe. Paul’s research focus is geared toward the needs of our European client base, delivering insights in cyber specific to the challenges in the European market.

Previous Work Experience

Prior to joining the security and risk team, Paul spent nine years in the consulting industry providing cybersecurity advisory services to clients in all industries in the UK and Europe.

Paul was most recently a senior manager at EY, focused on private sector clients. Paul's prior consulting specialties included developing security strategies, target operating models, security architecture, and business technology and IT delivery programs. Paul has also previously worked at Deloitte and Accenture.

Education

Paul holds a BSc (Hons) from the University of St Andrews in computer science and mathematics. He has recently graduated with his MSc with Distinction from the University of Oxford. Paul is also a Chartered Engineer member of the British Computer Society and a CISSP.

Paul McKay

Senior Analyst Serving Security & Risk Professionals

Paul is a senior analyst on the security and risk team and a Certified Information Systems Security Professional (CISSP). Paul works with organizations to help them shape and deliver their cybersecurity strategies to support the delivery of their core business vision. Paul’s research coverage includes cybersecurity, Europe-specific regulation for cybersecurity, cyberstrategy/governance, cyber-risk management, and the managed security services provider and consultancy market in Europe. Paul’s research focus is geared toward the needs of our European client base, delivering insights in cyber specific to the challenges in the European market.

Previous Work Experience

Prior to joining the security and risk team, Paul spent nine years in the consulting industry providing cybersecurity advisory services to clients in all industries in the UK and Europe.

Paul was most recently a senior manager at EY, focused on private sector clients. Paul's prior consulting specialties included developing security strategies, target operating models, security architecture, and business technology and IT delivery programs. Paul has also previously worked at Deloitte and Accenture.

Education

Paul holds a BSc (Hons) from the University of St Andrews in computer science and mathematics. He has recently graduated with his MSc with Distinction from the University of Oxford. Paul is also a Chartered Engineer member of the British Computer Society and a CISSP.

Paul McKay's Research

Most RecentMost Popular
  • For CIO Professionals

    REPORT: The Strategy Handbook: How CIOs Can Drive Security And Privacy Improvement

    Strategy: The Cybersecurity And Privacy Playbook

    July 31, 2018Paul McKay

    As CIO, you must work with the chief information security officer (CISO) and chief privacy officer (CPO) to develop the cybersecurity and privacy strategy for your firm's business. This report lays out the roles that each must play in developing and refining that strategy. It gives CIOs the tools you need to challenge, support, and validate the strategy developed by your CISO and CPO colleagues throughout that process.

  • For Security & Risk Professionals

    REPORT: Master Your Security Service Catalog

    Processes: The S&R Practice Playbook

    July 24, 2018Paul McKay

    CISOs are increasingly expected to show their peers in the executive suite how security aligns to business needs. Today, too many CISOs are focused only on delivering technical controls, which results in a poor experience for the business. Instead, security leaders should explain to business stakeholders what they're getting when they invest in security and how it fits with their priorities. This report explains how to develop a security process framework to describe business-aligned services and helps you optimize these services for business and customer success.

  • For Security & Risk Professionals

    REPORT: Planning For Failure: How To Survive A Breach

    Organization: The Security Architecture And Operations Playbook

    July 6, 2018 Josh Zelonis, Paul McKay, Jinan Budge, Heidi Shey

    Cybercriminals are using more-sophisticated attacks to steal valuable intellectual property and the personal data of your customers, partners, and employees. Their motivations run the gamut from financial to retaliatory. With enough time and money, they can breach the security defenses of even the largest enterprises. You can't stop every cyberattack. However, your customers expect you to respond quickly and appropriately. If you contain a breach poorly and botch the response, you will pay millions in remediation costs and lost business, and it will ruin your firm's reputation. This is an update of a previously published report; Forrester reviews and updates it periodically for continued relevance and accuracy.

  • For Security & Risk Professionals

    REPORT: Brace Your Security Organization For Post-Brexit Challenges

    How To Prepare For Likely Changes In Cybersecurity And Law Enforcement Cooperation

    May 22, 2018Paul McKay

    Currently, Britain and the EU collaborate closely in intelligence exchange and law enforcement to protect businesses and citizens from sophisticated cyberattacks. However, Britain voted to leave the European Union (EU), with formal separation to occur on March 29, 2019. Unless negotiations preserve cooperation, Brexit will disrupt key information and support upon which your cybersecurity capabilities rely. This report helps CISOs make their organizations resilient regardless of the Brexit negotiation outcomes.

View all of Paul McKay's Research

Clients Who Work With Paul McKay Also Work With:

View all related analysts