Kartik Khurana
Kartik Khurana is a cybersecurity professional working at NVIDIA, where he leads initiatives in Customer Trust within the Governance, Risk, and Compliance (GRC) team. With expertise in cloud security, compliance frameworks, and risk management, Kartik plays a key role in strengthening customer confidence by ensuring robust security and compliance practices.
Previously, he gained hands-on experience through five internships spanning penetration testing, auditing, cloud security, and identity and access management. At Health Catalyst, he led projects enhancing cloud security metrics and conducting HiTrust and SOC 2 Type II audits, demonstrating his ability to manage complex compliance landscapes and improve security infrastructures.
Kartik holds a Master’s in Cybersecurity (Analytics and Operations) from Pennsylvania State University, where he maintained a 4.00 GPA and actively engaged in workshops and industry seminars. His technical proficiency includes AWS, Crowdstrike, and Prisma Cloud, equipping him to address diverse cybersecurity challenges effectively.
Dedicated to advancing cybersecurity practices, Kartik combines strong communication, technical, and leadership skills to drive trust, resilience, and innovation in security programs. His long-term goal is to grow as a cybersecurity leader, making impactful contributions to protecting digital infrastructures and building customer confidence.
Session
Governance, Risk, and Compliance (GRC) teams often operate in silos, disconnected from the hands-on efforts of cybersecurity teams such as red and blue teams. This disconnect can lead to misaligned priorities, overlooked risks, and inefficiencies in responding to threats. In this presentation, we’ll explore strategies to bridge the gap between GRC and cybersecurity teams, emphasizing the importance of collaboration in building a unified, risk-aware culture. Attendees will learn actionable techniques to align compliance frameworks with security operations, foster communication between teams, and leverage shared tools and data for better outcomes. This talk will empower both GRC and cybersecurity professionals to break down silos and work together effectively.