2025-11-15 –, Room 300
Governance, Risk, and Compliance (GRC) teams often operate in silos, disconnected from the hands-on efforts of cybersecurity teams such as red and blue teams. This disconnect can lead to misaligned priorities, overlooked risks, and inefficiencies in responding to threats. In this presentation, we’ll explore strategies to bridge the gap between GRC and cybersecurity teams, emphasizing the importance of collaboration in building a unified, risk-aware culture. Attendees will learn actionable techniques to align compliance frameworks with security operations, foster communication between teams, and leverage shared tools and data for better outcomes. This talk will empower both GRC and cybersecurity professionals to break down silos and work together effectively.
Kartik Khurana is a cybersecurity professional working at NVIDIA, where he leads initiatives in Customer Trust within the Governance, Risk, and Compliance (GRC) team. With expertise in cloud security, compliance frameworks, and risk management, Kartik plays a key role in strengthening customer confidence by ensuring robust security and compliance practices.
Previously, he gained hands-on experience through five internships spanning penetration testing, auditing, cloud security, and identity and access management. At Health Catalyst, he led projects enhancing cloud security metrics and conducting HiTrust and SOC 2 Type II audits, demonstrating his ability to manage complex compliance landscapes and improve security infrastructures.
Kartik holds a Master’s in Cybersecurity (Analytics and Operations) from Pennsylvania State University, where he maintained a 4.00 GPA and actively engaged in workshops and industry seminars. His technical proficiency includes AWS, Crowdstrike, and Prisma Cloud, equipping him to address diverse cybersecurity challenges effectively.
Dedicated to advancing cybersecurity practices, Kartik combines strong communication, technical, and leadership skills to drive trust, resilience, and innovation in security programs. His long-term goal is to grow as a cybersecurity leader, making impactful contributions to protecting digital infrastructures and building customer confidence.
Pranay Singh Suri is a cybersecurity professional with over three years of experience in compliance, security assessments, and audit readiness across cloud and enterprise environments. He currently works as an Associate Security Engineer at Coalfire Systems, where he supports FedRAMP assessments, penetration testing, and threat intelligence validation.
Previously, Pranay served as a Senior Consultant at Grant Thornton and a Senior Analyst at Deloitte, specializing in SOC 1/2, SOX, and ITGC audits. His work has spanned access reviews, identity and access management, and control testing across industries such as banking, healthcare, and cloud services.
Pranay is a certified ISO 27001 Lead Auditor, CCSK, and Security+ professional, and he recently earned his eJPT certification. He holds a Master of Science in Cybersecurity Analytics and Operations from The Pennsylvania State University, and a Bachelor of Technology in Computer Science Engineering from the University of Petroleum and Energy Studies.
With hands-on expertise in AWS, Azure AD, and tools like Burp Suite, Tenable, and Wireshark, Pranay focuses on bridging compliance and technical security to strengthen organizational resilience. His interests include penetration testing, cloud security, and improving audit processes through automation and evidence readiness.