Khushbu Pratap leads Gartner's IT risk, audit and cybersecurity risk management research. She also mentors C-suite executives in designing fit-to-purpose three lines of defense models. Ms. Pratap's focus and interest are in organizations' cybersecurity challenges, risk-based security compliance initiatives, security audits in the cloud and third-party security assessments. She advises senior management and board members on cybersecurity risk management.
Prior to joining Gartner, Ms. Pratap led the governance, risk and compliance division at a boutique consulting firm called Network Intelligence (India) (also called NII Consulting), managing and servicing key customers. Her experience at NII covered risk assessments, IT assurance, IT service management (ISO 20000), Information Technology Infrastructure Library (ITIL), security and IT audits, business continuity management (BS 25999 and other guidelines), information security management systems (ISO 27000 series), Payment Card Industry Data Security Standard (PCI DSS), COBIT, COSO, and IT governance. Key accounts she worked with included Bahrain Telecommunications, Amdocs Managed Services, World Customs Organization, Capgemini India, Atos Origin, m-Check Payment Solutions, ICICI Prudential and HSBC Mutual Funds.
Practice Lead, Governance, Risk and Compliance Division
Security and Risk Management Leaders
Cybersecurity and IT Risk
Executive Leadership: Strategic Cost Optimization
M.S., Information Technology, Mumbai University
B.S., Information Technology, Mumbai University
Certified Information Systems Auditor (CISA)
Certified Business Continuity Management Systems Lead Auditor (BS 25999 LA)
Certified Information Security Management System Lead Implementer (ISO 27001 LI)
1Setting up IT risk management functions - people, process, and technology
2Quantifying Cyber Risk
3Navigating roles, accountability, outcomes in risk management
4Scoping risk assessments and continuous monitoring
5Adapting and automating risk operations to digital environments