Vikrant Rai

Executive summary

Vikrant Rai is an Advisory leader in Grant Thornton’s Cyber and Risk practice delivering IT, Cybersecurity and AI risk management solutions that address board priorities and strategic agendas around Cybersecurity, technology integration with AI and risk management. He is an accomplished and versatile professional with over 20+ years of management consulting experience where his demonstrated success is based on precision planning, execution, team building and leadership skills.

He has experience leading several IT, and Cybersecurity and risk transformation programs for large and mid-size companies working with the Chief AI Officer, CIO, CISO, Legal, Privacy and the CAE office. His contribution to thought leadership has been highlighted on the topic of cloud concentration risks, and cloud security with the American Banker, and more recently on a podcast discussing the IIA Global Best Practices on auditing Cloud security practices.

Experience

Vik’s work experience includes assisting clients in various areas of technology risk management with adoption of AI - these include Responsible AI with run-time governance, AI model risk evaluation, LLM Penetration testing, AI integrated IT & Cybersecurity program design, Cloud and infrastructure security, data governance and data protection. In other specialized engagements, he has led large security transformation programs, including Governance, Risk and Compliance (GRC) solution adoption, business resiliency (BCP/DR) aligned to industry leading practices such as the FFIEC, NIST-800 53, NIST CSF, ISO/IEC 27001, and federal / state regulations, such as GLBA, HIPAA, NYDFS, NCUA, and other EU regulations strengthening digital resilience controls, assisting IT with ransomware preparedness assessments, and third-party risk management solution.

Vik has led the implementation of strategic IT and Cybersecurity risk management programs, including program design, and the development of risk management methodology aligned to industry leading practices for managing IT with embedded AI technology. He led the effort for strategic planning, and phased execution of solution development effort scaling from IT to Privacy, Risk, and Compliance teams.

He has served clients across multiple highly regulated industries, most recently focusing on Banking, Financial Services, Life sciences, Healthcare and Asset Management.

Professional qualifications and Memberships

Vik is an active contributor to the new IIA standards on matters related to Cybersecurity auditing, he is also a speaker at IIA Chapter conferences on emerging trends on artificial intelligence and machine learning, he holds following professional licenses and memberships:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• ISO/IEC 27001 Certified Lead Auditor
• ISO/IEC 27001 Trained Lead Implementor
• Member - (ISC)²
• Member ISACA – New Jersey

Publications

• How a global bank navigated cloud concentration risk | Grant Thornton
• Guardrails for AI in pharma, biotech and medtech | Grant Thornton
• RILA - IA’s Role in Evaluating Cyber Resiliency Using Advanced Technical Testing
• American Banker: Banking on a single cloud platform? It’s time to rethink cloud concentration risks
• Q-day quantum risks | What the Board room needs to know
• Global Best Practice | The IIA - A Roadmap to Cloud Security
• Making AI adoption a success

Education

• MIT Professional Education - Applied Generative AI for Digital Transformation.
• Vik holds a Bachelor of Science in Computer Engineering from the University of Pune, India.