Jim is an expert partner in McKinsey’s Risk & Resilience Practice, with a focus on digital risk—especially cybersecurity. He is a former military officer and National Security Project Manager with operational experience in computer network operations and agile development of cyber analysis systems.
Jim primarily serves technology and security organizations in financial institutions, but has also served global technology companies, oil and gas, and other energy companies, US federal agencies, private and public healthcare institutions, travel and logistics companies, and aerospace and defense firms on cybersecurity topics.
Jim’s recent work has focused on embedding digital-risk mitigation strategies and activities in enterprise-level digital transformations.
Published work
“What should you be asking your team after the CrowdStrike outage?,” McKinsey & Company, July 2024
“Europe’s new resilience regime: The race to get ready for DORA,” McKinsey & Company, June 2024
“Boards of directors: The final cybersecurity defense for industrials,” McKinsey & Company, March 2024
“Product security: Navigating regulations and customer expectations,” McKinsey & Company, September 2023
“Why digital trust truly matters,” McKinsey & Company, September 2022
“Cybersecurity trends: Looking over the horizon,” McKinsey & Company, March 2022
“Ransomware prevention: How organizations can fight back,” McKinsey & Company, February 2022
“Lessons from banking to improve risk and compliance and speed up digital transformations,” McKinsey & Company, June 2021
“Enterprise cybersecurity: Aligning third parties and supply chains,” McKinsey & Company, May 2021
“Derisking digital and analytics transformations,” McKinsey & Company, January 2021
“Safeguarding against cyberattack in an increasingly digital world,” McKinsey & Company, June 2020
“Cybersecurity strategies for the digital workplace,” McKinsey & Company, April 2020
“Cybersecurity tactics for the coronavirus pandemic,” McKinsey & Company, March 2020
“Cybersecurity’s dual mission during the coronavirus crisis,” McKinsey & Company, March 2020
“Enhanced cyberrisk reporting: Opening doors to risk-based cybersecurity,” McKinsey & Company, January 2020
“The risk-based approach to cybersecurity,” McKinsey & Company, October 2019
“Cyber risk measurement and the holistic cybersecurity approach,” McKinsey & Company, November 2018
“Cybersecurity and the risk function,” McKinsey & Company, November 2018
Past experience
Proteus Technologies
Project manager and team lead
Morgan Stanley
Director, ISG Operations
US Navy
Naval Flight Officer, Scientific and Technical Intelligence Officer
Naval Flight Officer, Mission Commander
Education
Wharton School at the University of Pennsylvania
MBA
University of North Florida
MA, history
US Naval Academy
BS, history