This is a profile image of James Kaplan

James Kaplan

PartnerNew York

Helps organizations transform their technology, infrastructure, and cybersecurity for lasting impact

James is a leader of McKinsey Technology, which helps enterprises get the most value from technology investments and allows investors and providers to make winning investments in enterprise-technology marks.

He focuses on technology operating models, cloud adoption, cybersecurity programs, and large-scale architecture. He works with companies in a range of industries, assisting financial institutions, health institutions, manufacturers, and technology companies on technology and execution.

He also helps private equity firms with investments in the enterprise technology domain.

James’s enterprise technology expertise is extensive, having founded and led McKinsey’s technology infrastructure and cybersecurity work. He currently chairs the knowledge committee for the firm’s North American technology practice.

Examples of James’ recent client projects include the following:

  • guiding the cloud transformation for a leading wholesale financial institution, putting it on a path to move 80 percent of its technology environment into public cloud
  • assisting the go-to-market acceleration for a global system integrator, resulting in over $250 million of incremental annual contract value
  • helping the infrastructure transformation for a pharmaceutical company, including an agile operating model for a 30 percent efficiency improvement and a new sourcing model
  • assisting the cybersecurity transformation for a business-to-business software company, including a revised operating model, secure development process, general data-protection regulation compliance approach, and a cultural-change program
  • leading the cybersecurity transformation for a geospatial mapping company focused on increasing maturity, building capabilities, and integrating cybersecurity into development processes

In addition to his client work, James speaks and writes frequently on technology, and publishes in McKinsey Quarterly, the Wall Street Journal, the Financial Times and the MIT Sloan Management Review. He also presents at Davos, the Milken Institute Global Conference, Sibos, the RSA Conference, and the Global Association of Risk Professionals conference. He is the coauthor of the book Beyond Cybersecurity: Protecting Your Digital Business, (Wiley, April 2015).

James has led McKinsey’s participation in multiple industry and cross-industry initiatives, such as the creation of the Sheltered Harbor group, and convenes several of McKinsey’s roundtables with senior technology executives.

Published work

Getting ahead in the cloud,” McKinsey & Company, November 2023

In search of cloud value: Can generative AI transform cloud ROI?,” McKinsey & Company, November 2023

Projecting the global value of cloud: $3 trillion is up for grabs for companies that go beyond adoption,” McKinsey & Company, November 2022

Creating a technology risk and cyber risk appetite framework,” McKinsey & Company, August 2022

Organizational cyber maturity: A survey of industries,” McKinsey & Company, August 2021

Security as code: The best (and maybe only) path to securing cloud applications and systems,” McKinsey & Company, July 2021

Cloud’s trillion-dollar prize is up for grabs,” McKinsey Quarterly, February 2021

How CIOs and CTOs can accelerate digital transformations through cloud platforms,” McKinsey & Company, September 2020

Three actions CEOs can take to get value from cloud computing,” McKinsey Quarterly, July 2020

Safeguarding against cyberattack in an increasingly digital world,” McKinsey & Company, June 2020

The consumer-data opportunity and the privacy imperative,” McKinsey & Company, April 2020

Agile, reliable, secure, compliant IT: Fulfilling the promise of DevSecOps,” McKinsey & Company, May 2020

Cybersecurity tactics for the coronavirus pandemic,” McKinsey & Company, March 2020

Cybersecurity’s dual mission during the coronavirus crisis,” McKinsey & Company, March 2020

Enhanced cyberrisk reporting: Opening doors to risk-based cybersecurity,” McKinsey & Company, January 2020

Securing software as a service,” McKinsey & Company, September 2019

Cybersecurity: Linchpin of the digital enterprise,” McKinsey & Company, July 2019

Critical resilience: Adapting infrastructure to repel cyberthreats,” McKinsey & Company, January 2019

A framework for improving cybersecurity discussions within organizations,” McKinsey & Company, November 2017

Hit or myth? Understanding the true costs and impact of cybersecurity programs,” McKinsey & Company, July 2017

Leaders and laggards in enterprise cloud infrastructure adoption,” McKinsey & Company, October 2016

Ten books to make you a better business technologist,” McKinsey & Company, September 2015

Repelling the cyberattackers,” McKinsey Quarterly, July 2015

Beyond Cybersecurity: Protecting Your Digital Business, Wiley, April 2015

Why senior leaders are the front line against cyberattacks,” McKinsey & Company, June 2014

Risk and responsibility in a hyperconnected world: Implications for enterprises,” McKinsey & Company, January 2014

How good is your cyberincident-response plan?,” McKinsey & Company, December 2013

Enhancing the efficiency and effectiveness of application development,” McKinsey & Company, August 2013

Meeting the cybersecurity challenge,” McKinsey Quarterly, June 2011

Getting infrastructure offshoring right,” McKinsey Quarterly, July 2009

Where IT infrastructure and business strategy meet,” McKinsey Quarterly, May 2009


Wharton School, University of Pennsylvania
MBA, finance

Brown University
BA, history