This is a profile image of Jim Boehm

Jim Boehm

Technology risk expert with a deep spike in enterprise cybersecurity, serving mainly financial services institutions

Jim is an expert partner in McKinsey’s Risk Practice, with a focus on digital risk—especially cybersecurity. He is a former military officer and National Security Project Manager with operational experience in computer network operations and agile development of cyber analysis systems.

Jim primarily serves technology and security organizations in financial institutions, but has also served global technology companies, oil and gas, and other energy companies, US federal agencies, private and public healthcare institutions, travel and logistics companies, and aerospace and defense firms on cybersecurity topics.

Jim’s recent work has focused on embedding digital-risk mitigation strategies and activities in enterprise-level digital transformations.

Published work

Boards of directors: The final cybersecurity defense for industrials,” McKinsey & Company, March 2024

Product security: Navigating regulations and customer expectations,” McKinsey & Company, September 2023

Why digital trust truly matters,” McKinsey & Company, September 2022

Cybersecurity trends: Looking over the horizon,” McKinsey & Company, March 2022

Ransomware prevention: How organizations can fight back,” McKinsey & Company, February 2022

Lessons from banking to improve risk and compliance and speed up digital transformations,” McKinsey & Company, June 2021

Enterprise cybersecurity: Aligning third parties and supply chains,” McKinsey & Company, May 2021

Derisking digital and analytics transformations,” McKinsey & Company, January 2021

Safeguarding against cyberattack in an increasingly digital world,” McKinsey & Company, June 2020

“Cybersecurity strategies for the digital workplace,” McKinsey & Company, April 2020

Cybersecurity tactics for the coronavirus pandemic,” McKinsey & Company, March 2020

Cybersecurity’s dual mission during the coronavirus crisis,” McKinsey & Company, March 2020

Enhanced cyberrisk reporting: Opening doors to risk-based cybersecurity,” McKinsey & Company, January 2020

The risk-based approach to cybersecurity,” McKinsey & Company, October 2019

Cyber risk measurement and the holistic cybersecurity approach,” McKinsey & Company, November 2018

Cybersecurity and the risk function,” McKinsey & Company, November 2018

Past experience

Proteus Technologies
Project manager and team lead

Morgan Stanley
Director, ISG Operations

US Navy
Naval Flight Officer, Scientific and Technical Intelligence Officer
Naval Flight Officer, Mission Commander


Wharton School at the University of Pennsylvania

University of North Florida
MA, history

US Naval Academy
BS, history