This is a profile image of Justin Greis

Justin Greis


Designs, builds, and activates secure and trusted digital transformations to help organizations accelerate their mission and protect their purpose

Justin Greis is a partner in the firm’s Chicago office. He leads McKinsey’s cybersecurity work in North America within the Risk & Resilience Practice, with a focus on cybersecurity transformation, the cloud, technology strategy, and digital transformation. Justin designs, builds, and activates secure and trusted digital transformations to help each organizations accelerate its company missions and protect its purpose. Justin brings a wealth of experience across a wide variety of industries.

Prior to joining McKinsey, he served as a cybersecurity transformation leader both globally and within the Americas for a consulting firm, where he helped clients assess, improve, and operate world-class cybersecurity programs. Justin was also a consultant in France, and before that, led the technology organization of a not-for-profit consulting group. Justin began his career as an entrepreneur after founding a digital consulting company that designed, built, and implemented dynamic websites, collaboration portals, and interactive digital service solutions.

In addition to his work with McKinsey, Justin serves as a professor, where he teaches IT governance, risk, and controls in the MSIS and MBA programs. He has won numerous awards for his real-world curriculum and innovative teaching methods.

A strong believer in the power of education, Justin founded a scholarship focused on providing higher education opportunities to students in need. He is a frequent speaker at industry forums such as ISACA, Information Security Forum (ISF), the Healthcare Information and Management Systems Society (HIMSS), and various other executive and board councils. He is a published thought leader on the topics of technology strategy, cybersecurity, IT risk management, and digital transformation.

Justin has a bachelor of science and a master of business administration in accounting and information systems, and also holds the following professional certifications: CDPSE, CGEIT, CIPP/US, CISA, CISM, CISSP, CRISC, GIAC/GSEC, ITIL, PMP, and TOGAF.

Justin lives in the Chicago suburbs and serves on the board of trustees at Ravinia, a not-for-profit music festival that presents outstanding performances by the world’s greatest artists. He is also a member of the Indiana University Kelley School of Business dean’s council. In his free time, Justin enjoys listening to and playing music, studying geology, and spending time in or near the water.


The cyber clock is ticking: Derisking emerging technologies in financial services,” McKinsey & Company, March 2024

New-business building: Six cybersecurity and digital beliefs that can create risk,” McKinsey & Company, December 2023

Software bill of materials: Managing software cybersecurity risks,” McKinsey & Company, September 2022

Securing your organization by recruiting, hiring, and retaining cybersecurity talent to reduce cyberrisk,” McKinsey & Company, June 2022

Cybersecurity legislation: Preparing for increased reporting and transparency,” McKinsey & Company, June 2022

“Protecting the Promise of a Better Tomorrow,” Rackspace Technology, 2016

“BYOD should begin with business case,” eSecurity Planet, 2013

“Five questions with Justin Greis,” ISACA Journal, 2011

“A risk-based approach to segregation of duties: Partnering IT and the business to meet the challenges of global regulatory compliance,” ISACA Journal, 2009

“An Innovative Approach to Teaching IT Governance, Risk and Controls,” WITS, 2009



Indiana University, Bloomington – Kelley School of Business

Founder, CEO


Indiana University, Bloomington – Kelley School of Business
MBA, Accounting and Information Systems

Indiana University, Bloomington – Kelley School of Business
Bachelor of Science (BS), Accounting and Information Systems