This is a profile image of Marc Sorel

Marc Sorel


Advises private, public, and not-for-profit clients on technology, digital transformation, and cybersecurity topics

Marc serves private, public, and not-for-profit clients at the intersection of technology, digital transformation, and cybersecurity. He founded the firm’s work on cybersecurity in private equity across the deal life cycle and leads McKinsey’s Cyber Market Map, a capability that identifies trends in the cybersecurity market and implications for providers, investors, and users of cybersecurity technology. He also leads a firm tool that delivers credible, actionable insights about potential and current compromises, using automated, artificial-intelligence-driven network-flow analysis.

Examples of Marc’s recent client experience includes the following:

  • Designing and delivering multi-year cybersecurity growth strategies for a top-5 global telecommunications company, a top-5 US-based aerospace and defense company, and a leading US-based software provider
  • Assessing a Fortune 100 consumer-packaged-goods manufacturer’s cybersecurity performance, embedding cybersecurity into its digital transformation, and designing a two-year program of initiatives to drive step-change improvements in enterprise risk management
  • Conducting numerous due- and exit-diligence efforts on cybersecurity and other technology assets, including several antiphishing-services providers, a managed security-services provider, a provider of privileged-identity and -access management, an Secure Sockets Layer–certificate provider, a provider of security-operations centers and of security-incident- and -event management, a Domain Name System–security provider, and a provider of license-optimization software
  • Delivering multiple cross-portfolio cybersecurity scans and go-forward minimum-viable-security standards for leading, midmarket, US-based private-equity firms operating in the industrial, financial-services, healthcare, and software sectors
  • Leading a multiphase growth-and-product strategy for one of the world’s largest managed security-service providers
  • Developing a document, reporting process, and set of performance metrics for tracking enterprise cybersecurity for the board of a leading North American bank

Outside his client work, Marc is a regular speaker at industry forums and has published several articles on cybersecurity and related topics.

Prior to joining McKinsey, Marc worked in a range of US national-security roles, and he continues to provide expertise on information warfare to a national naval service.

Published Work

New-business building: Six cybersecurity and digital beliefs that can create risk,” McKinsey & Company, December 2023

New survey reveals $2 trillion market opportunity for cybersecurity technology and service providers,” McKinsey & Company, October 2022

The unsolved opportunities for cybersecurity providers,” McKinsey & Company, January 2022

Consumer-data privacy and personalization at scale: How leading retailers and consumer brands can strategize for both”, McKinsey & Company, November 2019

Finding a strategic cybersecurity model,” McKinsey & Company,June 2017

Staying ahead on cyber security,” McKinsey & Company, January 2017

Protecting your critical digital assets Not all systems and data are created equal,” McKinsey & Company,January 2017

Past Experience

US Navy Reserve

Center on National Security and the Law, Georgetown Law
Nonresident fellow

US Department of Homeland Security
Special assistant


Georgetown University
JD, law
MSFS, foreign policy, national security, and business

Yale University
BA, history