This site is part of the Informa Connect Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

Risk Nordics
November 2024

Lucy Shenton
Expert Associate Partner at McKinsey & Company


Lucy is an Expert Associate Partner based in Berlin. She specializes in helping financial institutions quantify their cyber risk and build risk-based cyber strategy

Lucy additionally helps banks solve other challenges at the intersection of technology and risk, working with financial institutions globally on fraud risk management, compliance risk technology, third party technology risk management etc.

Relevant experience or recent engagements

Cyber risk quantification: Helping organizations across Europe, Africa and Latin America model their current level of cyber risk exposure relative to their Enterprise Risk Management framework and prioritize their initiative portfolio to optimize their level of cyber risk reduction.

Cyber strategy: Building cyber risk management strategies for major TMT and Finance organizations, including operational multi-year roadmap.

Third party risk management: Designing end-to-end supplier risk management strategy and processes for TMT organizations, with a focus on data privacy and security risk management.

Critical asset identification and current maturity quantification: Helping organizations understand their current level of cyber maturity relative to their peers and identify where their most critical assets sit within the organization.

Background and education

Before joining McKinsey in 2018 Lucy worked for BAE Systems in London as a Cyber Security Consultant, specializing in information assurance and cyber risk management. Her clients ranged from private prisons to large-scale critical infrastructure providers, working in both the IT and OT domains.

Lucy has a Masters degree in Engineering Science from Oxford University with a focus on artificial intelligence, machine learning, digital logic and optoelectronics, and is CISSP-accredited.

Lucy has also worked as a software engineer for a humanoid robotics company where she programmed chatbots and interactive human robots.

Agenda Sessions

  • Managing risk and identifying strategic opportunity through cyber security