Michael Coden advises boards, CEOs, C-Suites, and CISOs on IT and OT cybersecurity strategy, implementation, and resilience, both as Senior Advisor at BCG and Managing Partner at Magjic LLC Cybersecurity Consulting. Previously, Coden was Managing Director and Global Leader of BCG’s Cybersecurity Practice. Additionally, Coden is Associate Director of MIT Sloan’s cybersecurity research consortium, Expert Advisor to the Election Cybersecurity Initiative at USC, and on the advisory boards of The Decision Lab, SAFE Security Inc., and HMG Strategy. Coden is also a member of the joint MIT-Stanford-CMU-UW-Google-VMWare DBOS-Project developing a revolutionary cyber-resilient operating system that self-detects cyberattacks with 99.96% accuracy in milliseconds, and self-restores itself to the pre-attack state in ~5 minutes for business continuity.
Previously, Coden assisted in developing the NIST Cybersecurity Framework–receiving a letter from the White House thanking him for his leadership–and was editor of the ISO/IEC-62443 OT cybersecurity standard. Coden has published more than 140 articles, a book with 100,000 copies in circulation, spoken at RSA and many other conferences, appeared on Bloomberg Radio and PBS television, and authored 17 patents on cybersecurity hardware and software. Coden has a BSEE from MIT, an MSBA from Columbia University, and an MS from the Courant Institute of Mathematical Sciences at NYU.
Companies that get cybersecurity right treat it not as an add-on but as something shaped by—and aligned with—business strategy. BCG helps companies focus on digital risk management and cyber risk capabilities that matter most.
Cybersecurity and IT risk management are not technology projects. They are business projects with strong tech components. Companies that understand this don’t pursue wide-ranging—and often impossible to implement—cyber roadmaps. They focus on the IT risks and capabilities most relevant to their business strategy.
This perspective shapes BCG’s unique approach to cybersecurity and cyber risk. And it’s why a big part of BCG’s work is about enablement: building a foundation for continual improvement. So even when they step out of the picture, companies can keep their cybersecurity strategy and their business strategy aligned.
BCG’s Approach to Cyber Risk and Cybersecurity Strategy
BCG’s look at cybersecurity through a business lens. Their IT and cyber risk consulting teams help companies identify the digital risks they can and can’t accept. This lets them develop business-driven and risk-aligned capability roadmaps. Companies then focus their efforts—and investments—where they matter most.
The process plays out in several phases.
Linking cybersecurity strategy to business strategy. Instead of relying on checklists to quantify IT and cyber risk, BCG’s work is to understand risk tolerance in the context of business strategy. Their cybersecurity and digital risk consultants are not just technically proficient; they also possess strong business and risk acumen. They get to the heart of a company’s cybersecurity vision, so that it aligns with the business’s strategy.
Building capabilities. BCG uses evidence-based analysis, anchored in their clients’ priorities, to create a customized framework for cybersecurity. BCG’s surgical approach means that a company doesn’t have to be best in class on every element of cybersecurity. In some cases, being good is just fine—and trying to do more could be an inefficient, and even unnecessary, use of resources.
Continually assessing, aligning, and improving. BCG’s cyber risk consultants work toward one overarching goal: to enable clients to take ownership of their cybersecurity and risk management. The capabilities, processes, and cyber skills they help develop—and embed through robust change management—allow companies to build on their cyber risk strategy, so it is always in sync with their needs, circumstances, and ambitions.
Firm Overview
Boston Consulting Group is a global consulting firm that partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG’s success depends on a spirit of deep collaboration and a global community of diverse individuals determined to make the world and each other better every day.
BCG was the pioneer in business strategy when it was founded in 1963. Today, they work closely with clients to embrace a transformational approach aimed at benefiting all stakeholders—empowering organizations to grow, build sustainable competitive advantage, and drive positive societal impact. BCG’s diverse, global teams are passionate about unlocking potential and making change happen, delivering integrated solutions through leading-edge management consulting, technology and design, and corporate and digital ventures.
Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we work closely with clients to embrace a transformational approach aimed at benefiting all stakeholders—empowering organizations to grow, build sustainable competitive advantage, and drive positive societal impact.
Our diverse, global teams bring deep industry and functional expertise and a range of perspectives that question the status quo and spark change. BCG delivers solutions through leading-edge management consulting, technology and design, and corporate and digital ventures. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, fueled by the goal of helping our clients thrive and enabling them to make the world a better place.
