Ryan Smyth is a Managing Director in FTI Consulting’s Cybersecurity practice and is based in Los Angeles. Mr. Smyth advises clients on a wide range of regulatory and compliance issues, with a specific focus on privacy, information security, data governance, and business continuity. He brings deep business and technical background in the financial services industry, with more than 20 years of experience in governance, risk and compliance, data security and privacy programs.
Prior to joining FTI Consulting, Mr. Smyth served as Director, Privacy and Data Protection at Promontory Financial Group, where he designed and implemented privacy and information security control frameworks and data remediation projects for clients to strengthen compliance, data protection and business continuity. His background combines compliance expertise, technical knowledge and hands-on experience in facilitating regulatory requirements.
In Mr. Smyth’s role as Senior Vice President, Enterprise Risk Management and Chief Security and Privacy Officer at LPL Financial, he oversaw the company’s programs in accordance with state, federal and industry laws and regulations. He also represented the firm in governance, risk and compliance matters, including serving as a key stakeholder in regulatory inquiries and scheduled audits relating to security, privacy, due diligence and other areas.
Mr. Smyth holds a B.A. in sociology, with a Business concentration, from University of Connecticut. He also completed the Certified Regulatory and Compliance Professional Program at FINRA Institute at Wharton, University of Pennsylvania. He is an active member with numerous professional industry associations for data privacy, security and disaster recovery.
His notable projects include large-scale privacy program transformations, acting as an independent assessor of several privacy and security programs pursuant to Federal Trade Commission (FTC) consent orders, and leading an independent assessment of a client’s cybersecurity and privacy program following a large data breach.