Ryan Smyth

Ryan Smyth brings a deep business and technical background across industries, with more than 20 years of experience in governance, risk and compliance, cybersecurity and privacy programs. Mr. Smyth advises clients on a wide range of regulatory and compliance issues, with a specific focus on privacy, cybersecurity, data governance and business continuity.

As a seasoned cybersecurity professional, Mr. Smyth leverages his extensive experience to assist clients with cyber risk, data privacy and compliance matters. He specializes in a variety of assessments, including cyber maturity, independent security and privacy control, and data privacy, helping organizations identify and remediate vulnerabilities and enhance their security posture.

Mr. Smyth also provides clients with tailored guidance on regulatory challenges, including readiness and implementation regarding evolving cybersecurity frameworks, and with navigating reporting obligations. Additionally, Mr. Smyth has deep expertise in incident response, assisting organizations during ongoing breaches and incidents, including business email compromises.

Prior to joining FTI Consulting, Mr. Smyth served as Director of Privacy and Data Protection at Promontory Financial Group, where he designed and implemented privacy and information security control frameworks and data remediation projects for clients to strengthen compliance, cybersecurity and business continuity. His background combines compliance expertise, technical knowledge and hands-on experience in facilitating regulatory requirements including GDPR, CCPA and GLBA.

In his role as Senior Vice President, Enterprise Risk Management, and Chief Security and Privacy Officer at LPL Financial, Mr. Smyth oversaw the company’s privacy and security programs in accordance with state, federal and industry laws and regulations. He was responsible for the GLBA Privacy and Safeguard program. He also represented the firm in governance, risk and compliance matters, including serving as a key stakeholder in regulatory inquiries and scheduled audits relating to cybersecurity, privacy, due diligence and other areas.