Ryan P. McCarthy

Ryan has more than 18 years of experience in cybersecurity across all domains but specializes in vulnerability management and as surance activities. He has significant experience leading large teams to solve complex problems in the financial services industry, including driving risk management activities and managing regulatory issues and expectations, such as regulated electronic communications.

Ryan worked at Protiviti as a Consultant and Senior to begin his career before moving to Bank of America for 15 years in their cybersecurity practice. He returned to Protiviti to help grow the Security and Privacy practice through enhanced offerings for financial services, focusing on cyber strategy and risk management.

A community leader, Ryan currently serves on the Board for Family Compass, a Dallas not for profit that prevents child abuse across the Dallas Fort Worth area.

Major Programs

• Ryan led the eDiscovery collection function for a major financial institution, partnering closely with Cyber Security to implement controls to ensure communication channels used for conducting business were restricted appropriately, and captured for legal and supervisory purposes.
• Ryan’s latest role prior to Protiviti was as the Cybersecurity Assurance Executive at Bank of America, leading a team of more than 300, and responsibilities for all cybersecurity related assessments, including third party assessments, internal automated control testing, remediation governance , vulnerability analysis and identification, and more.
• Ryan defined and implemented best practices for risk management within the cybersecurity first line of defense at a GSIFI, partnering with 2nd and 3rd lines of defense to ensure proactive identification of issues, as well as consistent repeatable remediation of issues.
• Ryan led the response to a Matter Requiring Attention related to authentication assessments at one of the largest financial institutions in the world. The team created a new threat based authentication assessment methodology, leveraging best practices and regulatory guidance to evaluate the institutions policies and implementation around authentication controls. The program resulted in a new program being fully operationalized as well as additional opportunities being identified to grow and expand the program in the future.
• Ryan has built numerous teams and functions in his career, from designing a remediation governance function from the ground up, revitalizing a Business Information Security function, and implementing a Cloud Operational Readiness strategy to help drive progress in a major financial services institution’s transition to infrastructure as a service in public cloud.
• Ryan is the product lead for SWIFT assessments at Protiviti, providing subject matter expertise on the SWIFT Customer Security Program and associated control requirements.

Areas of Expertise

• Cybersecurity Strategy
• Cybersecurity Defense
• Cybersecurity Assurance
• Risk Management
• Financial Services Regulation
• Leadership

Industry Expertise

• Financial Services

Education

• B.S.- Management Information Systems - University of Illinois - Urbana/Champaign