TrustedSec Names Former FBI Unit Chief Ryan Macfarlane as Incident Response Lead
Ryan Macfarlane, with over 20 years of cyber experience at the FBI, has been appointed Incident Response Practice Lead amid the rising wave of sophisticated cyber threats.
CLEVELAND, Ohio — TrustedSec, a globally recognized cybersecurity and adversary simulation company advising Fortune 500s and governments, today announced that Ryan Macfarlane, with over 20 years of cyber experience at the FBI, has been appointed Incident Response Practice Lead.
With deep expertise in cyber operations, global threat coordination, and incident response across major events in both the private sector and government, Macfarlane spent 20 years as an FBI cyber agent, served on the Bureau’s Cyber Fly Team, held the role of Cyber Assistant Legal Attaché covering Australia, New Zealand, and Oceania, and most recently led the Counterterrorism Division’s Advanced Projects Unit.
At TrustedSec, Macfarlane leads the firm’s Incident Response (IR) practice, guiding rapid response operations, digital forensics, and threat hunting for clients across critical industries. His arrival strengthens TrustedSec’s ability to help organizations confront escalating ransomware campaigns, state-aligned adversaries, and hybrid criminal networks that are increasingly leveraging artificial intelligence to scale attacks faster and with greater precision.
“The threat environment is evolving at a speed and scale we’ve never seen before,” said David Kennedy, Founder and CEO of TrustedSec and a former U.S. Marine Corps cyber intelligence analyst and NSA hacker. “Ryan has spent his career on the front lines of global cyber defense, bridging law enforcement, intelligence, and private sector coordination. His leadership adds tremendous strength to our IR team as we help clients defend against increasingly organized ransomware cartels, state-sponsored groups, and AI-driven attacks.”
Today’s threat actors have evolved into a complex ecosystem of criminal syndicates, state-backed alliances, and hybrid groups that blur the line between profit, espionage, and political motivations. Fueled by Ransomware-as-a-Service (RaaS), AI and automation, and nation-state resources, their attacks are becoming faster, more coordinated, and harder to detect – turning disruptive campaigns into everyday business risks. In this climate, rapid, intelligence-driven incident response is essential to containing breaches and restoring operations before they cascade into full-scale disruption.
“TrustedSec is one of the rare firms that can operate at both the strategic and tactical level – helping clients prepare for, respond to, and learn from major incidents,” said Macfarlane. “I’m honored to lead a team of professionals who share the same mission I’ve had throughout my career: protecting organizations and people from increasingly advanced threats.”
TrustedSec’s growing Incident Response practice works hand in hand with the company’s broader consulting services – including penetration testing, red teaming, large language model (LLM) assessments, system hardening and remediation, and business risk alignment – to deliver end-to-end resilience. From proactive readiness assessments to crisis response and forensic investigations, TrustedSec’s approach helps organizations strengthen their defenses before, during, and after an attack.