Alan Watkins is a retired consultant and academic with 40 years of experience in the field of information technology and cybersecurity, and over a decade in emergency management and law enforcement.

Alan’s consulting focuses on individuals, families, and small businesses, by providing free, public seminars and workshops on cybersecurity and identity theft awareness. As part of his academic role, he has developed curricula for multiple undergraduate courses in the cybersecurity field, each focused on real-world experience and practical applications for students. Alan has also created training programs based on the CIS 20 Critical Security Controls, focusing on implementation for small businesses.

Alan was the primary contributor and editor on a free book for small businesses, created and distributed by the non-profit, Securing Our eCITY Foundation in San Diego. The book, Bringing IT Home – Critical Infrastructure for Small Businesses: Prepare, Prevent, Respond, and Recover, provides real-world examples of threats to small businesses for each of the 18 critical infrastructure sectors. He has also co-authored published articles on using competency-based learning toward having a more capable cybersecurity workforce, as well as the use of hands-on labs for students.

Alan is a former member of InfraGard San Diego and was a founding member of the San Diego CISO Roundtable.

Why I chose Cybersecurity as my field: My dad is the one who planted the “technology bug” in my head when I was a teenager. He was an electronics engineer and he took me to an IBM facility so he could work on their mainframe. The “computer” was actually two floors of processing units, probably around 10,000 square feet. Fast forward to my 12-year law enforcement career, where I wanted to be able to look up and report on crime trends, serious injury accidents, and permits for using public facilities. There were no databases at that time, so in 1980 I created what I needed. When I changed careers into an administrative position, I became known as “the IT guy,” and for the next 24 years working in the public sector, I had many roles supervising and managing IT staff and systems, increasingly involving security. When I started private consulting, I took what I had learned about crime prevention as a police officer and used that methodology to provide cybersecurity awareness seminars, to help the public and small businesses be safe online.

CISO Desk Reference Guide Books

Creating a Small Business Cybersecurity Program

Creating a Small Business Cybersecurity Program is the second book in the CISO Desk Reference Guide® small business series, targeted toward businesses with 25 to 500 employees and limited or no technology or security staff. It provides non-technical, practical, step-by-step instructions for small business owners who need to create a cybersecurity program.


“Applying Competency-Based Learning Methodologies to Cybersecurity Education and Training: Creating a Job-Ready Cybersecurity Workforce” – published in the InfraGard Journal, Volume 1, August 2018.

“Competency is Not a Three Letter Word: A Glossary Supporting Competency-based Instructional Design in Cybersecurity” – published in the Cybersecurity Skills Journal: Practice and Research, October 2018.