2022 Annual FISMA and Risk Management Framework Panel Discussion (Free Event)

Vijay A. D’Souza
Partner, Cotton & Company, LLP
CISSP, CCISO, CEH

Vijay A. D’Souza, CISSP, CCISO, CEH, is a partner with Cotton & Company specializing in cybersecurity assurance efforts. Previously, Mr. D’Souza spent 20 years with the U.S. Government Accountability Office (GAO), where he led a diverse set of audits and reviews of government cybersecurity and information technology issues. His recent work included efforts related to ransomware, DOD cybersecurity, the SolarWinds breach, use of the National Institute of Standards and Technology Cybersecurity Framework, and IT modernization efforts at the U.S. Department of Agriculture (USDA). He has testified before Congress several times and appeared in national and local media as an expert in cybersecurity issues. 

Mr. D’Souza also led GAO’s Center for Enhanced Cybersecurity, which provides advanced technical support for GAO’s cybersecurity audits. He previously led GAO’s data analytics activities, as well as served as a Director in GAO’s Health Care Team.

Mr. D’Souza has an MBA from the University of California Berkeley and a BS in Engineering from the University of Maryland College Park.

Larry E. Crosland
Assistant Director, Information and Cybersecurity Team Government Accountability Office (GAO)

Larry E. Crosland is an Assistant Director in the Information Technology and Cybersecurity Team at GAO where he has led cybersecurity-related studies and audits of the federal government. He has 20 years of experience auditing information systems. Prior to joining GAO in 2001, Mr. Crosland held positions in the private sector and was a member of the U.S. Army. He is a certified information systems security professional and a certified information systems auditor. He holds a Bachelor’s degree in computer science from Francis Marion University. 

Irvin McMasters
Assistant Director, Cybersecurity and Information Technology Audit Division, Department of Health and Human Services / Office of Inspector General (HHS/OIG)
CISA, CPA

Irvin McMasters is a Cybersecurity and Information Technology Audit Division (CITAD) Assistant Director at the Department of Health and Human Services (HHS), Office of Inspector General (OIG). One of OIG’s top management challenges is “Harnessing Data to Improve Health and Well-Being of Individuals”, which includes protecting data and systems from misuse.  CITAD is addressing this challenge by utilizing a risk-based approach that considers FISMA results when planning and conducting audits of HHS’s 12 operating divisions.  CITAD has completed impactful audits of agency-wide contingency planning, incident response controls to ensure cybersecurity, while also conducting penetration testing (i.e., ground truth testing) at several HHS and State agencies.  Irvin is a Certified Information Systems Auditor and a Certified Public Accountant.

Lisa N. Barr
Director of Federal Cybersecurity, Office of the National Cyber Director

Lisa Barr has over 18 years’ experience in the public and private sector leading and directing projects in Cybersecurity, IT Strategic Planning, IT Program Management, and Risk Management. As a detailee to the Office of National Cyber Director, Lisa serves as the Director Federal Cybersecurity. Here she leads federal cybersecurity efforts on behalf of the Deputy National Cyber Director and the Federal CISO. Within these 18 years, she has 12 years within the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA). She has held various trusted leadership roles covering cybersecurity policy, supply chain cybersecurity, federal cybersecurity governance, and critical infrastructure resilience. Lisa also served a one-year rotational assignment to the OMB Office of the Federal CIO as a Senior Advisor and program lead for the Federal Acquisition Security Council. Within CISA, Lisa led federal cybersecurity governance efforts in support of the Continuous Diagnostics & Mitigation (CDM) program, as well as in broader federal cybersecurity risk management. Previous to her federal service, Lisa spent several years in the private sector focusing on IT and cyber strategic planning and program management.

Lisa holds a Bachelor’s Degree in English, a Master’s degree in National Security and Resource Strategy; has received an Executive Chief Information Security Officer certification through Carnegie Mellon; and is a Certified Information Security Manager.