Skip to main content

Vijay D’Souza, CISSP, CEH


Vijay A. D’Souza, CISSP, CEH, is a partner with Cotton & Company specializing in cybersecurity assurance and advisory efforts. He is leading Cotton’s efforts related to the Cybersecurity Maturity Model Certification.  Prior to joining the firm in 2021, Mr. D’Souza spent 20 years with the U.S. Government Accountability Office (GAO), where he led a diverse set of audits and reviews of government cybersecurity and information technology issues. His recent work included efforts related to ransomware, DOD cybersecurity, the SolarWinds breach, use of the National Institute of Standards and Technology Cybersecurity Framework, and IT modernization efforts at the U.S. Department of Agriculture (USDA). He has testified before Congress several times and appeared in national and local media as an expert in cybersecurity issues.


Mr. D’Souza also led GAO’s Center for Enhanced Cybersecurity, which provides advanced technical support for GAO’s cybersecurity audits. He previously led GAO’s data analytics activities, as well as served as a Director in GAO’s Health Care Team.
Mr. D’Souza has an MBA from the University of California Berkeley and a BS in Engineering from the University of Maryland College Park.