David Scott serves as the Deputy Assistant Director Deputy for NISP Cybersecurity Office (NCSO) and is appointed as the NISP Authorization Official (AO) in the Industrial Security Directorate (ISD) at DCSA headquarters. He is responsible for the NCSO program’s application of Risk Management Framework (RMF) Assessment & Authorization process of ~5600 cleared industry information systems and the agency’s Command Cyber Readiness Inspection (CCRI) mission. Mr. Scott provides policy interpretation, guidance, and procedures to DCSA Regional Cybersecurity teams, NISP government, and industry stakeholders. From 2017-2021, he served as the DCSA (formerly DSS) Capital Region AO responsible for oversight and protection of classified systems in the National Capital Region (NCR). He provided guidance and leadership to a regional team of Information System Security Professionals (ISSP) that executed the agency mission of validating industry System Security Plans (SSP), conducted Security Vulnerability Assessments & Administrative Inquiries (AI), serve as Command Cyber Readiness Inspection (CCRI) reviewers, as well as many other security oversight functions.

Mr. Scott joined DSS in 2010 as a Sr. Information Systems Security Professional (ISSP) providing expertise on myriad issues that impact the DSS mission as well as the agency SIPRNet and CCRI Program Lead. Prior to his federal service, Mr. Scott held various security positions as a cleared defense contractor such as a Systems Administrator, COMSEC Custodian, Information Systems Security Officer (ISSO) and Division Information Systems Security Manager (ISSM). 

He holds a bachelor’s degree in business administration from the University of Virginia at Wise and holds Cybersecurity certifications of Certified Information Systems Security Professional (CISSP) and CompTIA Security+.