- Civic Innovation Center
- Center for Intl. & Security Studies at Maryland
- Center for Governance of Technology and Systems
- Cyber Policy Initiative
- Science & Technology Policy Initiative
David Mussington is a professor of the practice the University of Maryland School of Public Policy, and currently serves as the CISA Executive Assistant Director. He directs the School’s cyber policy initiative and teaches on cyber policy issues and risk management. Prior to joining UMD in 2016, he was assistant director of the information technology and systems division at the Institute for Defense Analyses (IDA). Mussington is also a senior fellow at Canada’s Center for International Governance Innovation (CIGI). Mussington has over two decades of experience in the national security, cybersecurity, and private sector experience.
Mussington served on the White House National Security Council staff – as director surface transportation security policy and was previously senior advisor for cyber policy for the US Department of Defense. Since leaving federal service, Mussington has directed cybersecurity studies for the Department of Homeland Security (DHS), the Office of the Director of National Intelligence (ODNI), the Federal Communications Commission and the North Atlantic Treaty Organization (NATO). Mussington has led cyber risk assessments for the Bank of Canada and for private sector entities in the US and Canada. Most recently he has conducted projects on election cybersecurity, social media information security issues, and the security of ICT supply chains. An internationally known expert on critical infrastructure cybersecurity, focusing on protection priorities and identification of adversary attack strategies.
- Cybersecurity; critical infrastructure protection; science & technology policy; international security; US defense & foreign policy
Minimizing the most serious forms of cyber attack, espionage, and crime without hindering beneficial uses of information technology requires skillful multi-stakeholder governance.Learn More about A Holistic Approach to Cybersecurity Risk Management