Dr. David Mussington serves as the Executive Assistant Director for Infrastructure Security at the Cybersecurity and Infrastructure Security Agency (CISA) as of February 2021. As Executive Assistant Director, he helps lead CISA’s efforts to secure the nation’s critical infrastructure in coordination with government and the private sector. Key areas of focus include vulnerability and risk assessments; securing soft targets and crowded places; training and exercises; and securing high-risk chemical facilities.
Prior to joining CISA, Dr. Mussington was Professor of the Practice and Director for the Center for Public Policy and Private Enterprise at the School of Public Policy for the University of Maryland. His research and teaching activities focused on cyber physical system risk management, election cybersecurity, and critical infrastructure security risk management. He has published articles in academic and professional journals. This includes handbooks published by the University of Oxford in the U.K., working papers co-written with partners at the U.S. Naval War College, and peer reviewed articles in the Institute of Electrical and Electronics Engineers (IEEE) outlets about metrics and risk frameworks for cyber defense. Most recently, he conducted projects on election cybersecurity, social media information security issues, and the security of Internet and Communications Technology supply chains.
Dr. Mussington has private and public sector experience. At RAND Corporation, he led counter terrorism and cyber security studies for the Department of Defense, the Department of Transportation, and Amtrak. He later took on the role of Chief of Corporate Security for Amtrak where he was the senior official overseeing infrastructure protection, counter terrorism, and emergency response programs.
At the Institute for Defense Analyses, he was assistant director of the Information Technology and Systems Division (ITSD), and directed cybersecurity studies for DHS, the Office of the Director of National Intelligence, the Federal Communications Commission, and the North Atlantic Treaty Organization. He also led cyber risk assessments for the Bank of Canada and for private sector entities in the U.S. and Canada.
In 2010, he was senior adviser for cyber policy in the U.S. Department of Defense (DOD), later serving on the Obama administration’s National Security Council staff as Director for surface transportation security policy. In the former role, he led preparation and release of the 2011 Defense Strategy for Operating in Cyberspace, which was DOD’s first enterprise-wide cyber strategy document.
Dr. Mussington has a Doctorate in Political Science from Canada’s Carleton University. He also received a Bachelor of Arts and a Master of Arts degree in Economics and Political Science from the University of Toronto. He undertook post-doctoral work at Harvard’s Belfer Center where he was a MacArthur Scholar, and at the U.K.’s International Institute for Strategic Studies (IISS).