David Mussington

Dr. David Mussington currently serves as the Executive Assistant Director for Infrastructure Security at the Cybersecurity and Infrastructure Security Agency (CISA). Since February 2021, he continues to lead CISA’s efforts to secure the nation’s critical infrastructure in coordination with the government and the private sector. Key areas of focus include vulnerability and risk assessments; securing public gatherings; developing and conducting training and exercises; and securing high-risk chemical facilities.

Dr. Mussington has academic as well as private and public sector experience.

Immediately prior to joining CISA, Dr. Mussington was a Professor of the Practice and Director of the Center for Public Policy and Private Enterprise at the University of Maryland School of Public Policy. His research and teaching activities focused on integrated cyber-physical system risk management, election cybersecurity, and critical infrastructure security risk management. He is published in academic and professional journals, including published handbooks by the University of Oxford in the U.K., working papers co-written with partners at the U.S. Naval War College, and peer-reviewed articles in the Institute of Electrical and Electronics Engineers outlets about metrics and risk frameworks for cyber defense. Most recently, he conducted projects on election cybersecurity, social media information security issues, and the security of the Internet and Communications Technology supply chains.

At RAND Corporation, Dr. Mussington led counter-terrorism and cyber security studies for the Department of Defense, the Department of Transportation, and Amtrak. He later served as Amtrak’s senior official overseeing infrastructure protection, counter-terrorism, and emergency response programs as Amtrak’s Chief of Corporate Security.