David Mussington is a professor of the practice the University of Maryland School of Public Policy, and currently serves as the CISA Executive Assistant Director. He directs the School’s cyber policy initiative and teaches on cyber policy issues and risk management. Prior to joining UMD in 2016, he was assistant director of the information technology and systems division at the Institute for Defense Analyses (IDA). Mussington is also a senior fellow at Canada’s Center for International Governance Innovation (CIGI). Mussington has over two decades of experience in the national security, cybersecurity, and private sector experience.
Mussington served on the White House National Security Council staff – as director surface transportation security policy and was previously senior advisor for cyber policy for the US Department of Defense. Since leaving federal service, Mussington has directed cybersecurity studies for the Department of Homeland Security (DHS), the Office of the Director of National Intelligence (ODNI), the Federal Communications Commission and the North Atlantic Treaty Organization (NATO). Mussington has led cyber risk assessments for the Bank of Canada and for private sector entities in the US and Canada. Most recently he has conducted projects on election cybersecurity, social media information security issues, and the security of ICT supply chains. An internationally known expert on critical infrastructure cybersecurity, focusing on protection priorities and identification of adversary attack strategies.
- Cybersecurity; critical infrastructure protection; science & technology policy; international security; US defense & foreign policy
Cyber conflict is often considered a distant problem the concern of mi litary commands and national governments. Cyber operations and intelligence remain at the center of conflict patterns, but there is so much more. The focus on state-on-state conflict is belied by the fact that the tools and targets of cyber conflict are frequently mundane and include information and services used daily by the public. And if tools can be used by everyone, attribution of effects can be to anyone. Harm can be unevenly distributed, and often falls on those least equipped to deal with its short term and long-term effects. Algorithmic decision making raises the issue of disparate impact hidden in non-transparent supposedly unbiased settings. This seminar explores these issues connecting old concept s of security with new concerns with disparate impact, privacy, access, and disinformation.
Cyber conflict is often considered a distant problem the concern of mi litary commands and national governments. Cyber operations and intelligence remain at the center of conflict patterns, but there is so much more. The focus on state-on-state conflict is belied by the fact that the tools and targets of cyber conflict are frequently mundane and include information and services used daily by the public. And if tools can be used by everyone, attribution of effects can be to anyone. Harm can be unevenly distributed, and often falls on those least equipped to deal with its short term and long-term effects. Algorithmic decision making raises the issue of disparate impact hidden in non-transparent supposedly unbiased settings. This seminar explores these issues connecting old concept s of security with new concerns with disparate impact, privacy, access, and disinformation.
An introduction to the complexities of cybersecurity policy at the national level. Most popular literature treats cybersecurity a technical problem. This course will refocus attention on the interplay of technical, economic, and political factors relevant to cybersecurity policies, and to public and private sector risk management solutions.
Schedule of Classes
Enriches students’ command of policy practice with a strongly team-oriented experience grounded both in services rendered to a “client” and in additional assignments, exercises, lectures and readings useful for skill acquisition and intellectual development.
Schedule of Classes
Minimizing the most serious forms of cyber attack, espionage, and crime without hindering beneficial uses of information technology requires skillful multi-stakeholder governance.
Learn More about A Holistic Approach to Cybersecurity Risk ManagementSchool Authors: David Mussington
School Authors: David Mussington
Other Authors: Matt Bishop, Duncan Buell, Alex Halderman, Dana Debeauvoir
School Authors: David Mussington, R. H. Sprinkle
Other Authors: Jodi Benenson, Cynthia Baur, David Mussington (6696), R. H. Sprinkle (1216)
School Authors: David Mussington
School Authors: David Mussington
School Authors: David Mussington, R. H. Sprinkle
Other Authors: David Mussington (6696), R. H. Sprinkle (1216)
School Authors: David Mussington
School Authors: David Mussington
School Authors: David Mussington
School Authors: David Mussington
School Authors: David Mussington
