David Mussington is professor of the practice and director of the Center for Public Policy and Private Enterprise at the University of Maryland School of Public Policy. He directs the School’s cyber policy initiative and teaches on cyber policy issues and risk management. Prior to joining UMD in 2016, he was assistant director of the information technology and systems division at the Institute for Defense Analyses (IDA). Mussington is also a senior fellow at Canada’s Center for International Governance Innovation (CIGI). Mussington has over two decades of experience in the national security, cybersecurity, and private sector experience.
Mussington served on the White House National Security Council staff – as director surface transportation security policy and was previously senior advisor for cyber policy for the US Department of Defense. Since leaving federal service, Mussington has directed cybersecurity studies for the Department of Homeland Security (DHS), the Office of the Director of National Intelligence (ODNI), the Federal Communications Commission and the North Atlantic Treaty Organization (NATO). Mussington has led cyber risk assessments for the Bank of Canada and for private sector entities in the US and Canada. Most recently he has conducted projects on election cybersecurity, social media information security issues, and the security of ICT supply chains. An internationally known expert on critical infrastructure cybersecurity, focusing on protection priorities and identification of adversary attack strategies.
- Cybersecurity, critical infrastructure protection, science & technology policy, international security, US defense & foreign policy
An introduction to the complexities of cybersecurity policy at the national level. Most popular literature treats cybersecurity a technical problem. This course will refocus attention on the interplay of technical, economic, and political factors relevant to cybersecurity policies, and to public and private sector risk management solutions.
Schedule of Classes
Enriches students’ command of policy practice with a strongly team-oriented experience grounded both in services rendered to a “client” and in additional assignments, exercises, lectures and readings useful for skill acquisition and intellectual development.
Schedule of Classes

Minimizing the most serious forms of cyber attack, espionage, and crime without hindering beneficial uses of information technology requires skillful multi-stakeholder governance.
Learn More about A Holistic Approach to Cybersecurity Risk ManagementSchool Authors: David Mussington
School Authors: David Mussington
Other Authors: Matt Bishop, Duncan Buell, Alex Halderman, Dana Debeauvoir
School Authors: David Mussington, R. H. Sprinkle
Other Authors: Jodi Benenson, Cynthia Baur
School Authors: David Mussington
School Authors: David Mussington
School Authors: David Mussington, R. H. Sprinkle
School Authors: David Mussington
School Authors: David Mussington
School Authors: David Mussington
School Authors: David Mussington
School Authors: David Mussington






