Nick Andersen
Executive Assistant Director for the Cybersecurity Division (CSD)

Nicholas (Nick) M. Andersen is the Executive Assistant Director for the Cybersecurity Division of the Cybersecurity and Infrastructure Security Agency (CISA). As CISA’s senior cybersecurity official, he is responsible for leading the agency’s mission to address the nation’s most significant cyber threats and vulnerabilities and to increase the security and resilience of U.S. critical infrastructure.
A decorated veteran of the U.S. Marine Corps, Andersen brings discipline and strategic foresight to the CISA mission through his extensive experience and leadership. As the President and Chief Operating Officer at Invictus, Andersen oversaw cybersecurity, intelligence integration, and technology delivery for federal and commercial partners.
As the Chief Information Security Officer at Lumen Technologies Public Sector, he developed and implemented a comprehensive cybersecurity strategy, delivered secure offerings and formed strategic partnerships with public sector and private sector customers.
From 2019-2021, Andersen served both as the Principal Deputy Assistant Secretary and performed the duties of Assistant Secretary for the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response. In these roles, he directed national efforts to protect America's energy grid from cyber and physical threats, led responses to Iranian cyber threats, Puerto Rican disaster recovery, and energy crises, and spearheaded critical programs like Cyber Testing for Resilient Industrial Control Systems to mitigate supply chain vulnerabilities in energy infrastructure.
In 2019, as the Federal Cybersecurity Lead and Senior Cybersecurity Advisor to the Federal Chief Information Officer at the White House, he developed and implemented cybersecurity policies for the federal enterprise, enhancing transparency and risk management. He established the first government-wide Vulnerability Disclosure Programs and Trusted Internet Connections 3.0 policy and strengthened federal incident response capabilities and prioritized workforce strategies to address cyber talent gaps.
As the State of Vermont’s Chief Information Security Officer, he developed Vermont's cybersecurity strategy, integrating efforts across academia, critical infrastructure, and law enforcement. While there, he implemented strategic risk management and supply chain protection actions to include first in the Nation prohibition against the use of certain Chinese- and Russian- state sponsored technology firms across both State- owned and vendor- owned/operated infrastructure.
Among other distinguished positions, he has also served as Chief of the Office of Intelligence, Surveillance, and Reconnaissance Systems and Technologies/CIO for Intelligence for the U.S. Coast Guard, and CIO/Senior Cyber Risk Executive for U.S. Naval Intelligence.
Andersen earned a Master of Science degree in Cybersecurity from Brown University, a Master of Science degree in Information Security and Assurance from Western Governors University, a Bachelor of Science degree in Information Technology Management from American Military University. He also holds a Certificate in Public Policy from the Harvard Kennedy School. He was recently named a Pinnacle Awards Intelligence Executive of the Year and one of the top 10 CISOs to watch by Washington Executive Magazine.