Enhancing Security for Future Elections
Based on our assessment of activity observed, DHS is engaged with stakeholders across the spectrum to increase awareness of potential vulnerabilities and enhance security of US election infrastructure. DHS continues to work with a diverse set of stakeholders to plan, prepare, and mitigate risk to the election infrastructure. Our election process is governed and administered by state and local election officials in thousands of jurisdictions across the country. These officials manage election infrastructure and ensure its security on a day-to-day basis. State and local election officials across the country have a long-standing history of working both individually and collectively to reduce risks and ensure the integrity of their elections. In partnering with these officials through both new and existing, ongoing engagements, DHS is working to enhance efforts to secure their election systems.
Increasingly, the nation's election infrastructure leverages information technology for efficiency and convenience. Like other systems, reliance on digital technologies introduces new cybersecurity risks. DHS's NCCIC helps stakeholders in federal departments and agencies, state and local governments, and the private sector to manage their cybersecurity risks. Consistent with our long-standing partnerships with state and local governments, we have been working with election officials to share information about cybersecurity risks, and to provide voluntary resources and technical assistance.
Addressing cybersecurity challenges and helping our customers assess their cybersecurity risk is not new for DHS. We have three sets of cybersecurity customers: federal civilian agencies; state local, tribal, and territorial governments; and the private sector. Assistance includes three lines of business to support these customers: information sharing, best practices, and technical assistance. Support to state and local customers, such as election officials, is part of our daily operations.
NPPD shares actionable information about electoral infrastructure incidents through direct outreach to state and local governments and through the Multi-State Information Sharing and Analysis Center (MS-ISAC), enhancing situational awareness and providing election officials with the information needed to protect themselves from similar incidents. The MSISAC was created by DHS over a decade ago and is partially grant-funded by NPPD. The MSISAC composition is restricted to state and local government entities. It has representatives colocated with the NCCIC to enable regular collaboration and access to information and services for state chief information officers. All states are members of the MS-ISAC.
During the 2016 election cycle, and in future elections, NPPD offered and will continue to offer voluntary assistance from the NCCIC to state and local election officials and authorities interested in securing their infrastructure. The NCCIC provides this same assistance on an ongoing basis to public and private sector partners upon request.
Establishment of coordinating councils for election infrastructure owners and operators. DHS is working collaboratively with election officials and vendors of election infrastructure to establish coordinating councils that will be used to develop a physical and cyber security and resilience strategy for the Election Infrastructure subsector and define how the Federal government will work with election officials and vendors going forward. The coordinating councils will also be used to regularly share information on relevant threats and vulnerabilities quickly and efficiently so that owners and operators can manage their risk. Historically, DHS has not had active engagement directly with the state and local election community, so we’re working on broadening and deepening those relationships, identifying requirements, and educating on our capabilities.
Through engagements with state and local election officials, including working through the Sector Coordinating Council, DHS actively promotes a range of services to include:
Cyber hygiene service for Internet-facing systems: This voluntary service is conducted remotely, after which DHS can provide state and local officials with a report identifying vulnerabilities and mitigation recommendations to improve the cybersecurity of systems connected to the Internet, such as online voter registration systems, election night reporting systems, and other Internet-connected election management systems.
Risk and vulnerability assessments: These assessments are more thorough and done on-site by DHS cybersecurity experts. They typically require two to three weeks and include a wide range of vulnerability testing services, focused on both internal and external systems. When DHS conducts these assessments, we provide a full report of vulnerabilities and recommended mitigations following the testing. These assessments are available on a limited, first-come, first-served basis.
Incident Response Assistance: We encourage state and local election officials to report suspected malicious cyber activity to the NCCIC. On request, the NCCIC can provide on-site assistance in identifying and remediating a cyber incident. Information reported to the NCCIC is also critical to the federal government’s ability to broadly assess malicious attempts to infiltrate election systems. This technical information will also be shared with other states to assist their ability to defend their own systems from similar malicious activity.
Information sharing: DHS will continue to share relevant information on cyber incidents through multiple means. The NCCIC works with the MS-ISAC. Election officials can connect with their state Chief Information Officer or the MS-ISAC directly as one way to benefit from this partnership and rapidly receive information they can use to protect their systems. State election officials may also receive incident information directly from the NCCIC.
Classified information sharing: DHS provides classified briefings to cleared stakeholders upon request, and as appropriate and necessary.
Field-based cybersecurity advisors and protective security advisors: DHS has personnel available in the field who can provide actionable information and connect election officials to a range of tools and resources available to improve the cybersecurity preparedness of election systems and the physical site security of voting machine storage and polling places. These advisors are also available to assist with planning and incident management assistance for both cyber and physical incidents.
Physical and protective security tools, training, and resources: DHS provides advice and tools to improve the security of polling sites and other physical election infrastructure. This guidance can be found at www.dhs.gov/hometown-security. This guidance helps to train administrative and volunteer staff on identifying and reporting suspicious activities, active shooter scenarios, and what to do if they suspect an improvised explosive device. Officials can also contact a local DHS Protective Security Advisor for access to DHS resources.
In closing, we want to reiterate that the fundamental right of all citizens to be heard by having their vote accurately counted is at the core of our American values. Ensuring the integrity of our electoral process is a vital national interest and one of our highest priorities as citizens in a democratic society. We have confidence in the overall integrity of our electoral system. Our voting infrastructure is diverse, subject to local control, and has many checks and balances built in. As the threat environment evolves, the Department will continue to work with state and local partners to enhance our understanding of the threat and make essential physical and cybersecurity tools and resources available to the public and private sectors to increase security and resiliency. Thank you for the opportunity to testify, and we look forward to your questions.
Editor's Note:
Prepared statement by former DHS Secretary, Jeh Johnson, PBS
You will also notice the number of positions that are being held by acting individuals and those that are currently vacant, not a reassuring situation in the Department of Homeland Security ...
More Articles
- US Department of Justice: "From Nuremberg to Ukraine: Accountability for War Crimes and Crimes Against Humanity”
- Update: Examining the January 6 Attack on the U.S. Capitol, Part II Joint Full Committee Hearing, Part II, March 3rd
- *GAO Reports on Testing Security Screening at US Airports: TSA Has Limited Assurance that Security Operations is Targeting the Most Likely Threats
- Another Powerful Woman and First to Lead Either Party In Charge of House Appropriations Committee, Rep. Nita Lowey
- Updated - Voting 2018: New Election Security Funds are Breakthrough for Democracy
- Updated: HHS Establishing Medical Shelter to Aid Those Affected by Hurricane Harvey: "Do Not Go To The Attic: Go To The Roof"
- An Expert Assesses Personal Security in An On-edge America
- Bills Introduced and Defeated: Denying Firearms, Child Protection, Women's Health Care, Eating Disorders, Family and Medical Leave
- In Wake of Paris, How Prepared Are US States, Cities?
- Homeland Security Grants to States Gutted