The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is promising state and local election officials that it will be vigilant, trustworthy, and transparent about 2020 election security in the agency’s #Protect2020 Strategic Plan.
CISA officials hope to ramp up 2020 election security with efforts to continuously monitor threat trends, forecast vulnerabilities, safeguard the information of the American public, and quickly share cyber information with stakeholders.
“There’s no question that our election process is more resilient and secure than it was in 2016 and heading into 2020 it will certainly be more secure than it was in 2018,” Matt Masterson, senior cybersecurity advisor of the Election Security Initiative, said.
Ahead of 2020, CISA is dedicating resources to four lines of effort: elections infrastructure, campaigns and political infrastructure, the American electorate, and warning and response. In each effort, CISA details objectives and key actions that the agency has taken to meet its goals. Across all four, partnerships with the private sector, information sharing with stakeholders, and real-time cyber vulnerability assessments are common themes.
“As the lead Federal agency responsible for securing the nation’s elections infrastructure, CISA works closely with the intelligence community, law enforcement officials, private sector partners, and others across the Federal government to ensure we are doing everything possible to defend our electoral systems,” Krebs said in the introduction of the election security plan.
“But this needs to be a whole of nation effort,” he said. “State and local election officials are on the front lines, and the role of the Federal government is to make sure that they are prepared.”
To build direct relationships with officials in the over 8,000 election jurisdictions across the country, CISA launched the “last mile” campaign in 2018 to distribute security products to stakeholders. These products are scalable, customizable tools that officials can implement immediately to improve security and awareness, such as emergency response guide posters. Over 1,000 jurisdictions have received last mile products, and 20 additional states expressed interest in receiving them leading up to 2020.
CISA also hopes to build back the American public’s trust in its electoral systems. To do so, the agency is planning to work with subject matter experts and third-party organizations that can amplify its messaging.
“We can patch cyber vulnerabilities and defend our databases, but if we don’t also prepare the American people for the onslaught of foreign interference they face daily, then we will have failed,” Brain Scully, countering foreign influence lead, said.
An operational plan to accompany this strategic plan will be out this month, per a Feb. 6 Government Accountability Office (GAO) report. To meet GAO’s recommendations, the operational plan will have to fully address all efforts in the strategic plan and document how CISA intends to address unresolved election security challenges from years past.