[Image via odyssey-online]

The National Association of Secretaries of State recently published an “open letter” to voters from members of the Election Infrastructure Subsector Government Coordinating Council (EIS-GCC), which has been formed to play a key role in the cyberdefense of the nation’s election system. It’s worth reading – take a look:

The [EIS-GCC] is the first group of its kind to help important stakeholders share vital information regarding the elections process. The EIS-GCC includes members from the Department of Homeland Security, the U.S. Election Assistance Commission, the National Association of Secretaries of State (NASS), the Na­tional Association of State Election Directors, the Election Center and the International Association of Government Officials.

There are real threats to all digital technologies, including those used to run elections. Election officials across the country are working day and night to identify, mitigate, and deter these threats. Our efforts seek to improve the overall security of election systems to ensure your votes remain safe and the process reflects your will.

In 2016, the intelligence community determined state voter registration systems were the target of cyber scanning activities by the Russian government. We have evidence that in one case those efforts resulted in the successful theft of voter data from an online system.

However, election security is not something that began in 2016. Election officials have always viewed the security of our elections process as an essential component of our work. What is new is the potential for better information and resources from the intelligence community and federal agencies.

Notably, the U.S. Department of Homeland Security (DHS), has said repeatedly that the types of systems Russian actors targeted were NOT involved in vote tallying. Vote tallying systems have a lower cyber-risk profile than the other connected systems we rely upon to bring voters information and services.

Intelligence agencies agree these activities will intensify in scope and sophistication and could involve different actors and tactics.  Election officials are acutely aware that the systems we manage are targets for bad actors, foreign and domestic, just like many high-profile companies and other government agencies. A strong defense requires a coordinated response from all levels of government, the private sector, and you, the voters. Any attempt to disrupt and delegitimize elections is an affront to democracy and is not acceptable to anyone in the elections community.

Since DHS designated elections as critical infrastructure in January 2017, local, state, and federal officials have worked tirelessly – and collaboratively – to respond. In every state, we are working hard to increase our defenses, build new detection techniques and plan for and practice recovery from possible incidents. We have also engaged private sector partners, non-profits and universities to help protect our systems.

In October 2017, a Government Coordinating Council was formed to ensure federal information and resources reach state and local election officials. The Council convened again on February 15, 2018 in Washington D.C. and we, its Executive Committee members, represent our colleagues in the elections community. The Council marks the first of its kind collaboration between federal, state and local officials to secure elections. We are formalizing information sharing protocols to ensure timely and actionable threat information reaches all election officials so they can respond to threats as they emerge.

Our Council has guided the delivery of direct resources from DHS to support state and local election officials including onsite risk and vulnerability assessments, as well as a variety of other services and trainings to support election officials. While Council members and state election officials were in D.C., we participated in classified briefings given by FBI, DHS, and officials from the Office of the Director for National Intelligence. This was an important first step.

These efforts require a “whole of government approach” on investment. Upgrading technology and investing in staff with cyber expertise at the state and local level will carry a significant price tag and must be a continuous effort. This is a race with no finish line. Failing to invest will leave us less secure than we need to be, and increase the probability that aspects of the election process will face service disruptions that threaten electoral confidence. While not every federal or state bill professing to support elections security will be appropriate, and election officials are likely to disagree on plenty of policy particulars, we hope you will support the eventual investment.

For the last 18 months voters have been confronted with some true and troubling information, and your natural concerns have been intensified by the misreported information about election security.  The reality is that these stressful moments are not over, but voters don’t have to sit idly by and worry. Make your voices heard and your actions speak. You can help by continuing to participate in our democracy: vote, be poll workers and attend pre-election testing or post-election audits.  We run elections at the state and local level because this democracy is yours, and it requires your participation.

On behalf of our election colleagues around the country, we assure you that our eyes are wide open about potential threats and we are working every day on your behalf to make our elections secure.

The legitimacy of our leaders lies in the essential American belief that elections reflect the will of the people.  We are committed to our role as enablers and defenders of that trust. 

-Hon. Connie Lawson, Indiana Secretary of State, NASS President

-Mr. Judd Choate, Director of Elections, Colorado, NASED Immediate Past President

-Mr. Noah Praetz, Director of Elections, Cook County, Illinois, Election Center Representative

-Hon. Thomas Hicks, Chairman, U.S. Election Assistance Commission

-Hon. Robert Kolasky, Deputy Under Secretary (acting) for National Protection and Programs Directorate, U.S. Department of Homeland Security

There is a long road ahead to enhance the nation’s cybersecurity, and as the letter suggests, there will be bumps and bruises along the way. But it’s encouraging to know that the people who need to be talking to one another are – which means (as it always does when election officials come together) that common strategies to resist cyberthreats to the America’s voting system are on the way.

Have a great weekend, and stay tuned …