Today, Secretary of Homeland Security Jeh Johnson hosted a phone call with members of the National Association of Secretaries of State (NASS) and other Chief Election Officials to discuss the cybersecurity of the election infrastructure. It is critically important to continue to work to ensure the security and resilience of our electoral infrastructure, particularly as the risk environment evolves. Representatives from the U.S. Election Assistance Commission, the Department of Commerce’s National Institute for Standards and Technology (NIST), and the Department of Justice (DOJ) also participated in the call.
During today’s call, Secretary Johnson offered assistance in helping state officials manage risks to voting systems in each state’s jurisdiction. While DHS is not aware of any specific or credible cybersecurity threats relating to the upcoming general election systems, Secretary Johnson reiterated that DHS, the Election Assistance Commission, NIST, and DOJ are available to offer support and assistance in protecting against cyber attacks. He also recognized the important work already being done in the states to ensure the integrity and security of the nation’s elections. Secretary Johnson further emphasized that DHS is exploring all ways to deliver more support to the sector in a collaborative and non-prescriptive manner, and would be examining whether designating certain electoral systems as critical infrastructure would be an effective way to offer this support.
As part of the ongoing effort, the Secretary also announced that DHS is convening a Voting Infrastructure Cybersecurity Action Campaign with experts from all levels of government and the private sector to raise awareness of cybersecurity risks potentially affecting voting infrastructure and promote the security and resilience of the electoral process. Representatives of the National Association of Secretaries of State were invited to join this group to provide their expertise and input.
Secretary Johnson encouraged state officials to focus on implementing existing recommendations from NIST and the EAC on securing election infrastructure, such as ensuring that electronic voting machines are not connected to the internet while voting is taking place.
Secretary Johnson offered the assistance of the Department’s National Cybersecurity and Communications Integration Center (NCCIC) to conduct vulnerability scans, provide actionable information, and access to other tools and resources for improving cybersecurity.