With the 2020 national election cycle on the horizon, House Homeland Security Committee Chairman Bennie Thompson, D-Miss., convened a hearing Wednesday to examine how the United States was working to secure its elections, and despite some partisan squabbling from members over the issue, a senior Homeland Security Department (DHS) official testified that election security is on the upswing.
The hearing began with both Thompson and Rep. Mike Rogers, R-Ala., ranking member of the committee, asserting that the other party wasn’t doing enough to secure U.S. elections.
“Election security is a national security issue that must transcend party politics, because it requires a unified effort to protect America’s elections,” Thompson said in his opening statement. “Unfortunately, this hearing is long overdue. During the 115th Congress, the Republican Majority spent much of its time ignoring the intelligence and refusing to acknowledge the threat to our democracy.”
In return, Rogers took aim at House Democrats’ election security legislation, H.R. 1, during his opening statement.
“As it stands, much of H.R. 1’s 570 pages appear to be a political exercise” he said. “That is why I am very disappointed that election security, an issue where we had an opportunity to work together to move bipartisan legislation, has gotten caught up in this partisan political power grab. I hope when H.R. 1 does not advance in the Senate, we can revisit the issue of election security in a bipartisan manner.”
But Christopher Krebs, director of the newly minted Cybersecurity and Infrastructure Security Agency (CISA) at DHS, emphasized security gains since the 2016 elections. He said the U.S. is “light years ahead of where we were in 2016,” both in terms of actual election security, and collaboration between Federal agencies and other levels of government.
In defense of his optimism, Krebs pointed to the 2018 midterm elections as proof of success for the model DHS has been using.
“Leading up to the 2018 midterms, DHS worked hand in hand with Federal partners, state, and local election officials, and private sector vendors to provide them with information and capabilities to enable them to better defend their infrastructure,” he said. “This partnership led to a successful model that we aim to continue and improve upon in the 2020 election cycle.”
In his testimony, Krebs stressed the work CISA has done to promote collaboration, and the work DHS and the Election Assistance Commission (EAC) have done to enable sharing of best practices. He also cited the work DHS and EAC have done with election vendors to “launch an industry-led Sector Coordinating Council (SCC), a self-organized, self-run, and self-governed council with leadership designated by sector membership.”
Looking towards the 2020 election season, Krebs said that “DHS will continue to prioritize elections by broadening the reach and depth of information sharing and assistance that we are providing to state and local election officials, and continuing to share information on threats and mitigation tactics.”
And he said DHS’s goals for the upcoming election season include “improving the efficiency and effectiveness of election audits, continued incentivizing the patching of election systems, and working with the National Institute of Standards and Technology (NIST) and the states to develop cybersecurity profiles utilizing the NIST Cybersecurity Framework for Improving Critical Infrastructure.”
Thompson asked Thomas Hicks, chair of the EAC, if he had any supply chain concerns with election technology that originates from overseas. While Hicks acknowledged concerns, he stressed he has “very little concern overall” about technology coming from abroad since the technology is tested and verified in U.S.-based labs. Krebs concurred with Thomas’ assessment.
Rep. Kathleen Rice, D-N.Y., brought up the 2016 election cycle that was marred by cyberattacks, saying that the Democratic National Committee (DNC), which was hacked by Russian-backed parties, had worked to strengthen its cybersecurity posture.
Rice stressed that the DNC undertook that action alone, without assistance from CISA or DHS, and questioned Krebs as to why more collaboration wasn’t taking place.
Krebs stressed that DHS and CISA are working with both political parties, but did acknowledge that more collaboration could take place. He also invited committee members–and presumably the rest of Congress–to reach out to his office as they kick off another election cycle and invited all of them to work with DHS and CISA.
Krebs also stressed that election security does come cheap or easy.
“It will take significant and continual investment to ensure that election systems across the nation are upgraded and secure, with vulnerable systems retired,” Krebs concluded. “These efforts require a whole of government approach.”