About the 2020 election. Welcome to Washington Post live. Im david ignatius, a columnist for the Washington Post, and its my pleasure to welcome christopher krebs, the former director of the cybersecurity and Infrastructure Security Agency at dhs, and it is fair to say, one of the heroes and protecting the security of our 2020 election. Welcome. Chris thank a lot. David lets begin with your story. You began preparing for a secure election back in february. And i remember talking with you in august for a column at a time when President Trump was warning about the danger of fraud because of mailin voting. You told me on the record interview back then this election would be slower to tabulate because of all the absentee votes, but it would be safe and secure. In august for a column at a time when President Trump was warning about the danger of fraud because of mailin voting. Took you told me in and on the record interview back then this election would be slower to tabulate because of all the absentee votes, but it would be safe and secure. I want to ask you, did you get any pushback from the white house back then . Unhappiness you were contradicting the president in effect . Chris let me frame this in terms of time and history. We have actually been preparing for we had been preparing for a secure 2020 election, frankly, since the day i walked in the door in 2017 at the department of Homeland Security. I didnt fully appreciate the level of work this was going to take and the amount of coordination back then, nor did i anticipate it would take up as much time, frankly, that it ultimately did, but this has been an effort three, 3 1 2 years in the making not just at cisa, the Cyber Security and Infrastructure Security Agency, but it was a whole of nation effort. That is a term that gets bandied about sometimes and looked down upon, but this was truly state and local governments out in front with the full National Security apparatus behind them supporting them, the department of defense, Intelligence Community, and Law Enforcement. As we rolled into 2020, also we dont we didnt january, february i dont think fully appreciated the complexities and challenges we would face principally from covid. So there was a dramatic shift starting in the primaries back in the spring across the country. Many of those shifts involved a greater uptick in voting by mail. What we did was take a hard look at, what are the additional security risks, the cyber and physical security risks, associated with voting by mail. We found that there was not a significant increase of risk. There was perhaps a transfer of risk because you had different parties involved, but there was no significant increase. The narrative, though, at the time was that it was that voting by mail could lead to additional fraud. That is an issue thats left to the Law Enforcement community, federal, state, and local. That was what we were hearing at the time, there was concern over fraud. When you put security and fraud up against each other, they are two different things. So there was a little bit of perhaps dissidents in the messaging. We stood by our security assessment. We didnt make any changes and kept our Information Available to our state and local partner. David dissidents is putting it mildly. It was pretty strong argument from the white house that fraud was a huge risk in this election. One of the innovations, chris, that you had at cisa was regular postings you called rumor control. There would be rumors about the dangers of fraud. The risks of mailin voting. You would put up the reality, as you say. You put the reality on top of the rumor. I have heard and written in the post that there was some effort by the white house to see if some of that content could be taken down. Tell us about that and how you managed to keep that Rumor Control Program intact. Chris the concept behind rumor added feature because we had been focusing, again over that 3 1 2 years, through a range of scenarios to harden and improve the Cyber Security of the systems. But there is a second aspect. We are not just doing the actual security improvement, we are also defending against whats known as a perception hack. Where an adversary, whatever origin, could say that a system was compromised or an insignificant event has a greater impact or implication than it does. Again, the concept behind rumor control was to get the facts out there on how systems work and how, for instance, Election Night reporting are not official results. So if you see changes in the amount of numbers posted, whether it was alleged massive dumps or whatever, it is not the actual votes themselves that are being adjusted. Its unofficial information. The ballots and figure the paper ballots continue on. So we were on a regular basis seeing disinformation and claims of improprieties or other things associated with the voting process on the security side. Not on the fraud side. We dipped our toe in the water on the fraud side to explain the security controls in place. These claims of dead voters, describe what states and locals use on signature verifications. They look at death records. They look at all those sorts of things. And Social Security numbers. Again it was more about getting , information out there on the security controls at all steps of the voting process before , during and after. To inoculate the American Voter into inoculate the American Voter part against the claims , that were emerging and claims that we frankly anticipated coming out. David is it fair chris, to say , that the president s repeated tweets, there must have been dozens of them, warning about fraud and mailin voting, amounted to a kind of perception hack in your words . Chris i certainly think that it without a lot of evidence some of the claims that we are hearing out there, whether its just from the fever swamp or from some of the advocates for the campaign they were not in , line with our understanding and state and local partners understanding about how these systems work and how the election machines, the equipment, the counting process, the campus process, the there is no single point of failure related to technology whether its software or hardware. But there are all these resilience measures in place. The best one out there is paper. Paper ballots. Talked about that all week. We just kept putting the facts out there. What i said is if you get pushback from anywhere else, im the senateconfirmed head of the agency. I approve the content that goes up. If there is anyone that has concerns with whats up there, they need to come talk to me. David and then, chris, we came to a decisive moment about 10 days after the election on november 14, the president was retweeting claims that a Company Called dominion Voting Systems had been involved in massive fraud. Your agency, obviously at your direction, issued a statement that was important. Im just briefly going to note it. That there is no evidence that any Voting System deleted or o lost votes, changed votes, or in any way compromised the outcome. That statement got you fired three days later. And i assume when you made that statement you knew that that was a possibility. Chris that statement was about yeah, i got fired five days and about three hours after that statement came out. It was released on the 12th of november. It was not me. It was not cisa as an agency releasing that statement. It was the Election Security community. It was the members of our Sector Coordinating Councils and our government coordinating councils, which is cisa speak for the groups that we pull together that we convene to ensure that these things are secure. It was the perspective of all involved at the state, local level, the private sector across the federal government, of what they had seen. And not just in that intervening nine days since november 3. That was our understanding of the facts on the ground going back years. We had been watching, we had been monitoring. We had the Intelligence Community out there looking for bad guys trying to do bad things and stopping them when they could. So that was a true sense of the community that we issued. It was important, i think, as those closest involved to the administration, the election, in securing the election, to put that statement in and some facts out there, again, to the American People. Now, i have said it before. Whether i thought i was going to get fired because of that statement, i dont know if it crossed my mind. I dont. It was the right thing to do. We needed to get information out there from the expert. David lets talk about some other heroes who stood up to pressure and did the right thing in protecting our Election Security. I would be interested in knowing who is on your list, chris. Certainly brad, the georgia secretary of state comes to mind for me. But you have been dealing with officials around the country. Maybe you could just give us a couple of snapshots of people you think served the country well in this period. Chris it is its a hard list to tick off right now. In part because there are tens of thousands, if not hundreds of thousands of americans that support the administration of elections. Yes, there are some leaders. Typically secretaries of state. I talked about all the folks that are in the swing states and are under the microscope right now. The secretary of pennsylvania. Secretary benson in michigan. Secretary hobs in arizona. The secretary of nevada. I made the point all strong women standing up. Putting country over party. And are ensuring this democratic process goes forward. I saw last night, gabe sterling in georgia, who was responsible for the election, the administration part, got up and he had a staff or contract staffer receiving Death Threats. I received Death Threats. A number of these officials have received Death Threats. To me its just there really arent good words to describe just how unamerican and undemocratic it is that the actual individuals that are responsible for the process of this most sacred Democratic Institution of elections are the ones getting the blowback here. Its chilling to me in two ways. First, we are actively undermining democracy. We are actively undermining confidence in the electoral process. Second piece is, second Chilling Effect is how the heck are we going to recruit election workers and Election Administration officials Going Forward if they think they are going to get Death Threats online and in person . This has got to stop. It has to stop. We have to let the professionals do their jobs. And its well beyond time for everyone on both sides of the political spectrum to call for an end and to call for this process or certification process and moving on into the next administration. David thats a powerful statement. As you know, joe has been identified as a member of the trump legal team, said on monday that he thought he should be taken out and shot. And then later said he only made the comment in jest. You said yesterday morning on the nbc today show that you were considering legal action after that comment. Tell us more about that. How can you protect yourself against threats like that, whether seemingly in jest or not, how do you go forward legally . Chris so i think the first thing is that in times like this, you find out who you your friends are and who is behind you. I have to thank everyone who has been so supportive. Just coming out of the woodwork. Its been universal, both sides of the aisle. Bigger than that, its the tech community. Always been incredibly supportive. I want to thank them directly now. As for my legal options, im not going to litigate this on tv in a parking lot somewhere. My lawyers will do the talking. Theyll do it in court. I got a lot of confidence. Theyre an outstanding team. They know how to win. Like i said yesterday, theyre going to be busy. David so attorney general barr said yesterday that, in his words, he has not seen fraud on a scale that could have affected a different outcome in the election. And a lot of us read that and wondered, ok, is that it . Is this over . Do we finally have enough of a consensus among Senior Administration officials, among republicans that we can say we are not heading toward a Successful Transition . What was your reaction to the barr statement . Chris thats his job to talk about fraud and to give a sense of what the temperature is out there. So it was consistent with my understanding, it was consistent with my conversations with the Law Enforcement community and the Election Officials across the country. So to me it was in some sense confirmation and affirmation of what we understood to be taking. Thats his job to talk about t i think its temporal. Its a sense of today or leading up to when he made that statement. If more evidence is out there, then folks will bring that forward and theyll investigate. But again, i think its consistent with everything that we thought about fraud for years and years. So i think its just a good, perhaps a coda of the controversies out there and we need to move forward. David speaking of barr, during the Election Campaign he made himself repeated statements about the dangers of fraud because of mailin voting. That cant have been helpful to your work of trying to control rumors and run an orderly election. Chris so again, i think its important to distinguish between Cyber Security and security and supply chain issues related with the administration of an election, particularly the technology involved, and fraud issues. Fraud is something that the Law Enforcement community. There were claims we thought were a little beyond belief. Printing out ballots and mailing them in from st. Petersburg or tehran or wherever. Again, this goes to something that we have been trying to reinforce over and over is the security controls in place at all points in that Technology Election administrators use technology to increase access to the ballot box. They use technology to increase accuracy of the results. They also understand, though, that technology cannot be a single point of failure. So there are controls at all, before, during, and after. What we saw down in georgia with paper where there is a hand recount, where the outcome was consistent to the machine count, is just evidence that the controls in place worked. David you were clear this morning in your article in the Washington Post about how important paper ballots and the redundancy of systems has been in providing us a reliable outcome. What if we hadnt had that and had these kinds of charges . Would we be in a much more precarious situation do you think without the additional systems . Chris david, dont put that evil on me. I dont want to even think about that. I think what we need to be doing now is thinking about the future and how we continue to invest in democracy. The key distinction here is in 2016, the numbers thrown around and they are based on both the Brennan Center as well as the center for election innovation and research, there was anywhere from 75 to 82 . I historically say 82 . Its hard to get that truth on what the real number is. Anywhere between 75 and 82 of the vote was cast in 2016 with a auditable, voterverifiable paper audit trail. We believe that number was on the order of about 95 for the 2020. To me what we need to be focusing on is how do we close out that last 5 . The trends are already there. The vendors arent selling those paperless systems anymore. The state of louisiana, how do we help them get over the hump here . How do we help texas and indiana and tennessee out of those systems . How do we help new jersey that has switched to mailin but has these system. Thats the real question. Congress needs to prioritize from a riskmanagement Grant Funding perspective just complete eradication and elimination of those systems across the country. David chris, lets talk about what we imagine the year ago would be the real threat to the integrity of our election and that was foreign interference. There had been relatively few reports of interference in the 2020 election by russia or iran. But you were the person who has the most knowledge about this. Were there moments when an adversary appeared to be getting inside our election systems where you had to scramble, as it were, to make sure it was protected . Chris so i wouldnt say that im the person that knows the most about this. I had a pretty good insight. Im not going to talk clearly about classified information here. But what we saw, what we planned for was a range of actors from russia, iran, china, north korea, and cyber criminals seeking to interfere with the election. So we had a pretty comprehensive set of scenarios we baseline against. Im the type that never gets comfortable. Always is thinking forward, forward. You could call it paranoid. But we had a range of scenarios. What we saw in the runup to the 2020 was actually a fairly quiet election point of interference landscape. That could be due to any number of reasons. I think part of it is that we had almost four years to prep. The last administration had about four months. And prep, you cant buy that time. You cant really find any other substitute. So we had more visibility. We were looking over there. We were hardening systems here. But we did see iran try to make a play in mid to late october. You may recall those emails that were purportedly from the proud boys. They did some scanning and got some state election websites to spit out some data. We were really trying to get ahead of that, put information out there to the American People through rumor control that if you see voter information out there, its not always because the system was hacked. Now, the other aspect of this is we did see russia over the course of the late fall make they were undertaking really broad scanning campaign. Thats what russia does. So this wasnt just elections. It was state, local, private sector, federal government agencies. Just out of an abundance of transparency and out of an abundance of caution where we did see them land in two voter election systems for election, election information, not the Voting Systems themselves, we felt that it was important to disclose that and share that with the American People. That was a much, much broader russian Cyber Campaign and scanning campaign thats as far as i can tell still under way. David so lets talk about how to build Greater Trust in this system Going Forward. You had a lot of success. As you said, this was the most secure election in our history, in your words. But even so, polls show as many as 80 of republicans think that fraud was involved, and one poll said only 29 of republicans believe that joe biden was fairly elected. And so i want to ask you, you describe yourself as a lifelong republican, how do we get those 80 of republicans to have more confidence in the system . Chris so this is challenging, right . There are a couple of different aspects to this. Three at least. One is that we need both parties to just cut it out and come clean and acknowledge that this was a legitimate election. We need to move forward. The second thing i think we need to do is continue to invest in democracy. We need to have more Grant Funding going out there on a consistent basis. To both retire the old systems and invest in more modern technology and upgrades. Then we also need to be able to incentivize innovation. That includes more postelection audits. Its those sorts of things, more paper, more postelection audits, that give transparency and an evidencebased approach to elections. Then the third thing is that, you know what, its unfortunate but i dont feel as if americans really think much about elections and how they happen. Other than every four years, maybe every two years. So Civic Education has to get back on the books. We have to get more folks, and we have to make it easier to access how elections work. Again, we talked about it all throughout the election. Its trusted info 2020. That was the campaign the secretaries of state and secretaries of the state election directors launched. If you want to know more about elections, reach out to your local elections david what would be your brief advice to the incoming administration, president elect biden, and to the person that he has chosen as his head of Homeland Security in terms of thinking about Election Security, and then the Broader Mission of Cyber Security that your agency was charged with overseeing. What would you like to see them do . Chris continue the vision. First secretary nominee, is fantastic. A great pick. We have to continue investing in publicprivate partnerships. Thats also one of those bureaucratic terms. Im telling you, what we did for Election Security across the entire interagency with the Intelligence Community, the Law Enforcement community, the department of defense with the civilian agencies, and our state and local partners, we cracked the code. We figured out how to truly Work Together from a cybersecurity perspective. We found the holy grail in information sharing. Thats another bureaucratic term in d. C. , but on election day, a state reported to us that they were seeing some scanning trying to exploit a vulnerable system. The state was able to knock it down. But they reported that to us. We passed that over to one of our federal partners. They did what they do. Thats never happened like that. Defense in near realtime. We need to break that down. The successes, whatever we caught, lightning in a bottle. Then replicate it. We are doing it right now, or they are doing it right now for operation warp speed in the vaccine development. This can work. Collective defense is a concept and in practice can work. We have to continue to invest in that. Balance defense and offense investment. David were you satisfied, chris, with the performance of the social media platforms, twitter, facebook . Do you think they behaved in a responsible way that added to the security and safety of the election . Chris in terms of what we saw certainly from a foreign interference perspective, i think that social media platforms deserve a lot of credit. And the proof is not just in the things i say, but you look in the behavior of the adversary. The behavior of the adversary changed. It evolved. They had to ditch their old techniques and tools and sent things offshore because the friction, the deep activities that the socials did. I think they deserve a lot of credit for upping their game. Our Intelligence Community partners and Law Enforcement also, we when you make the adversary change their behavior and change their tactics, that tells you that somethings worked. Did we completely cut it out . No. But they were not as successful as they had been previously. So yes, they deserve i believe they deserve better. David we have talked, chris, throughout this halfhour about the importance of putting country ahead of party, and the way that you and cisa were able to form a task force that spread across all the different states and all the Different Party officials involved. So an obvious question for me is, if you were asked by the next administration headed by a democratic president to return to dhs or serve in some other capacity, would you consider doing that . Chris well, anytime you get asked by the leader of the free world to come in and take on an important role, you have to give it all due consideration. There are a series of other responsibilities i have to balance out, including a family. So its there will be a series of considerations and conversations that would have to happen around that. Im just im just so proud of the cisa team. Im proud of the fact that we are maybe a household name right now, and for a good reason, for the right reasons. Usually when you hear about cisa its about something bad happened. I couldnt be prouder of that team. They just they have done such a great job over the last several years. And theres a really Bright Future ahead for them. David and do you think that Congress Needs to consider new legislation that gives additional powers to overseas cybersecurity, infrastructure security . Youll remember, as i do, the Cybersecurity Solarium Commission that issued a report back in march calling for significantly greater powers for cisa. Is that a good idea . Should Congress Take that up . Chris absolutely. And they already have. If you look at the National Defense authorization act, there are several pieces, provisions in there that would give cisa additional authorities for the right reasons. Including Additional Partnership authorities in coordination authorities across the federal government. The ndaa this year is National Defense authorization act, is a mustpass. Not just for cisa, but the entire National Security community. It must pass. David a final question for you. Im sure its one thats shared by many of our viewers. A lot of us feel we have lived through a lot of high anxiety surrounding our elections. Almost constant challenges. And im wondering, as we think back on this, whether one of our protections was that our system is decentralized. That there is no ability for the white house or the executive branch to completely dominate the process by which elections are administered. You did your part in coordinating a task force. Are we lucky that we have a federal system that we sometimes complain about . Chris im not sure i chalk it up to luck. I chalk it up to the founders and federalism. We are built the states out there that do administer most of what happens in this country. I think its a good reminder right now of why it was designed that way. Thankful its designed that way. It should not be that an incumbent could put their thumb on the scale from an administration perspective. So, again, i couldnt be more honored to have worked with all the secretaries of state and Election Officials out there. They are the heroes right now. They are the heroes of democracy. And i look forward to working with them in the future. David chris krebs, thank you for talking with us. Thank you for what you have been doing to help keep our elections safe and secure. Thats all the time we have for our conversation today. Join us tomorrow at 9 00 a. M. For first look. My colleague, jonathan, will talk with post columnist Dana Millbank and Kathleen Parker about the latest political headlines. Again, thanks to chris krebs. Im david ignatius. Thanks for watching Washington Post monday night on the communicators, chief policy officer for parlor, amy peacock. It is the best approach when youre talking about hate speech, socalled misinformation, anything else to address those problems with more speech. Not with any types of content restrictions. Watch the communicators monday night at can qu8 eastern on cspan 2. 8 00 eastern on cspan 2. Im pleased to be leading our next session of full summit agenda and bios of her speakers are available at aspen institute. Org. I would like to thank them for helping organize these conversations and let us talk with a great and diverse set of speake t