Key National Challenges. In 2020, one of the Biggest National challenges we face is to hold the National ChallengeNational Selection during the covid19 pandemic. Today, we are honored to host leading experts from the national and intergovernmental community that protects state and local government Information Systems. First, well hear from jeffrey hale, the director of the Election Security initiative at the department of Homeland Security. He will be followed by a discussion including questions from the audience. Please feel free to use the chat function here on zoom to ask questions. After that, the second half of our program will feature a discussion with representatives of associations of discussions on leaders. Lindsay forson, with National Association of secretaries of state. And Maggie Brunner, a director for Homeland Security at the National Governors association. First, its really terrific to have an opportunity to hear from jeffrey and the department of Homeland Security. Since the summer of 2016, d. H. S. Has been leading a national Nonpartisan Initiative to support state and local governments and securing their election systems what which are a part of the nations critical infrastructure. Jeff is the director and the senior official at the Cyber Security and infrastructure security at the department. The Election Security initiative is a d. H. S. Led interagency body charged with coordinating federal support for the community. Jeff is experienced in Cyber Operations planner. Hes a graduate of the university of virginia and earned his masters degree in Systems Engineering from George Washington university. Jeff, thank you very much for joining us. Jeff thank you for having me. Good afternoon, all. Im here in arlington, virginia where the Cyber Security and Infrastructure Security Agency is located. We have were previously known as nppd, the National Protections and programs directat. And that name didnt tell anyone what our jobs job was. But its been quite a journey to o from nppd and go to Election Security. I would have to say in 2016, we were certainly caught off guard. We hadnt made the same inroads with the Election Community that we focused on over the last four years, working with individuals at the National Association of state election directors and the National Governors association. Over that time, weve focused on finding our mission, which to is is to provide advice to election stakeholders. So we focus on helping election state holder to identify and then detect manage and mitigate risk to their representative system. And its important to recognize at we see the election state holders. Not only the Election Officials that managed Voter Registration data bases and the vendors that support them, that community that we call election infrastructure. But we engage with partisan organizations, campaigns and the of torate as our third line effort. We structure our work accordingly. In early 2017, our support to election infrastructure was more formalized by declaring that sector part of i critical infrastructure. We could do a lot better of a job to explain what that meant. But because it wasnt very a popular decision at the time. And i hope over the course of the years, that they seen that d. H. S. Is present that that Cyber Security and infrastructure security is present in Election Security is really a supporting function, helping to provide the information and Vulnerability Management systems to manage risk to their system. To do so, weve tried to establish an information sharing environment really focused. Ound the ei, its what stood up in 2018. And then since that time has expanded to all 50 states as has more than 200 or 2,500 local jurisdictions. Theyve deployed intrusion for the purpose of helping to understand what type of traffic is targeting election infrastructure across the state. So its really been a rapid evolution of the of the information sharing of the communal defense in this sector. Weve weve been able to take some of the best practices learned from doing this type of support for other critical infrastructures sectors and apply it to our support to an infrastructure sector. Thats a little different when we support the partisan organizations, campaigns and the party committees, which we have the same Vulnerability Management services. But they represent such a different use of infrastructure. Often, its entirely manage Service Providors or distributed system with no Central Security service. O it is very much about the practices of the individual of Security Awareness. Understanding threats and vulnerabilities as opposed to the election infrom struck chumplete our third line is that Stakeholder Group the electorate. And then, how do we recognize the risk of them being targeted. So we have we think of it as the f. B. I. , the Intelligence Community focuses on stopping bad actors from producing miss and disinformation and targeting the public. We focus on the other side of the equation trying to make the electorate a more resilient electorate to the activity of the misinformation actors, so that they can be more critical consumers of information and s of anagement risk Information Operation that way. We had a successful launch about this time last year. Trying to explain the tax system techniques. We called it the war on pineapple. And used the divisive issue of pineapple on pizza, to explore that nations go through in accepting an Information Operations campaign. And so were very pleased with that update. It actually became the pineapple became a bit of a mass scott for our agency. We have additional products that are focusing on individual steps one can take to reduce their exposure and the likelihood of sharing and spreading disinformation on any particular going to, not just selection. Thank you, guys for having me. And i look forward to your questions. Thank you, jeffrey, one question i know is on everyones mind is how the Current Situation that were living in with this pandemic. And changing that the nation faces in terms of preparing for a meeting in these unique circumstances. 2020 wasnt going to be challenging enough. We had to throw in a pandemic in there. Our job is to support the states and their decisions on how to manage elections. So some have expanded the use of mailin voting. Others are making decisions to centralize voting location and operate. Weve seen the pandemic apply pressure in certain areas, the illingness of some coworkers. Oftentimes there are individuals , many coworkers are at an age thats susceptible to the virus. In taking steps for them to have the appropriate Operational Support to run and management the election while main taking the health and safety of the community. Weve been able to work with the u. S. Election assistance commission. To work with Election Officials our Government Coordinating Council to produce a series of best practices for both inperson voting under this these conditions and then expansion of mailin voting. We dont view infrastructure being used. Of systems, it is essential to understand how you manage and mitigate risks. Host in terms of the confidence of the voting public absentee balloting has been around for quite some time, but now we are moving to this unique circumstance with potentially a majority of people using the systems which many are not fully confident with having past experience using. How does that affect the trust in the election and the potential risk for adversaries to potentially exploit that lack of knowledge . Certainly communicating any changes with the electorate to the voting administrative process. To what they can expect in an increased mail scenario. That is essential. One of our guidance documents really supports this and it communicates to the public because much like Security Awareness it is essential for security, just like voting awareness and the shift from the administrative expectation is essential for officials to communicate with stakeholders. As you said, some states have been doing all mail in election since i believe the brennan 2000. Center cited in 2018 more than a quarter of ballots returned were by mail. In pockets across the country, there are there is very strong familiarity with the process and security of these mail in approach. Educating the rest of the country on how that is administered under a short timeline is essential. Host another question i have is how has the cybersecurity landscape changed . Secretary johnson august of 2016 statement about potential threats. How do you see the landscape evolving . Particularly in the past year weve seen a ransom ware attacks. Where do you see the biggest risks to cyber election infrastructure . Anything connected to the internet is going to face that lowlevel cyber activity you see all of the time. We have seen an evolution of the information sharing across the sector from one that did not really exist as a unified Security Community to one thats fully embraced not just incident reporting, but activity reporting. This awareness increases the cognizance we have that we can detect every tremor affecting the election infrastructure sector. Know18, we did not even who the state chief election officer was in each state. As ahas been an evolution national Security Community that did not exist prior. We have a question here in the chat. Would it make your job easier to have a strong clear warning about internet voting echoing your warning . I have been very pleased by the response to our Risk Management guidance for electronic ballot delivery marking and return. The short of it is there are can expedite the process of getting a ballot out to necessary communities. But we highly recommend returning a paper ballot and not using electronic return because we do not see those risks as being manageable with current technology. I do not have any expectations for the statement to be echoed by anyone else. We had eac mist and the fbi coauthor on the purpose of that document is for communities like them, they are consumers and they can do what they want. We been very thrilled with that partnership. Host another question that has been shared with me involves some of the experience with primaries over the last few months. Some states and cities, there have been reports of long lines, voters waiting up to five hours to be able to vote. When you are talking with election directors and stakeholders, what has been your ,iew of that challenge securityrelated risks, thinking also about protecting physical security . What are you learning . A fascinating space. We have got to the point operational risks to operate the , election to conduct the election is superseding what i had focused on for the last four years, cyber risk and infrastructure risk. There is a need for more and healthy poll workers. Some estimates say theres a million more poll workers needed to conduct the election in november. There is a need for certainty around polling location. Once you have those type of Resources Available, you can use Operations Research to plan out how long your lines will be. But frankly in some recent elections and in forthcoming elections you are centralizing voting locations, Voting Centers in this manner. Its going to end up with long lines if you dont have the other resources to check people in, to get them their appropriate ballots, to usher them through trade honestly that and honestly that operational element is one area Election Officials need the support of americans as much as anything else. Some of our attendees today may be new to learning about this. Can you talk about the various services that are provided to state and local government including the Albert Sensor program . How has that been perceived and what is the prospect of utilizing that type of tool and other tools developing over the next five months . Absolutely. The cybersecurity and Infrastructure Security Agency supports the security of Infrastructure Partners and the federal government for more than just the election infrastructure sector. We have taken best practices we have learned across support to the financial sector, the chemical sector, and tried to apply them here. ,ll the services that existed these are things like vulnerability scanning, Risk Assessments, penetration testing. We have evolved some of these to allow more scalable remote beenities, which has essential considering we are not all operating in a dispersed environment during this pandemic. A lot of the Vulnerability Management are how we start to understand what is really impacting the sector and where we can make the most gains. We focus on identifying trends across those findings and producing trainings, exercising with them. We have done three National Level exercises for the election infrastructure community. We also do individual state or vendor exercises, the national exercisers have more than 44 states in each instance , in some cases thousands of locals participating from their location, and those are about how you identify, how to detect, how to report them appropriately, how to get the federal government involved, their chief Election Officials involved, so nothing goes unnoticed. These are the type of things we evolve from a to onetoone understanding to have to do something more mature where we get a robust understanding of the activities of this community. At the Lincoln Network, we interested inty finding ways to make a contribution to support improving the security of the election systems. Can you talk to some of the ways , open source communities . With the Technology Community and open source communities . I describe the three Stakeholder Groups we support. What has been essential underlying all of that has been a network of technologists, the Intelligence Community, of vendors, of cybersecurity experts, to provide an indicator and warming warning primer and response across all of this. It is not just an activity where we have evolved our understanding. Take threat able to vendors particular insight and inform the states particular awareness. Really being able to have a collective defense mentality and bring these communities together for the benefit of the sector that has been essential. It did not exist in 2016 or 2017. Director gave us the charge to improve warning communityse for this and there has been a collective response. To your example of pineapple pizza and looking at issues that are very divisive, at the highest level of National Politics right now the issue of absentee voting and voting by mail is becoming very divisive. It is at the front and center of the current president ial campaign. Can you talk about how or whether you see adversaries exploiting that division, what the public can do about it . It is important to support Election Officials and their decisions on how to administer elections and help them amplify their voice their particular decision. If there is an expansion of a vote by mail or the deadlines, how does that impact reporting . The necessary and critical information out there so that the appetite for misinformation is reduced. This is why we work very closely with local Election Officials to help amplify the trusted voices, the trustly through in Voice Initiative in order to ensure the correct voice is loudest here. Host thank you we have a question hear from the audience from jennifer. What are the open questions most need additional Technical Research to get, what kind of tools documents other resources from the Industrial Research community would be . Would be most helpful to improve Election Security . Guest thats a great question. One of the areas the next decade of security will be defined by is