CISA outlines its role in helping states with election security
Connecting state and local government leaders
The Cybersecurity and Infrastructure Security Agency breaks down its coordination activities across four lines of effort: elections infrastructure, campaigns and political infrastructure, the American electorate and warning and response.
Officials from the Cybersecurity and Infrastructure Security Agency often describe their role in election security as helping to coordinate and advise the larger ecosystem of election stakeholders.
In a newly released strategic plan, the agency lays out its strategy for protecting the 2020 elections by largely leaning into that facilitator role, breaking down its coordination activities across four lines of effort: elections infrastructure, campaigns and political infrastructure, the American electorate and warning and response.
To help protect digital and physical elections infrastructure, such as voting machines, election software systems and polling places, CISA aims to complement the work of states and localities, vendors and others on the front lines of election administration, encouraging them to adopt better security practices through outreach and offers of federal resources.
CISA has "identified incident response and reporting as a capability gap" in its engagement with state and local governments, according to its released strategic plan. One tactic for closing that gap is a series of emergency response guide posters for polling places, election offices and storage facilities that offer step-by-step instructions on who local officials should contact when variables such as weather, a violent incident, fire or cybersecurity events cause a disruption during an election.
The agency has also deployed physical and cybersecurity advisors to different regions of the country who act as the primary points of contact between the federal government and election stakeholders, offering vulnerability assessments, penetration testing, phishing tests and incident response services upon request. Some members of Congress want CISA to go even further and have introduced legislation that would have the agency designate cybersecurity coordinators for all 50 states.
Bodies like the Multi-State Information Sharing and Analysis Center and Election Information Sharing and Analysis Center are also considered key arteries for quickly disseminating threat intelligence from the federal government to states and localities.
The agency's game plan for political campaigns is similar, offering services, testing and training to individual campaigns, joint briefings to campaigns on the latest threats and meeting with party organs like the Democratic and Republican National Committees.
CISA also launched a task force focused on countering foreign influence operations during the 2018 election cycle. However, that group was limited to mostly studying the issue, and agency leadership routinely deferred questions about operational activities to the FBI, which leads federal efforts on countering foreign influence.
Whereas a years-long and multi-pronged covert campaign by Russia dominated the 2016 election, intelligence officials and disinformation experts have warned that 2020 could be a more crowded affair, with countries like China, Iran, North Korea, Turkey and others waging their own campaigns online.
CISA's strategic plan is less ambitious, mostly outlining a continuation of previous research and educational efforts, like its "War on Pineapple" flyer for how to understand influence operations online.
In previous cycles, the agency has worked to prop up states and localities as the authoritative source of election night information for voters. Officials plan to repeat those efforts in 2020 while also acting as a switchboard to route concerns about disinformation campaigns targeting specific election jurisdictions.
A longer version of this article was first posted on FCW, a sibling site to GCN.