Election security

Sec. Kirstjen M. Nielsen Remarks to the National Election Security Summit: As Prepared for Delivery

@drawandstrike @ThomasWictor @HNIJohnMiller @catesduane @rising_serpent @_ImperatorRex_ @Debradelai @GodlessNZ @almostjingo @TheChillum

dhs.gov/news/2018/09/1…

Introduction

Thank you Sec Ashcroft for that kind introduction. I’m glad to be here in Missouri and eager to spend some time with all of you today.

I’d like to begin by noting that tomorrow marks an important anniversary in our country’s history—the attacks on Sept 11th, 2001.

Nearly 3,000 innocent people died that day, making it the deadliest terrorist attack to ever occur on American soil. In the days following the attack, our fear and incredulity were replaced by defiance and determination.

From that day came a renewed commitment to protect our country, and it fundamentally changed the way our nation views security.

In the days after 9/11, President Bush established the precursor to my Department—the Office of Homeland Security, which was focused solely on terrorism prevention. That office grew into a Department, and today that Department is charged with protecting Americans from threats...

as diverse as nation state cyber attacks against our infrastructure to transnational criminal syndicates trafficking people and weapons to lone wolf terrorists attempting to kill with whatever weapons they can find.

I’ve spent a lot of time recently reflecting on how DHS has grown and changed over the past 17 years.

As we work each day to safeguard the American people, we continue to keep our eyes on the horizon, looking for whatever that threat of tomorrow may be, and preparing ourselves to fight against it.

In the past two years, election security has emerged as one of the principal national security threats facing our nation, and that shift has made your jobs much more complicated.

Roadmap

Today, I am glad to be here to assure you that my Department continues to stand ready to assist you in protecting our election systems, and to highlight some of the services we offer.
Reflecting on 2016

But before we get too deep into how we are protecting America’s elections, I want to back up and talk a little bit about why this became such an important issue.

During the 2016 elections, the Russian government made a brazen attempt to interfere with our elections and suddenly, the work of those of you in this room was thrust into the spotlight.

The American people demanded answers, and they demanded action. They wanted to know exactly what happened, and what we were going to do to make sure it doesn’t happen again.

So let’s cover the facts: we have no evidence that votes were altered, plain and simple.

What we did see, though, is without question concerning: Russian government cyber actors seeking vulnerabilities and access to U.S. election infrastructure.

We assume Russia’s campaign targeted all fifty states, but in almost all cases, only preparatory activity, such as scanning or basic research, was observed. In an exceptionally small number of cases, actors were able to access the system.

But, as I have said, ANY attempt to interfere with our elections—successful or unsuccessful—is a direct attack on our democracy, and it is unacceptable.

We learned a lot of valuable lessons in 2016, and I’m glad to report that we are miles from where we were then.

Collectively, we have devoted thousands of hours to reducing risks and remediating vulnerabilities in our election infrastructure.

The progress we have made is real, and the nation’s elections are more resilient today because of the work we are all doing.

But to be frank—a great deal of work remains. The threat is still present, and we must remain committed to securing our democracy.

While we have seen no attempt that matches the scale of that which we saw in 2016, the threats against our election systems are real and evolving.

t is incumbent on all of us to work together to continue to increase the security and resilience of the process.

DHS Role

As I have reiterated and time and time again—election security is national security. Elections are the heart of our democracy, and they require fierce protection.

That’s why in 2017, DHS designated our election infrastructure systems as critical infrastructure. While this created no new rules or regulations, it allowed us to prioritize support to you—the operators—just as we would with any other critical infrastructure sector.

The election systems, processes and procedures vary greatly across states and even counties. Just as there is no one correct way to run an election in America, there is no one-size-fits-all solution when it comes to securing an election.

Each state—and even county—must develop a tailored approach based on what works best for their systems, and their voters. That’s why you are the ones in charge—you know what works best for your communities.

Protecting an election from the Russian government wasn’t originally part of your mission or mine, but it is the challenge before all of us now.

What We Offer

I am not here to tell you how to do your jobs. You are the experts. I am here to assure you that my Department is here to help. We want to ensure that you, your staff, & other officials in your states have the necessary information and support to assess your risks,

mitigate vulnerabilities, respond to incidents, and build resilience into your systems.

This includes offering no-cost technical assistance, such as cyber hygiene service for internet-facing systems, and risk and vulnerability assessments.

We can also help to ensure your voter registration databases are securely configured to prevent unauthorized access to data.

These services can be force multipliers for you—helping to identify risks or vulnerabilities so you can quickly act to mitigate them.

Many of you have already taken advantage of the full range of these services, and for those who haven’t, I highly encourage you to do so.

In addition, as we gain new insights into potential adversaries and their efforts, we are committed to providing you the government’s best available intelligence. We want to make sure you are aware of potential threats—either against your state or others—as soon as possible.

As part of that effort, we have been working to provide state elections officials with security clearances. We have developed procedures to do one-day read-ins and we are working with the Intelligence Community to downgrade information.

In 2016, there was not a clear process or hub for critical information sharing with election stakeholders to take place.

Together, we have worked together to set up an Election Infrastructure Information Sharing and Analysis Center.

This center is providing you and other election officials with timely and actionable information to help protect your systems.

I am proud to say that all 50 states and over 1000 local jurisdictions have joined as members and are receiving this important information—making it the fastest growing ISAC in history—a testament to the commitment of election officials nationwide.

This prioritization of highly tailored information is the same model used by other critical infrastructure sectors and is a tried and tested way of making information sharing actionable.

In addition, thanks to your partnership, we have more than quadrupled our awareness into election infrastructure via our Albert monitoring system. These monitors allow DHS to receive real time data flows from election networks to alert on possible incidents,

and provide tailored information sharing across the sector. To date, we have 94 sensors deployed across our election infrastructure.

To put that number in perspective, by the midterms, more than 90 percent of registered voters will live in an area where Albert sensors are deployed on their election infrastructure.

But our help goes beyond mitigating your risks and preparing for potential attacks—we are here to support you in the event that an incident does occur.

I encourage election officials to report suspected malicious activity and—if requested—we are able to provide assistance in identifying solutions.

No piece of information is too small to help us better understand the risks and share information across the sector.

The info you share with us becomes part of a larger picture, and is critical to helping us understand the threat environment, and develop new ways to support you.

This coordination allows DHS to share information relevant to all election infrastructure operators quickly to help others guard against similar threats.

In sum, whether it’s offering no-cost, voluntary, technical assistance or sharing best practices for securing your IT systems, or providing technical advice on ransomware and destructive malware, our Department stands ready to provide tailored support based on YOUR requirements.

Election security is not a one man sport: it requires communication and cooperation, and we must leverage the capabilities of our teammates.

If you have any questions about the services offered by DHS, please do not hesitate to reach out to Matt Masterson, who is here with me today.

Call to Action

While I am proud of the work that has already been done, and encouraged by growing collaboration, our work is far from over.

I want to ask for your assistance in three areas:

First, continue to get prepared and protected. Don’t underestimate the abilities of our adversaries. And don’t assume you won’t be affected by the next attempt. I assure you, they learn and get better.

Whether you seek assistance from DHS, private sector partners, or other state agencies—utilize the resources available to you.

None of us should assume that we can withstand a nation-state attack on our own. Let’s continue to work together to protect America’s election systems.

Second, raise awareness with your partners and constituents. Over the last year we have established relationships and built trust with election officials across this country. But we can do more to get city and county officials prepared for the potential risks they face.

They are truly on the front lines, and we need your help to ensure that every jurisdiction has access to information and best practices, and knows who to call when they see a problem.

You’ve heard about our Last Mile Initiative – I encourage you to take us up on this service and expand our reach into each and every county and locality.

As importantly, inform the citizens of your states about the work you are doing. The more they understand what you are doing to secure election systems, the more confidence they will have in our elections.

Finally, build redundancy and resilience into your systems. Our elections are too important for single points of failure. We must have the ability to assure the American public that even if a disruption occurs, the results of the election are beyond question.

This means thoughtfully upgrading technology, knowing your vendors and ensuring that they are reliable and secure, and having the right personnel to bring it all together.

In that spirit, last month, I called on all election officials to ensure that every American votes on a verifiable and auditable ballot by the 2020 election.

This is an essential step in giving the American people the confidence that their votes were counted, were counted correctly and that their voices were heard.

CISA

Before I conclude, I wanted to touch on an important, related topic—a challenge to the Department’s ability to operate optimally as we work to stay ahead of threats against our elections.

The National Protection and Programs Directorate—or NPPD—sits on the front lines in defending against rapidly evolving cyber threats against our critical infrastructure sectors. It leads the national effort to coordinate efforts across all 16 critical infrastructure sectors,

is responsible for securing the .gov domain, and is home to the main civilian government interface for the sharing of threat information between the public and private sectors.

But NPPD is not named or organized in a way that allows us to confront the threats of today, and it’s time for a change.

If it were up to me, those changes would have been made on my first day on the job, but the responsibility lies with Congress.

The proposed reorganization would create the Cybersecurity and Infrastructure Security Agency, also known as CISA. Not only would this rebrand what is arguably one of the hardest agency names currently to remember,

it would also realign its structure to reflect the core cybersecurity and infrastructure resilience mission it exercises.

The opportunity to finally enact CISA into law could not come at a more critical moment for our country’s cybersecurity posture. Heightened aggression from cyber adversaries—including hostile nation states—is only accelerating in volume and sophistication.

Let me be clear: we need CISA urgently.

A strong bi-partisan effort remains underway in both the Senate and House to create the Cybersecurity and Infrastructure Security Agency, and I appreciate the efforts by HSGAC Chairman Johnson and Ranking Member McCaskill,

and House Homeland Committee Chairman McCaul and Ranking Member Thompson to put us in a position to make it a reality. I am asking for their continued leadership to get the bill all the way through to the President’s desk.

In addition to Senator McCaskill, the state of Missouri has several strong leaders when it comes to election security. Secretary Ashcroft and Senator Blunt have been great partners working with DHS to protect our election infrastructure and...

we appreciate their continued efforts as we head into the midterm election. Senator Blunt is serving in a critical election security role as Chairman of the Rules and Administration Committee, which is responsible for any elections-related legislation in the Senate.

Closing

I want to close by noting that this is different than any threat we’ve seen before, because our democracy itself is in the crosshairs. We must work together and leave no stone unturned as we work to protect it.

And we are working with our partners throughout the Admin. to hold cyber attackers accountable. The U.S. has a full spectrum of options – some seen, others unseen – & we are already using them to call out cyber adversaries to punish them & to deter future digital hostility.

We are in this fight with you, and we are here to support you. You are the ones on the front lines, and I want to thank you for the important work you do every day.

By empowering you with valuable information and assistance, we are creating a more resilient election system.

Thank you for the opportunity to join you today. I look forward to continuing our work together to defend our elections.