Last week, the National Association of Secretaries of State (“NASS”) appointed four secretaries of state to the Department of Homeland Security’s (“DHS”) Election Infrastructure Cybersecurity Working Group (“Working Group”).  The secretaries of state include Denise Merrill of Connecticut (NASS President), Connie Lawson of Indiana (NASS President-elect), Alex Padilla of California (NASS Elections Committee Co-Chair), and Brian Kemp of Georgia (NASS Committee Co-Chair).  

As part of DHS’ newly convened Voting Infrastructure Cybersecurity Action Campaign (“Cybersecurity Campaign”), the Working Group is tasked with helping states manage cybersecurity risks to election and voting systems. 

DHS Secretary Jeh Johnson announced the Cybersecurity Campaign during an August 15 conference call to discuss election cybersecurity with members of NASS and other state election officials.  Through the Cybersecurity Campaign, DHS intends to bring together experts from all levels of government and the private sector to raise awareness of potential cybersecurity threats affecting voting infrastructure, as well as to promote security of the electoral process.  The U.S. Election Assistance Commission (“EAC”), the U.S. Department of Commerce’s National Institute of Standards and Technology (“NIST”), and the U.S. Department of Justice (“DOJ”) will also participate in the Cybersecurity Campaign.  During the call, DHS Secretary Johnson invited NASS members to join the Working Group to provide their input and expertise.  

The DHS Secretary also promised state election officials the assistance of DHS in addressing cybersecurity risks related to each state’s election system.  DHS can, for example, help states manage risks to state voting machines, and states can call on DHS’ National Cybersecurity and Communications Integration Center (“NCCIC”) to obtain vulnerability scans, actionable information, and other resources for improving cybersecurity.  In addition, DHS Secretary Johnson encouraged state election officials to implement existing NIST and EAC recommendations related to securing election infrastructure.  

DHS’ increased focus on election security comes amidst several high-profile U.S. political party and election breaches.  The Democratic National Committee reported a breach of its systems by suspected Russian hackers on the eve of the Democratic National Convention in July.  Moreover, the FBI Cyber Division announced that hackers exfiltrated voter registration data from the Illinois Board of Election website in July, as well as attempted intrusion into Arizona’s voter registration system in June.