The Election Assistance Commission has been “educating” the Department of Homeland Security on election cybersecurity issues for several months, while DHS is simultaneously providing the commission with sufficient resources to combat threats to election systems run at the state and local level, EAC Chairman Matthew Masterson told Inside Cybersecurity on Tuesday.
We have been working collaboratively with DHS, really before the designation of elections as critical infrastructure,” Masterson said. “They h
ave been a great partner, our role has been to educate them on how the election system works to then put them in the same room as election officials, and then work with the election officials to make sure they know what is available from a resource standpoint.”
The EAC participated in a series of meetings convened by DHS this past weekend on election security matters, during which an election security Sector Coordinating Council was formally established during a meeting of the Government Coordinating Council.
We are hopeful that the sector coordinating council working with the GCC can come together to share information and suggestions on improving overall security and working collaboratively with the DHS,” Masterson said.
The SCC, which is meant to serve as a place for industry and non-governmental member organizations to share information on threats to election systems, was first announced by DHS in December, though the charter and formal establishment was not finalized until last week.
Christopher Krebs, the senior official performing the duties of the DHS under secretary for the National Protection and Programs Directorate, also mentioned the upcoming establishment of the SCC during his testimony at a House Oversight and Government Reform Committee hearing in November.
With the establishment of an Election Infrastructure Subsector (EIS), the DHS National Protection and Programs Directorate (NPPD) and federal partners have been formalizing the prioritization of voluntary cybersecurity assistance for election infrastructure similar to that which is provided to a range of other critical infrastructure entities, such as financial institutions and electric utilities,” Krebs said in his testimony.