Homeland Security Secretary Jeh Johnson said the department is standing at the ready to help states manage cybersecurity for the upcoming elections, but only if asked.

In the wake of hacks on the Democratic National Committee, presidential candidates and state voter rolls, some have asked DHS to take the lead and categorize elections as critical infrastructure. DHS declined to do so — at least for the current election cycle — but is still offering help to those who need it.

"In our cybersecurity mission, this is the nature of what we do — offer and provide assistance upon request," Johnson said in a Sept. 16 statement. "We do this for private businesses and other entities across the spectrum of the private and public sectors. This includes the most cybersecurity sophisticated businesses in corporate America."

Johnson stressed that such assistance would only be provided to states and municipalities that ask for help.

"DHS assistance is strictly voluntary and does not entail regulation, binding directives, and is not offered to supersede state and local control over the process. The DHS role is limited to support only," he said.

Johnson offered six specific areas where DHS can provide assistance:

Cyber hygiene scans on internet-facing systems

These scans are conducted remotely, after which we can provide state and local officials with a report identifying vulnerabilities and mitigation recommendations to improve the cybersecurity of systems connected to the internet, such as online voter registration systems, election night reporting systems and other Internet-connected election management systems.

Risk and vulnerability assessments

These assessments are more thorough and done on site by DHS cybersecurity experts. They typically require two to three weeks and include a wide range of vulnerability testing services, focused on both internal and external systems.

The National Cybersecurity and Communications Integration Center

The NCCIC is DHS’ 24/7 cyber incident response center. We encourage state and local election officials to report suspected malicious cyber activity to the NCCIC. On request, the NCCIC can provide on-site assistance in identifying and remediating a cyber incident.

Information sharing

DHS will continue to share relevant information on cyber incidents through multiple means. The NCCIC works with the Multi-State Information Sharing and Analysis Center (MS-ISAC) to provide threat and vulnerability information to state and local officials. All states are members of the MS-ISAC. DHS requests that election officials connect with their state chief information officer to benefit from this partnership and rapidly receive information they can use to protect their systems. State election officials may also receive incident information directly from the NCCIC.

Sharing of best practices

DHS intends to publish best practices for securing voter registration databases and addressing potential threats to election systems from ransomware. These best-practices documents will be publicly available Sept. 16, 2016.

Field-based cybersecurity advisers and protective security advisers

DHS has personnel available in the field to provide actionable information and connect election officials to a range of tools and resources available to improve the cybersecurity preparedness of election systems and the physical site security of voting-machine storage and polling places. These advisers are also available to assist with planning and incident management assistance for both cyber and physical incidents.

About Aaron Boyd

Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.

Share:
In Other News
Load More