Homeland security secretary jeh johnson and a former Homeland Security undersecretary. They talked about russias speakinte interference in the election and how to prevent interference in the upcoming elections. If we may, well begin our hearing. It obviously was delayed with the arrival of former member scalise, which was obviously received quite warmly with the house. We are continuing to pray for his continued recovery and his family is constantly in our mind. This is our Congressional Task force on Election Security. We have formed this body to look at some issues around what happened during the last electi election. A lot of us are concerned about it. Were kind of looking forward rather than backward but kind of trying to figure out did we miss something. Can we use this as an opportunity to fix things for the future . We have the cochair miss br braddo braddock, Ranking Member on house administration. I have a comment for the record, miss cochair, in the interest of time, im just going to submit it for the record. Okay. And we are joined here by former secretary of Homeland Security jeh johnson and the former undersecretary for National Protection and Program Directorate for the department suzanne spaulding. Welcome. Mr. Secretary, were going to allow you to begin, and well now hear from you. [ inaudible ] does that work . Okay. Gentlemen, thank you for having us, inviting us. I accepted this invitation first because its an opportunity for me to reconnect with undersecretary spaulding. Im here because of the respective for members of congress who invited me to be here, and im here because of the importance of the issue. I intend to speak my mind as a concerned private citizen with the experience of having been secretary of Homeland Security for 37 months. As everyone knows in this country we elect our National Leadership through the electoral college. As long as thats the case, as long as thats the constitutional requirement, and given our politics, National Elections will be decided in key precincts in key states. In other words, the integrity of our Election Outcomes on a National Level dances on the head of a pin. If writers of the tv series house of cards can figure that out, then a lot of other people can do the same. Last Years Experience was a wakeup call. As i sit here, i know of no evidence that last year ballots were altered or votes were suppressed through cyber attack. But last Years Experience exposed certain cyber vulnerabilities in our election infrastructure. It was a wakeup call so the question now is what do we do . What do we do here in washington and what do we do at the state and local level. My hope is the task force and members looking into this find answers about what we do. As you know beginning around 2016 we began to see scanning and probing of various state Election Officials systems specifically including but not limited to Voter Registration databases. As i testified before the House Intel Committee in june, i issued public statements about this threat. On august 5th, september 16th, october 1st, october 7th, october 10th about this threat. Of course the director of National Intelligence and i on october 7th took the unprecedented step of formally and publicly accusing the russian government of attempting to interfere in our election process. The good news is thanks to the leadership of undersecretary spaulding and others, by election time 33 states had come to us to seek our Cyber Security assistance in the run up to the election and 36 cities and counties had done the same. We were able to identify a number of vulnerabilities in providing that assistance. Of course on january 6, 2017, utilizing my authority as secretary of Homeland Security, i designated election infrastructure in our country as Critical Infrastructure. These steps must be regarded as beginning in our efforts to shore up Cyber Security of electi election. My understanding is some progress on the state level has been made but there is more to do. I look forward to our discussion. Thank you, mr. Secretary. Miss spaulding . Thank you, mr. Chairman, chairman brady, members of the task force. Very much appreciate the opportunity to be here today to discuss with you this vitally important subject of Election Security. Of course its a great pleasure to be here with my former boss secretary jeh johnson, who has ably laid out the steps we took in the run up to the elections last year. I would like to focus my brief remarks on the lessons i think can be learned from our experience. First as the undersecretary for National Protection and programs directora directorate, i found it extremely valuable to be able to bring together what i call our cyber ninjas as well as our infrastructure experts from our office of Infrastructure Protection who had developed relationships with state and local officials over many years and the office of cyber and infrastructure analysis which i created in 2014 to give us a holistic approach to understand cyber and noncyber elements of election infrastructure. This helped taos prius to priord develop technical and nontechnical ways to reduce those risks. As weve seen in so many other contextses having cyber and infrastructure experts together under one roof is key to effectively managing these kinds of risks. That said, another lesson we learned is that the relationships that mppd had typically developed were with the governors and their offices and we did not fully appreciate the degree to which some secretary of state offices are separate and apart, politically and administratively and sometimes even technically with separate networks, which leads to another important lesson. Work with state and local Election Officials needs to begin early. By the time we were getting the reports and engaging with secretaries of state late last summer, they were already well into our countdown for the election. And most said it was too late to make significant changes. This is why we need to have a strong sense of urgency with regard to upcoming elections. I was glad to see dhs was working closely with virginia and the runup to their Gubernatorial Election this november. We need to be focusing now on the midterm elections next november and the election in 2020. In addition to being timely, the effort to secure our election needs to be bipartisan. Im pleased to be on the board of Harvard Universitys defending Digital Democracy project run by eric roczen bach and led by Hillary ClintonsCampaign Manager and matt rhodes who managed mitt romneys campaign for president along with Outstanding National security and technology experts. As matt rhodes noted in our recent workshop for state and local Election Officials, one thing democrats and republicans can agree on is that foreign adversaries have no place in our domestic politics. The defending Digital Democracy project aims to identify and recommend strategies, tools, and technology to protect the democratic process and systems from cyber and information attacks. A key message we are sharing with state Election Officials is that as important as all of the upfront security measures taken in advance of an election are, post election measures are also vitally important. If an adversary intends to sew doubt about the integrity of an election, making sure you have a way to audit the results in a way that can restore confidence may be as important as keeping the bad guys out of your system to begin with. Again, i was glad to see virginia earlier this month decided to mandate that all precincts must use paper backed Voting Machines. Securing our elections is vital for National Security but it is also important that we recognize russias interference did not begin or end with elections. Russia is engaged in a longterm effort to undermine democracy both tactically to weaken the west and strategically to reduce liberal democracys appeal, not just in the United States but to russias own population and others in central and Eastern Europe and around the world where russia competes for influence and power. These active measures are designed not only to affect elections but to sew chaos and discord generally. We need to broaden our focus to the ways these measures undermined other fundamental pillars of democracy, including the press and even our judicial system. We need to have a Robust National strategy to counter threats from russia and other adversaries to our fundamental democratic institutions. The development of this strategy is long overdue. It must be led by the federal government but must include whole of nation response to this very serious and determined threat. I urge congress to request such a strategy from the executive branch and to move urgently to consider and enact any necessary legislation to implement a national strategy. This cannot wait for the outcome of various investigations, as important as they are, and as much light as they may shed on additional details. We know enough now to understand what needs to be done. Its time to act. Thank you very much, and i look forward to your questions. Thank you very much. If its all right with my cochair, ill start. It mr. Secretary, you were in office when our election system was identified as Critical Infrastructure. Can you give the committee how you arrived at that designation and what you your expectations as secretary happened to be Going Forward with that designation . Yes, sir. In summer 2016we were looking proactively to shore up security of our election infrastructure. We were beginning to see the activity around Voter Registration databases. We were alarmed by it. We were seeing a growing list of states that were the targets of scanning and probing activities, and we were also seeing a clearer and clearer intelligence picture about russian hacking of the dnc and other individuals. So i probed with my staff, and im sure suzanne was part of this conversation about what we at dhs could do. In addition tonight couraging the states to seek our assistance. I was told it was in the authority of the secretary of Homeland Security to declare election infrastructure as Critical Infrastructure alongside the 16 existing Critical Infrastructure sectors. And i said thats very interesting. Id like to hear more about that. What it basically is is it means dhs will prioritize providing Cyber Security assistance if the customer, in effect, asked, if the customer is part of the Critical Infrastructure. And if its Critical Infrastructure, it enjoys the protection of various international Cyber Security norms, and it enables dhs and the sector to have Confidential Communications protected by law and regulations. So i thought that was a good idea. I wanted to engage state Election Officials first to get their reaction. And as i testified in june before the House Intel Committee initially the reaction was somewhere between neutral and negative in that there was a misperception that a Critical Infrastructure designation would somehow be a federal takeover of the election process itself. And i allayed those concerns, addressed them as best i could but realized in the runup to the election, this was going to be a hot button issue. There would ab lot of miss p misperception. The shorter term goal had to be to get states to come in to seek our cyber assistance. Bring the horse to water. I put the designation on the back burner until after the election. As i said a moment ago, we had a large number of states actually cocome in. After the election i returned to this issue because i was convinced it was the right thing to do but i wanted to hear out the states one mayor time about their concerns and reservations. I heard them out. I was still convinced that it was a good idea, so i made the designation on january 6th. My expectation is that the things i mentioned earlier will now occur, that dhs prioritizes providing assistance to Election Officials, that they will enjoy the protections of Confidential Communications and that election infrastructure will be part of one of our Cyber Security norms on an international basis. So theres a lot more work temperature in the implementation of that designation. Thank you. As you know, theres been quite a bit of discussion about what our role as members of congress would be. Miss spaulding, you talked a little about your work at harvard and the bipartisan effort. Let me for the record indicate that our hope initially was to have a Bipartisan House Committee to look at it. We were unsuccessful. However, we felt Strong Enough we really needed to go forward and analyze the information thats available. One of the things that i think we are looking at is whether or not there is a role for congress in securing election infrastructure Going Forward. Youve had some opportunity to look at this. Id love to hear your opinion on it at this point. Thank you, mr. Chairman. I do think theres a role for congress. A couple of things that congress could do, and i know there are legislative packages under consideration even now. But certainly one area that the states have made clear they would benefit from is some Additional Resources to do the things they need to do. And my sense is that, for example, any kind of Grant Program to provide funding to the states, you might want to think about connecting that with a requirement that they do a full assessment of their systems before rushing off, for example, to invest in a lot of new technology. The substitute of Technology Framework we share with private sector and state and local says start with the assessment and then move to prevention, detection, response, and recovery. I think thats a very important step. The department of Homeland Security, as you know, has offered before the election last year to do assessments for state and local officials. But to come in and do a full assessment is very resource intensive, requires two to three weeks. So dhs could use some Additional Resources to staff up those teams. But to the extent that states are nervous about having federal employees, officials coming into our systems, thirderty entities could be certified for offering the same sources and resources to contract with those companies, dhs or state and local officials. There as resource there that i think is important but assessments are equally important. Another interesting recommendation that has been made on a bipartisan basis, both by former leaders in the Intelligence Community and as recently as yesterday by Ken Wainstein former Homeland Security adviser in the Bush Administration is to remove the politics from the threat assessment itself. One would be for congress to put in a legislative requirement that 120 days or 180 days out from a National Election that the Intelligence Community provide a threat assessment with regard to any threat activity they might see related to the elections. That reps to remove the implication that whatever administration is in place at the time is trying to put a thumb on the scale or influence the outcome of the election. It becomes a standard required process. It would include a requirement for updates if fls any significant additional information. So those are certainly a couple of areas where i can see congress very definitely could play a useful role here. I think if we had the money that would go a long way, we respect independence of each state and locality in the conduct of election. One of the challenges we have is how do we integrate ourselves into that process without becoming a nuisance. We were involved in the help america vote act, but we had some experiences there that tell us we have to set some matrix and other things and not just give the money. I think thats kind of what your comments might be about. I yield to the cochair. Thank you, cochair. I first like to thank our witnesses. This election proved there are powerful enemies who want to harm our elections. We are here to understand that threat and try and hopefully do something about it. When a foreign power interferes in our election, it is an attack on our nation. Excuse me. But now there is no doubt that russians launched an unprecedented attack on our elections. We can expect more as you said in 2018 and especially in 2020. Ensuring integrity of our election system should not be a partisan issue. Fair, free and secure elections are cornerstones of our democracy and i thank you all again for joining me in this important conversation about how to work to secure our countrys election system. I heard what you said about what we can do, what we need to do an assessment, there is weiwei you would know, i guess you probably could after the assessment, to know if our state election systems are secure . I dont know how we could possibly secure them as our cochair says, my dear friend, without funding or without maybe interfering too much with state rights. But i dont know whether they need to be replaced. I know the city of philadelphia we just recently replaced our Voting Machines but im not a real tech savvy guy, nor do i probably want to be. I do know this, i know once you fix something, there are a lot of smarter people out there that come in and hack that. I guess what im saying, were struggling here amongst ourselves with meetings we had about what we can do and how we can do it. I do respect states rights. I also respect who we are and what we can do to possibly instill upon them the major importance this is to make sure our process does work, it cant be hacked by anybody else, and that we do have our fair elections. Theres always been some talk about internal states and cities maybe doing something. We had investigations there may be some inappropriate things happen on election day. They turn out to be miniscule, very minor, small, probably never change the outcome of an election, except for now im getting a little nervous about. We have people, we tell people we need to come out and vote. Voting, we have to increase attendance, voter participation, yet we cant let them know were doing nothing, there vote doesnt mean anything because somebody else is voting for them or nullifying their vote. This is important. We appreciate you being here. Again, i guess its financial, purely financial. I know you cant tell us, nor could anybody tells us if they are secure doing the assessment. The assessment is probably going to cost money. We hope we can impress upon our states that we do need we do need fair elections. What happened in the past we think is going to happen again. Id like to try to stop what happened in the future. We can really impress upon them the importance of that. So again i thank you and thank you for your input. Sir, i really appreciate your comments that you are a private citizen but you are a powerful private citizen and i do appreciate you speaking your mind always, as you always did. Thank you. Thank you, mr. Chairman. Thank you very much. Gentlelady from florida. Thank you so much, mr. Chairman, as well as to our cochair, and thank you so much to both of you for being with us here today. Undersecretary spaulding, you mentioned that some states have taken some initiatives to better secure their election systems. You mentioned virginia. But it doesnt appear governors as a whole have really taken an activity role or an upfront or public role in making recommendations for securing their election systems and being engaged in the process. If we do believe that what happened in 2016 is a National Security issue, then what can we in congress do or secretary or undersecretary, what can dhs do to assist governors in seeing the need to really play a more upfront, active leadership role . Congresswoman, thank you. I would say my sense, and i think the secretary would agree, our sense from working with secretaries of state both in the runup to last years election but certainly my work since leaving office with state and local Election Officials really reaffirms the sense we had that they take this very seriously. They take their responsibility to ensure a free, fair, safe election very seriously. But having said that, my sense is also that most of them would welcome some additional assistance in improving still further their ability to withstand attacks from a sophisticated nation state actor. Thats a formidable threat. My sense is also that the governors, certainly the National Governors association under Terry Mcauliffes leadership, he made Cyber Security a signature issue. I will say that in our workshop a couple weeks ago through the defending Digital Democracy project with state and local officials, we had someone there as well who was very interested from the National Governors association. So i think they do continue to have an interest in this. You may want to think about asking that to particularly come before this forum, congress, to give you more details about what they are doing. I completely agree with you. They are the ceos of their states. One of the lessons we learned in dhs is if you really want action on Cyber Security, youve got to reach ceos. They are the ones making resource allocation decisions within state budgets, so your emphasis making sure governors are on board with this is very well placed. Secretary, anything youd like to add . Yes, maam. I was impressed by a number of things that suzanne suggested about how to shore up state Cyber Security, what congress can do. I think the idea of an intelligence assessment is a good one at some point in advance of the election requiring that. And if the states are resistant to any type of federal presence in their systems, perhaps a certified third party validator is a good idea. I think we havent talked about shoring up our information sharing capability no matter how sophisticated a firm, a company, a State Government is, we all benefit from information sharing. There is a wide disparity in the level of sophistication between and among actors in the private and Public Sector in terms of Cyber Security. And so we all benefit from that knowledge, including the most sophisticated of some of my corporate clients in private law practice. They, too, benefit from this. In terms of if i could go back to congressman bradys question, which was also his comment, which i think also answers your question. The practices, as you elected officials know, the practices are kind of all over the map. The way ballots are collected are all over the map. And literally. When i got into this last year, i found what was reassuring to find was that there was very little vote reporting that occurs on the internet. If it does, there are backups. Most states recognize that that is not a best practice. And they have numerous packups, all the way to hand delivery of the ballot count, if necessary. But the practices do vary. Its to congress at the National Level to explore whether some type of legislation is appropriate to legislate either certain federal minimum standards for the Cyber Security of our democracy or a requirement of a about what we were seeing at the time and weve had direct contact or through something called the ms multistate information sharing and analysis center. Did i get that right . There was a lot of dialogue that occurred last year. I cannot speak to the timeline this year since susanne and i left office. But i know there was a considerable amount of contact last year with states where we saw this activity going on to provide what we knew at the time and to offer our assistance. I said that publicly at the time and privately to states. I would just add that we at dhs operate on a voluntary basis and we encourage our stake holders and that includes state and local officials across the board to come to us for assistance and to come to us when they see suspicious activity, they think theyve got intrusion activity, scanning, whatever it might be. The reason we have been successful in getting businesses and officials to come to us is because we safeguard that information. We do not hold a press conference to talk about the help were providing. Thats critically important. I remember the secretary had calls, i had calls with multiple secretaries of state across the country. And there was some frustration that we wouldnt reveal in that call all the states that had come to us or that we had information on. And it was to protect the trusted relationship this with those individuals. The secretary is correct that having said that, we do notify the owners and the operators of networks when we become aware of activity on their networks. Its called victim notification. And as i said in my opening remarks, that was often done through our normal relationships in those governor offices and ur often through the multistate isac. Thats how those notifications took place. Thank you so much. Thank you very much. Gentle lady from california. Thank you very much. Its good to see you both again. We miss you. Im hopeful that through this effort that we eere engaging that we will be able to establish some best practices that will command the attention of not just democrats but also republicans, because the threat here has nothing to do with partisan politics. It has to do with the conduct of democracy. And while the intelligence agencies have told us that the russians intervened to benefit one candidate in the last election, i mean, it could be any candidate in the future or it could just be to damage the country. This is something that should rally all of us as americans. I have a couple of questions. One, would it be valuable to make sure that the secretary of states in the 50 states as well as the territories have security clearances so that they can receive the full information that thats gathered by our intelligence agencies . Yes. I think either of the secretary of state or some other appropriate official. We give security clearances to people in the private sector all the time for information sharing purposes. I agree that would be a good thing to do. Its my understanding that the department of Homeland Security is in fact working with the secretaries of state to make that happen. My information is its been painfully slow and theres information that at least one secretary of states eager to get and it has not been shared perhaps for appropriate reasons but we need complete information flow between our state partners. It seems to me in terms of minute number standards, article i, section iv of the constitution indicates that congress may at any time by law make or alter regulations for the federal elections. And we should engage in some minimum standards. Number one, if you dont have a paper ballot, you cant do a recount. And if you cant do a recount, youre vulnerable to hacking and mistrust. As a minimum, standard, thats something we could certainly comply with. The attacks on the Voter Registration is very disturbing because the potential for mischief there is very large. So im wondering, you know, states are all over the board on how they do their registration. Its not proper for us to interfere in that, other than setting, you know, minimum standards. Were not going to have civil Rights Violations in terms of registration. What guidance do you think that congress should give in terms of Cyber Security, encryption and the preservation of those registrations . And wouldnt sameday registration assist in that . Congresswoman, nice to see you again. First, last year when we saw these Voter Registration databases being targeted, i was very worried that it was the runup to a huge catastrophic attack where people would show up at the voting booth and they were told, im sorry, youre not registered to vote. And so we were very worried about that. And i continue to be very worried about the ability of bad cyber actors to compromise Voter Registration data. In terms of certain federal standards for the Cyber Security of our elections and the process or just certain minimum standards, as you know better than i, Congress Went down that road with hava after the 2000 election. Its very difficult. The states regard this process as theirs, their sovereign jurisdiction. I think that some type of standards or inducements through grants or the like should be encouraged, one way or another. Congressman da mandates federal standards in a whole bunch of contexts and ensuring the integrity of our democracy is pretty important. What is mandated id want to carefully consider. But id also note this is a very sensitive with the states too so id urge caution in how you go about this. Nice to see you. I agree with the secretary. You mentioned encryption. Encryption is certainly a best practice for protecting data at rest, which is what Voter Registration data is. I think basic cyber hygiene, some basic things that need to be done. But if youre looking for a set of best practices that you might consider mandating, i certainly would recommend the Cyber Security framework. Again, it is something we are promoting to private sector and it is not a one size fits all. It provides a process which is for entities to look at to do that assessment where are we today in terms of best practi s practices, where should we be and how are we going to get from a to b . Right. Mr. Chairman, i appreciate that. We made our best effort on hava and i do think although that was done on a bipartisan basis with good intentions, in retrospect there were some things that could have been done in a different way. The cyber aspects, i think, probably were not as tight as we now wish they were. I think the nist proposal is an excellent one. The Election Assistance Commission provides a valuable service. But to recreate nist is not necessary. Theyre the state of the art in terms of standard setting in the United States and we should utilize them. Thank you so much for your service to our country in the last administration and your willingness to come back and continue to share your expertise with us even today now that youre in the private sector. Thank you so much. I yield back. We now hear the gentleman from rhode island. Thank you, mr. Chairman. Thank you for being here today. Welcome back. I just want to thank you for your many years of service at the department of Homeland Security and all the work youve done on a number of things in particular on Cyber Security which weve had the opportunity and privilege to work with you on over the years. So this whole issue of Election Security and Cyber Security and preventing Foreign Government interference with our elections just touches on so many areas that i have been involved with over the years going pack to my six years when i served as Rhode Islands secretary of state and including which in 1996 and then fully functional in 1998 i overhauled Rhode Islands entire election system. In the legislature i actually chaired a special legislative commission looking at the alternative voting systems before i ran for secretary of state. So i was very familiar with the various types of systems out there. At the time the sexy new stuff was all the touch screen technology, going back more than 20 years now, yet i couldnt get over the issue of how important it was to have some type of an audit trail. Thats why i went with an optical scan system ultimately when i became secretary of state. I look back now. That decision was grateful more and more thats the route we went. It poses obviously a number of challenges, though, with modern Cyber Security challenges that we face. And then the years that i spent on the Intelligence Committee looking at the vulnerabilities there and all the work ive done in cyber over the years. So i appreciate your guidance and insights into this. Youve had years of experience on this as well. Ill start with this question. Did the Critical Infrastructure designation change dhss relationship with the state and local Election Officials . And if so, how . And then also, how did dhs communicate the meaning and consequences of that designation . And in your opinion, do state officials understand the implications of the designation and how in your estimation have they responded . Congressman, nice to see you again. So in an official way, the designation changes the relationship in that the member of the Critical Infrastructure sector is now a priority customer, so to speak. And when they seek Cyber Security assistance, dhs will prioritize providing that assistance. Unofficially, i know that there was in the runup to this, a fair amount of push back to doing it. And im quite sure that a number of state officials were not happy that we went forward with it based frankly on a misperception about what it would mean. I was convinced on january 6th when i made the designation that it was the right thing to do, that it should have been done a long time before, because election infrastructure is as important as a lot of other Critical Infrastructure sectors. So im quite sure that in the relationship since january 6th and since we left office, people in dhs have had to spend considerable time explaining to state officials exactly what it means and what it doesnt mean. But i myself, to answer your question, last year explained a number of times, both initially when i initially engaged them in august 2016 in my various public statements and in our explanations to them along the way during the election season about what this would mean. Frankly, its not that complicated. Its basically the three things i spelled out earlier in my statement. Its not real rocket science. And so youre a priority customer if you seek our assistance and you get the benefit of the international Cyber Security norm and you get the benefit of Confidential Communications should we have those communications. Its not mandating binding operational directives or federal regulation or anything of that type. But there was this misperception which we repeatedly wanted to dispel and i think we did for the most part. But thats probably still a work in progress at dhs. Youd have to ask people who are there now. Good. The secretary is exactly right. Its my understanding that they have gone forward and working with at least some of the state and local Election Officials created a coordinating council as a sub sector under the government facilities sector of Critical Infrastructure. So thats certainly progress. I would note also and we made this point repeatedly last year when we were in the office the definition of Critical Infrastructure, as you know s any system, asset or network, the destruction of which would be a debilitating impact on security, Public Health and safety or any combination thereof. It struck us as we started looking at this that it was very difficult to assert that the disruption of our election infrastructure was not capable of having a Significant Impact on our security. And that really was one of the Key Driving Forces behind this decision that we needed to recognize what was simply the case, that this is significant and Critical Infrastructure, that it meets the definition. Thank you. So i know weve touched on this next question a bit, but let me approach it may be from a different way. I found that many state and local Election Officials are theyre unaware of the cyber vulnerabilities in their election infrastructure and the threats they face. I think that awareness is certainly growing. How can we ensure that state and local officials are well versed in election Cyber Security . In particular, what role should dhs have in training Election Officials in Cyber Security . I mean, should we be sending people from the u. S. Cert there even to show them how they say through red teaming could be vulnerable, how the systems could be hacked, how perhaps easy it would be to do. Ive seen some of these demonstrations. Its remarkable how you get a very talented hacker, how they can get into almost any system. Is it helpful to send people there to do just a little bit of red teaming, just parenthetically so they can see the things they need to be looking out for . Yes. I think it would be extremely helpful and i would simply note that again the defending Digital Democracy project held a workshop for state and local officials a couple of weeks ago that included a table top exercise. And i think that would be a very useful thing to represelicate as the country. Dhs often does National Campaigns to educate about specific threats. Certainly it would make sense to do this for state and local officials if they are receptive to receiving that training. And it might be that they would do this on a regional basis and in conjunction with e. A. C. And the National Association of secretaries of state. But its the kind of thing that im sure is being talked about and would be extremely helpful. Okay. Thank you. Do i have time for okay. Theres a whole bunch of things id like to ask. We seem to be dealing with two problems related to rhetoric. One is that some states are not acknowledging the gravity of the security threat. The other is that alarming the public would feed into the russians mission of sowing mistrust in our democracy. What steps do you think the federal government can take to emphasize the threats that do exist while ensuring that the public doesnt lose confidence in our nations democratic system . Any thoughts, insights on that . Congressman, one thing that occurs to me in answer to your question is having the discussion in an off year when its not in the midst of a campaign where people might perceive us who engage in the conversation to be taking one side or another in the runup to the campaign. So having the conversation with state officials like right now is probably a good idea when people are not running for office. Of course, there are odd year elections here and there in virginia and new jersey and other places. But doing as much as possible to decemb disassociate the discussion from the campaigns, from politics is a good way, i think, to ensure that we do this. And back to your earlier question. My experience whether its state Election Officials or private sector actors, there are wide disparities in the levels of sophistication and learning that people have about Cyber Security. There are some who are versed in it, steeped in it, and some who dont know the first thing about it. Closing that gap has to be a goal. There are ways, i think, to do that through grant making, through Certification Requirements and the like. Doing all of this now when were not in the midst of the heat of an election is a good thing. Great observation. With that, ive gone way over time. Were going to thank our panelists, mr. Secretary, madam under secretary for returning here, for sharing your insights. We will be calling on you again, im sure, in the future for your wise advice. We do believe that, as you have said, secretary johnson, that this is a very important time to raise these issues outside of the fog of partisanship just so we can protect our country. And i do think in terms of the awareness issue, as we raise awareness, we also need to show solutions. And i think if we allow the public to see the vulnerabilities but also the steps to take to cure those vulnerabilities, we will have achieved our goal. Thats our mission. Thank you very much. This hearing is adjourned. If i could yes, sir. I would strongly encourage you to do what i think youre doing here, which is separate, if you can, this issue from the other issue of the investigation into alleged collusion, who knew what when and so forth and think about how Going Forward we make National Policy around the Cyber Security of our democrat process. I think youre absolutely right. This is about preserving the integrity of the election system from threats from any source. It could be the right, the left, the apolitical, but its making sure that the voters of america choose their leaders with complete integrity without interference or disruption. Right. Thank you very much. Thank you. [ inaudible conversations ] taking a look at congress this week, the Senate Returns today at 4 00 p. M. Eastern from a week long state work period. Lawmakers complete work on the nomination of Calista Gingrich to be the next u. S. Ambassador to the vatican. Also likely this week, work on 36. 5 billion in Disaster Relief and the 2018 budget resolution. Watch the senate live of c span 2. The house is on a district work period. Theyre due to return to washington monday, october 23rd, with live coverage on cspan. Cspans student cam video competition is in full swing. This years theme is the competition and you. Were asking students to choose a provision of the u. S. Constitution and create a video illustrating why its important. Its open to all students grades 612. Students can work alone or in groups up to 3 on a 57 minute documentary. 100,000 will be awarded in cash prizes. The grand prize of 5,000 will go to the student or team with the best overall entry. This years deadline is january 18th, 2018. For more information, go to our website studentcam. Org. The americanarab Antidiscrimination Committee hosted its annual conference in waugd washington, d. C. In this portion two Democratic House candidates talk about their reasons for running and outreach efforts to muslimamericans, latinos and millennials. Were going to go into our next panel, next discussion. Unfortunately, one of the congressional candidates that we had texted me about 3 00 a. M. Picture from himself on a plane. He was going to bein