On the director at the Lincoln Network. Project 2020 and procuring the election ahead of november. Thank you for taking time out of your day. The Lincoln Network, we connected technology and communities to make the future happen sooner to build a better tomorrow. To advance this mission, our Cyber NationalSecurity Team works to inform National Policy discussions. And in Silicon Valley another tech pubs to develop tech cups. 2020, one of the Biggest National challenges we face, is all the National Challenge or elections during the covid19 pandemic. Today we are honored to host leading experts from the National Intergovernmental communities that administers our nations elections and protects state and local governments informations. First we will hear a presentation from jeff perry health for the director at the department of Homeland Security. His presentation will be followed by discussion by including questions from the audience and we will be using the chat function here and zoom to ask questions. After that the second half of our program will feature a discussion with representatives of associations of State Government leaders. The Cybersecurity Program manager when the National Association of secretaries of state brady and maggie, a Program Director for Homeland SecurityPublic Safety at the National Governors association. First really terrific to have an opportunity for to you from jeffrey in the department of Homeland Security. The university of virginia and earned his masters degree in engineering from washington university. For joining us. Jeff good afternoon. We were previously previously been known the National Protection programs director. That name really didnt tell anyone what are jobless, 23 Election Security until today. I would have to say in 2016, we were certainly caught up and we had made the inroads with the community that we have over the last four years working with individuals at the National Association association of state election directors in the National Governors association. Over that time we have really focused on defining our mission which, to us is to provide riskmanagement advice to election stakeholders. We focus on helping election stakeholders to identify and then detect, manage and mitigate risk to their respective systems. And then it is important to recognize we see the election stakeholders, not only Election Officials that manage voting systems and bota databases and the vendors that support them or the community we call election infrastructure. We also engage of partisan organizations, campaign and the electric as her third line of effort to restructure our work accordingly. In early 2017, our support to election infrastructure was more formalized by declaring that sector part of Critical Infrastructure now in all candor, we can do a lot better of a job explaining what that meant. Popular the time dhs is present and they see the infrastructure and this purity is really a supporting function helping to provide information and overbuild man purses to help those stakeholders manage risk to theirs systems. To do so we tried to have an information with the information sharing and analysis and was stood up in 2018 and since that time has two of the states it has more than 2500 local addictions deployed intrusion Protection Centers for helping to understand what type of traffic is targeting election infrastructure across the states. It has really been a rapid evolution of the information of the communal defense in this sector. We have been able to take some of the best practices learned with doing this type of support for other structures and apply it to our support with election infrastructure. Thats a little different we talk about the seventh and of effort supporting partisan efforts with campaigns and Party Committees which we have the same Vulnerability Management services but they represent such a different use of infrastructure, often its an entirely managed Service Providers with no Central Security service. So it is very much about that practices of Security Awareness, of understanding threats and vulnerabilities Operational Technology with election infrastructure. Our third line of effort is really the stakeholder group, the electorate. How do we help them to recognize the risk of them being targeted and their Critical Role in elections. We kind of think of it as the fbi the Intelligence Community focuses on stopping bad actors from producing disinformation and really targeting the public. We focus on the other side of that equation, trying to make it a more resilient to the activities of the factors so they can recognize the risk of the operations so they can be more critical consumers of information and manage risk of Information Operation that way. We had a successful launch about this time last year of trying to explain the tactics and techniques of information campaigns. Recall that the war on pineapples. Use the divisive of pineapple on pizza explore the steps in establishing an Information Operations campaign. We are very pleased the pineapple became somewhat of a mascot for our agency. We have recently produced additional products that are focusing on individual steps one can take to reduce their exposure and the likelihood of sharing and spreading formation on a particular topic, not just an election. I want to thank you guys for having me and i look forward to your questions. Thank you, i know one question on everyones mind is how the Current Situation we are living in, this pandemic is changing the challenge that you face and the nation faces in terms of preparing and holding an election during these very unique circumstances. Certainly is if 2020 wasnt challenging pandemic in there. Howard to support the states in their decisions on how to manage elections and some have expanded the use of mail in voting. Others are making decisions to centralize voting information. We have seen the pandemic apply pressure in certain areas. The willingness of some coworkers to work often time theres a large overlap of individuals and double to the virus. Having the health and safety of the Community Table to work other vent and counsel for best practices for in person voting conditions mail in voting expansion. We dont view mail in voting as risked here by any means rather than in person voting but it does shift the infrastructure being used. Now you have different ballot counters, mail sorters in the amount of system being used is essential to understand as you manage and mitigate risk to the system. Host in terms of the confidence of the voting public absentee veiling has been around for long time but we are moving to this unique circumstance with potential majority of people using the systems which many are not fully confident with having past experience using. How does that affect the trust in the election and the potential risk forever theories fully exploit that lack of knowledge . Certainly communicating any changes with the electorate to the voting process. To what they can expect in an increased mail in scenario. That is essential. One of our documents really supports this and it communicates to the public because it much like Security Awareness is essential for purity perth voting awareness and the shift from the administrative is essential for them to communicate with their stakeholders. As you said some states have been doing all mail in election since 2000 i believe the Brennan Center cited in 2018 more than a quarter of valves returned were by mail there are pockets across the country very strong familiarity with the process and security of these mail in approach. Educating the rest of the country on how that is administered under a short timeline is essential. Host another question i have his house a cybersecurity risk length to change over the past four years . I recall and secretary johnson august of 2016 about the pets. How do you see the landscape evolving particularly in the past year weve seen a ransom ware attacks, where you see the biggest risks to cyber election infrastructure speed is certainly anything connected to the internet is going to face that lowlevel cyber activity you see all of the time. We have been an evolution of the information sharing across the sector from one that did not really exist as a unified Securities System to one thats fully embrace not even Incident Reporting but activity reporting. This of awareness we didnt know who the state chief collection officer was in each state so this is been an evolutionary experience that did not exist prior to 2016. In the chat here we have a question, would it make your job easier to have a strong clear warning about internet voting echoing your warning . I have been very pleased by the response to our Risk Management guidance for electronic ballot delivery marketing and return. The short of it is there are uses and expedite the process of getting a ballot out to necessary communities. But we highly recommend returning a paper ballot and not use electronic return because we do not see those risks as being manageable with current technology. Have any expectations for the statement to be echoed by anyone else. We had eac mist and the fbi coauthor on the purpose of that document is for communities like nasa and they can do what they want we been very thrilled with that partnership. Host another question that has been shared with me is another experience with primaries over the past few months in some states and cities there been reports of long lines, voters waiting up to five hours to be able to vote. When you talking with the election directors and stakeholders, what has been your view about that challenge and the security risks and looking at the mission of protecting his goal security what elearning . Direct audits of this is a fascinating spacer we have gotten to the point that in many cases operational risk, to operate the election to conduct the election is superseding what i focused on for the last four years is cyber risk and infrastructure risk. There is a need for more and healthy poll workers. Some estimates say theres a million more poll workers needed to have the election in november. There is a need for certainty around poll locations and once you have those type of Resources Available, you can use Operation Research to planet how long your lines will be. But frankly in some recent elections in forthcoming elections you are centralizing voting locations, Voting Centers in this manner. Its going to end up with long lines if you dont have the other resources to check people in, to get them their appropriate ballots, to usher them through trade honestly that element is one of the areas Election Officials need the support of americans as much as anything else c1 some of our attendees today may be new to learning about this can you talk about the various services that are provided to state and local government including the Albert Sensor program. How has that been perceived and what is the prospect of utilization of that type of tool and other tools developing over the next five months . Absolutely. The cybersecurity and Infrastructure Security Agency supports the security of infrastructural partners for more than just the election infrastructure bread we have taken best practices we have learned across support to the financial sectors and tried to apply them here. All of the services that existed once this Community Stepped up, these are things like vulnerability scanning, risk and vulnerability assessments, Penetration Testing, we have evolved some of these to be have more scalable remote remote Penetration Testing which is been essential considering we are now all operating innate remote environment during this pandemic. A lot of the Vulnerability Management activities how we start and what is really impacting and where we could make the most gains. We focus on identifying trends across those findings and producing trainings, exercising with them. We have done three national exercises for the election infrastructure community. We also do individual state vendor exercises national exercisers have more than 44 states in each instance in some cases and those are about how to identify cyber incidents. How to detect, how to report them appropriate out of the federal government involved the chief Election Officials involved so nothing goes unnoticed in the sector. These are the type of things that over the course of time have been able to evolve from a 101 understanding sure we have a more robust action fees in the many patriots and interested in finding ways to make a contribution to help support improving the security of the election systems can you talk to some of the ways that dhs and others work with the Technology Community source communities . I describe the three stakeholder groups we support. What has been essential underlying all of that has been a network of technologists, Intelligence Community, of vendor, cybersecurity experts, to provide an indication thing to inform our warning and response across all of this. It is not just an activity where they have evolved at the understanding we have been able to have our particular expertise take it to the Intelligence Community with insight and inform the states particular awareness and really being able to have a collective defense mentality and bring these communities together for the benefit of the sector didnt exist in 2016 or 2017. In 2018r director gave us the earth to improve warning and response specially for this community and there has been a collective earth. Twoyear example of pine pizza and looking at issues that are divisive. At the highest level of National Politics right now the issue of absentee voting and voting by mail has become very divisive and is at the center of the current president ial campaign. Can you talk a little bit about how or whether you arent adversaries possibly exploiting that division . What can the public do about it . Guest it is important to support Election Officials and their decisions on how to administer elections and help them amplify their voice their particular decision. If theres expansion of vote by mail what are the deadlines of vote by mail . How does that impact reporting to beget the necessary and critical information out there so that the appetite for ms. Information in the space is wreath park this is why we work very closely with local Election Officials to help amp the trusted voices in this community, particularly through the trust invoice initiative in order to ensure the correct voice is loudest here. Host thank you we have a question hear from the audience from jennifer. What are the open questions most need additional Technical Research to get, what kind of tools documents other resources from the Industrial Research community would be . Guest a while thats a great question. One of the areas in the decade will be defined by is the efficiency and effectiveness of postelection audit. We have been very big about the need for in order to provide the audit for the sector ccb to those audits in a way less resources helps to provide these that the election is counted though it should be. Sue and . Guest absolutely. I believe a recent estimate is that 92 of voters will cast a vote on an auditable record. That doesnt mean they will all be audited, but over the last years particularly at the jurisdiction level many of the county jurisdictions are taking up practicing audits or other postelection audit tools in order to drive that certainty. Guest there is another question it is from peter. I marries what patterns of intrusions have been blocked have you released Public Information on that threat and who is doing it . Guest we see a lot of the typical internet behavior. One of the interesting things is the of web application scamming actions things blocked by a web application firewalls that occur every day either because secretary of state Networks Host election infrastructure or some of them have other business responsibilities that are also valuable, high assets. This has been one or our understanding of what affects the community has increased a thousandfold. This meant i