CISA election security leader says agency will work with ‘whoever is elected’
As concerns about insider threats to elections continue, the Cybersecurity and Infrastructure Security Agency’s top election-security adviser said Thursday that the agency is prepared to deal with state and local election officials who’ve associated themselves with conspiracy theories about voting equipment and previous election results.
“We’re going to work with whoever is elected,” Kim Wyman told StateScoop during an interview at the Billington Cyber Summit in Washington, D.C. “If someone gets through an election, their voters believed they’re the best candidate.”
A number of candidates around the country for offices like county clerk and secretary of state have openly built their campaigns around the denialism of the 2020 presidential election, threatening to not certify future results and pushing unfounded claims around vote-recording and -tabulation devices. But if they win this November, these candidates will find themselves in charge of their states’ or counties’ election administration, voter registration databases and election-related technology.
As a federal agency, CISA has to be “agnostic” about who voters choose, said Wyman, a Republican and former secretary of state in Washington. “That said, we’re putting a lot of emphasis on insider threats.”
Wyman said CISA has been encouraging officials to go through their policies and procedures to reduce the chance for someone with access to election systems to breach or damage them. Some of those steps, she said, include creating dual-control environments — in which it takes two people to gain authorized access to a location or system — and giving people the “least level of access” to do their jobs.
“Quite frankly, people who are the chief election officers probably don’t need to have access to the tabulation equipment,” she said.
Some Democratic and Republican secretaries of state have in recent months taken steps to limit physical access to voting equipment and to impose more stringent cybersecurity procedures on local election boards and election-tech vendors. Colorado also passed a law enhancing criminal penalties for tampering with election officials, a move inspired by Tina Peters, a county clerk who’s been charged with crimes for her alleged role in copying and sharing sensitive election data in service of conspiracy theories about the 2020 vote.
“Myriad insider threats may include people running for office trying to make a statement,” Wyman said Thursday. “Some of the activities you’re talking about are felonies. There are penalties and some of them are criminal penalties.”
Wyman said also said she’s encouraging election officials to become more engaged with their state and local police, to address both insider threats and the rising rate of threats of physical violence against election officials and poll workers.
“It’s another layer of partnerships,” she said. “The idea behind it is to connect local law enforcement and federal law enforcement with election officials to think about what the threats might be this fall.”
Wyman is also on the board of a nonprofit organization formed earlier this summer to bridge election administrators with law enforcement.
