States that receive funding this year from the Department of Homeland Security’s main grant programming will be required to spend at least 3% of their awards on safeguarding elections, according to documents published Monday.
A notice of funding opportunity for the fiscal 2023 iteration of the Homeland Security Grant Program stipulates that states and localities must now commit at least that much toward a slew of election-security concerns, including cybersecurity, physical protections for voting equipment and polling locations and prevention of harassment and threats against election workers.
Cybersecurity continues to be a primary area of concern for many statewide and local election officials and federal cybersecurity authorities. At a recent gathering of the National Association of Secretaries of State, Cynthia Kaiser, deputy assistant director of the FBI’s Cyber Division, said that while last year’s election cycle was again free of any compromise by foreign malicious actors, officials remain wary of potential threats, particularly “more significant Chinese cyber activity against your states in the coming year.”
And as hacking worries have lingered, election administrators have also in recent years grappled with a rise of insider threats — often motivated by baseless conspiracy theories about voting technology — and risks of physical violence and targeted harassment.
Previous rounds of the Homeland Security Grant Program, which is administered by the Federal Emergency Management Agency, only included a 3% spend on election security as a recommendation.
FEMA plans to distribute about $1.1 billion this year through the Homeland Security Grant Program. This year’s fund includes $415 million for states and another $615 million for urban areas. An additional $90 million is set aside for border-security efforts.
According to the funding guidance, eligible election-related projects include cybersecurity risk assessments, encrypted data backups, network activity monitoring and endpoint detection and protection against attacks like distributed-denial-of-service campaigns. Grant funds can also be used to defray the costs for election offices migrating their web presences to the .gov domain, something only about one-quarter of all county and local offices nationwide have done, according to an analysis last October.
FEMA did not comment on the rule change in time for publication, though election-security advocates who’ve long pushed — unsuccessfully — for dedicated federal funding applauded the move.
Lawrence Norden, senior director of the elections program at New York University’s Brennan Center for Justice, said in a press release that the new 3% requirement in the Homeland Security Grant Program is throwing a “lifeline” to election officials.
“The past few years have been an unprecedented torrent of harassment and threats, and too many election offices lack the resources to fully protect their workers, the voters, and the vote,” Norden said in the release. “Still, much more must be done by all levels of government as the 2024 election approaches.”
The Homeland Security Grant Program, which has been around since 2003, is separate from the state and local cyber grant fund created by the 2021 federal infrastructure law. That $1 billion program, which is just starting to be meted out, includes election cybersecurity as an eligible project, but does not require it.