National: FBI faces new hurdle in election interference fight: Donald Trump | Darren Samuelsohn and Natasha Bertrand/Politico

Nearly two years ago, FBI Director Chris Wray set up an office tasked solely with stopping the type of Russian inference efforts that infected the 2016 campaign. On Wednesday night, Trump undercut the whole operation in a matter of seconds. In an ABC News interview, the president first proclaimed he would have no problem accepting dirt on his opponents from a foreign power, then said Wray was “wrong” to suggest the FBI needs to know about such offers. The comments, according to interviews with nearly a dozen law enforcement veterans, have undone months of work, essentially inviting foreign spies to meddle with 2020 presidential campaigns and demoralizing the agents trying to stop them. And it’s backed Wray into a corner, they added, putting him in a position where he might have to either publicly chastise the president and risk getting fired, or resign in protest. America’s enemies will see Trump’s comments and likely “come out of the woodwork like never before to try to influence the president,” said longtime FBI veteran Frank Figliuzzi, who served as the bureau’s assistant director for counterintelligence until 2012. “And it’s going to be more difficult to defend against because they’ll try harder than ever to mask their attempts.”

National: ‘Deepfake’ videos called new election threat, with no easy fix | Susannah George/San Francisco Chronicle

“Deepfake” videos pose a clear and growing threat to America’s national security, lawmakers and experts say. The question is what to do about it, and that’s not easily answered. A House Intelligence Committee hearing Thursday served up a public warning about the deceptive powers of artificial intelligence software and offered a sobering assessment of how fast the technology is outpacing efforts to stop it. With a crudely altered video of House Speaker Nancy Pelosi, D-San Francisco., fresh on everyone’s minds, lawmakers heard from experts how difficult it will be to combat these fakes and prevent them from being used to interfere in the 2020 election. “We don’t have a general solution,” said David Doermann, a former official with Defense Advanced Research Projects Agency. “This is a cat and a mouse game.” As the ability to detect such videos improves, so does the technology used to make them. The videos are made using facial mapping and artificial intelligence. The altered video of Pelosi, which was viewed more than 3 million times on social media, gave only a glimpse of what the technology can do. Experts dismissed the clip, which was slowed down to make it appear that Pelosi was slurring her words, as nothing more than a “cheap fake.”

National: 2020 Campaigns Remain Vulnerable as Signs of Russian Hackers Re-Emerge | Dustin Volz and Tarini Parti/Wall Street Journal

Many 2020 presidential campaigns face challenges in rebuffing cyberattacks despite taking some steps to beef up security, an issue brought into fresh focus by President Trump’s comments that he might accept information from foreign governments that was damaging to his rivals. Three years after John Podesta, Hillary Clinton’s 2016 campaign chairman, clicked on a spear-phishing email that allowed Russian hackers to break into his account, followed by the publication of his emails by WikiLeaks, campaigns today are hiring security personnel, using encrypted messaging apps and restricting access to sensitive information. But they are falling short in important areas, according to current and former U.S. officials, cybersecurity experts and people familiar with the operations of various campaigns. Those include an unwillingness to share information among campaigns about attempted hacks, regulations that prevent campaigns from accepting free or discounted security services, and technological advances that make deterring threats more difficult. Already there are signs that the same foreign forces that targeted the Clinton campaign are resurfacing.

National: Trump smashed months of FBI work to thwart election interference | Daren Samuelsohn and Natasha Bertrand

Nearly two years ago, FBI Director Chris Wray set up an office tasked solely with stopping the type of Russian interference efforts that infected the 2016 campaign. On Wednesday night, President Donald Trump undercut the whole operation in a matter of seconds. In an ABC News interview, the president first proclaimed he would have no problem accepting dirt on his opponents from a foreign power, then said Wray was “wrong” to suggest the FBI needs to know about such offers. The comments, according to interviews with nearly a dozen law enforcement veterans, have undone months of work, essentially inviting foreign spies to meddle with 2020 presidential campaigns and demoralizing the agents trying to stop them. And it has backed Wray into a corner, they added, putting him in a position where he might have to either publicly chastise the president and risk getting fired, or resign in protest. America’s enemies will see Trump’s comments and likely “come out of the woodwork like never before to try to influence the president,” said longtime FBI veteran Frank Figliuzzi, who served as the bureau’s assistant director for counterintelligence until 2012. “And it’s going to be more difficult to defend against because they’ll try harder than ever to mask their attempts.”

National: Election security threats increasing pressure on state governments | Mekhala Roy/Search Security

The rise of attacks on government agencies and election security threats have increased cybersecurity responsibilities for public sector officials, according to experts. According to Vermont Secretary of State Jim Condos, secretaries of state around the country are not just doing the work necessary to ensure election security, but they are also looking at ways to strengthen their organization’s overall cybersecurity posture. Condos, who also serves as the president of the National Association of Secretaries of State, spoke at the Route Fifty Cybersecurity Roadshow in Boston last week, which focused on public sector threats. “I never thought cybersecurity would be a big part of my role, as it has become,” Condos said in his keynote. “As public sector officials, we have a responsibility to do everything we can to protect the private data of the people we serve.  As secretaries of state, we take to work with protecting our election integrity with incredible seriousness, and we act rapidly when a situation presents itself.” But effective cybersecurity takes diligence and vigilance — and funding, Condos informed attendees.

National: Trump’s comments blur line between ‘oppo research’ and stolen information | Bridget Bowman/Roll Call

President Donald Trump’s argument in an interview that it was acceptable, and even common, to use opposition research from foreign governments threw a spotlight Thursday on how campaigns research opponents and whether they draw a line at foreign interference. Trump said in a Wednesday interview with ABC News he would consider accepting “oppo research” from a foreign government and wouldn’t necessarily alert the FBI. He also said members of Congress “all do it, they always have.” Lawmakers from both parties quickly pushed back on that characterization. Both parties have campaign staff and outside groups that work to uncover negative information about political opponents, but that research does not involve help from foreign governments. “I’ve lost track of how many campaigns I’ve been a part of, but can say with 1,000 percent confidence that I, and the people I’ve worked with, have never received ‘dirt’ on an opponent from a foreign adversary, let alone solicited it,” said Shripal Shah, vice president of American Bridge 21st Century, a Democratic opposition research super PAC.

National: Trump hit with bipartisan criticism for welcoming foreign help in 2020 election | Eli Stokols, Noah Bierman and Chris Megerian/Los Angeles Times

President Donald Trump, after two years of hammering home a simple, powerful defense — “no collusion!” — came under bipartisan fire Thursday after he said he would gladly “listen” if a foreign government offered him dirt on a political opponent, and asserted there would be nothing wrong with doing so. The president’s defiant comments in a television interview suggest special counsel Robert S. Mueller III’s final report — which found “sweeping and systematic” Russian interference in the 2016 election aimed at helping Trump win — did not so much chasten Trump as embolden him. National security veterans warned that Trump’s cavalier attitude all but invited foreign meddling in the 2020 race, raising the stakes as election officials and campaigns worry about sophisticated “deepfake” videos and other disinformation aimed at influencing voters. “Every hostile intelligence service in the world is listening to that,” said Robert Anderson, a former assistant director of the FBI’s counterintelligence division. “Forget Russia, it’s everybody. It’s China, it’s Iran.” The president’s stated willingness to accept foreign help in an election set off a cascade of criticism Thursday, spurring fresh Democratic calls for impeachment and some Republican expressions of concern, if not condemnation. Under federal law, foreigners are barred from donating money or making gifts to influence U.S. elections.

National: Homeland, Judiciary Democrat asks Pelosi to form election security task force | Lindsey McPherson/Roll Call

Rep. Lou Correa is asking Speaker Nancy Pelosi to form a task force to examine proposals for combating foreign influence and ensuring U.S. electoral systems are secure, according to a letter obtained by CQ Roll Call. The House Homeland Security and Judiciary Committee member wrote to his fellow California Democrat citing Special Counsel Robert S. Mueller III’s findings that foreign actors compromised U.S. election security as reason such a group is needed. “The report found that the Russian military launched and planned an attack on our nation and our political system,” Correa wrote in the letter to Pelosi. “They used cyber techniques to hack into our computers and networks. They stole private information and then disclosed that information through fake online profiles. They posed as American citizens and manipulated data for an agenda they agreed with.” In light of that “attack on our democratic process,” Correa said it’s incumbent upon members of Congress need to ensure the nation’s electoral system is safe and free of foreign influence.

National: Klobuchar, Wyden demand answers from FBI on 2016 election hacking incidents | Maggie Miller/The Hill

Sens. Amy Klobuchar (D-Minn.) and Ron Wyden (D-Ore.) are demanding answers from the FBI on its response to Russia attempting to hack voting machine company VR Systems during the 2016 presidential election. The incident was revealed in special counsel Robert Mueller’s report, which said Russia in August 2016 targeted employees of “a voting technology company that developed software used by numerous U.S. counties to manage voter rolls, and installed malware on the company network.” The company wasn’t mentioned in the report, but VR Systems has since been confirmed as the targeted company. In a letter to FBI Director Christopher Wray on Wednesday, Klobuchar and Wyden asked the FBI what steps it took after VR Systems alerted the FBI in August 2016 that it had found suspicious IP addresses on its systems. “VR Systems indicates they did not know that these IP addresses were part of a larger pattern until 2017, which suggests that the FBI may not have followed up with VR Systems in 2016 about the nature of the threat they faced,” the senators wrote.

National: Mitch McConnell is Making the 2020 Election Open Season for Hackers | Sue Halpern/The New Yorker

On May 21st, four commissioners who compose the U.S. Election Assistance Commission (E.A.C.) were asked to attest, in Congress, that they agreed with the findings of the special counsel Robert Mueller that Russia interfered in the 2016 U.S. election. It was a strange and oddly suspenseful moment in what might have been a routine oversight hearing of the House Administration Committee. The E.A.C. is a small, relatively obscure agency, established by the Help America Vote Act of 2002 (H.A.V.A.), an election-modernization bill that was passed in response to the disastrous failure of voting equipment during the 2000 Presidential election. H.A.V.A. allocated over three billion dollars to the states to upgrade their election systems and authorized the E.A.C. to distribute it. The E.A.C. was also mandated to advise election officials and oversee the testing and certification of voting and vote-tabulation machines. Seventeen months away from the next Presidential election, it could be leading the charge against future cyberattacks. It is not.

National: Ex-NSA director says Mueller report highlights risks of foreign interference | Morgan Chalfant/The Hill

Former National Security Agency (NSA) Director Mike Rogers says the full report by special counsel Robert Mueller shows just how important it is for the government to be laser-focused on stopping interference in its elections by foreign governments. “That should be totally unacceptable, totally unallowable, and we ought to be focused on what are we going to do to make sure it doesn’t happen again. Because it’s not going to go away,” Rogers said in a wide-ranging interview with The Hill. Rogers, who retired his uniform a year ago, urged the public to read Mueller’s report to judge its findings independently, describing the breadth of the Russian effort as chilling. “I think the breadth of the Russians’ effort, the amount of time, the complexity of that effort — it didn’t surprise me, but again, I think it’s something that ought to make people step back and say, ‘Wow, this wasn’t a casual effort,’ ” Rogers said. “This was a broad, sustained, comprehensive strategy about how we are going to attempt to influence and impact the 2016 election.”

National: Unfinished Business: What Mueller Didn’t Cover, But Congress Can | John T. Nelson/Just Security

The House Intelligence Committee hearings on the first volume of the Mueller report and the FBI’s underlying counterintelligence probe are scheduled to begin Wednesday with the testimony of two former senior Bureau officials and a former Assistant US Attorney. As one of these witnesses, Stephanie Douglas, has written of Russia’s election interference efforts in Just Security, “I am not sure there are many intelligence plans which work any better than this one.” The use of the present tense is unlikely to be accidental. Despite its thoroughness in investigating certain aspects of Russia’s election interference, the Mueller report addresses only a narrow slice of a larger intelligence story that is still unfolding. President Donald Trump’s curious relationship with Russia did not begin with the Trump Tower Moscow deal and it has not ended with his inauguration—more or less the time frame analyzed in the first volume of the report. Chairman Adam Schiff’s committee’s oversight mandate certainly includes the activities and relationships described in volume one, but is not limited to them. There are many questions to be asked, therefore, not only about why Mueller framed his investigation as he did, but also about what he left outside of the picture entirely. So what exactly are the potential lines of further inquiry for Congress to pursue?

National: McConnell: Senate will hold election security briefing | Jordain Carney/The Hill

Majority Leader Mitch McConnell (R-Ky.) on Tuesday said that the Senate will have an election security briefing in the wake of special counsel Robert Mueller’s report on Russian meddling in the 2016 election. “We intend to have a briefing on election security,” McConnell told reporters during a weekly press conference while not responding to questions about whether the upper chamber will take up any election security legislation. McConnell’s comments mark the first time that he has confirmed he will hold an all-members election security briefing since Minority Leader Charles Schumer (D-N.Y.) said from the Senate floor that he had received assurances from the Senate GOP leader that there would be a closed-door briefing with administration officials.  “I have some positive news. I have spoken to the Republican leader about that request. He has assured me we will have a briefing,” Schumer said from the Senate floor last week.

National: House panel approves $408 million boost for CISA | FCW

The House Appropriations Committee approved a $63.8 billion spending package for the Department of Homeland Security that includes higher funding levels for the department’s top cyber agency. The bill allocates approximately $2 billion for the Cybersecurity and Infrastructure Security Agency, a $335 million bump from last year and $408 million above what was requested in the president’s budget. Lawmakers in both parties have expressed support over the past year for the idea of providing CISA with more resources to carry out its cybersecurity mission. “This 20% funding increase will help the new agency move faster to improve our cyber and infrastructure defense capabilities,” said Rep. Lucille Roybal Allard (D-Calif.), chair of the House Appropriations Homeland Security Subcommittee.

National: Even a voting machine company is pushing for election security legislation | Joseph Marks/The Washington Post

A major voting machine vendor reversed course Friday and urged Congress to pass legislation mandating paper trails for all votes as an anti-hacking protection. The company, Election Systems & Software, also pledged to no longer sell paperless voting machines as the primary voting device in an election jurisdiction and urged Congress to mandate security testing of voting equipment by outside researchers. That promise was made in an op-ed from chief executive Tom Burt published in Roll Call. Burt called such a move “essential to the future of America” and vital for restoring “the general public’s faith in the process of casting a ballot” after the 2016 election was marred by Russian attempts to hack into election systems. The call marks a major about face for ES&S, which, as recently as September, lashed out at researchers who publicly tested its voting machines for hackable vulnerabilities at the annual Def Con hackers conference. The move also comes, however, as chances look extremely slim for any election security legislation to make it out of Congress this year because of fierce opposition from Senate Majority Leader Mitch McConnell (Ky.).

National: Protecting the integrity of US elections will require a massive regulatory overhaul, academics say | Jonathan Shieber/TechCrunch

Ahead of the 2020 elections, former Facebook chief security officer Alex Stamos and his colleagues at Stanford University have unveiled a sweeping new plan to secure U.S. electoral infrastructure and combat foreign campaigns seeking to interfere in U.S. politics. As the Mueller investigation into electoral interference made clear, foreign agents from Russia (and elsewhere) engaged in a strategic campaign to influence the 2016 U.S. elections. As the chief security officer of Facebook at the time, Stamos was both a witness to the influence campaign on social media and a key architect of the efforts to combat its spread. Along with Michael McFaul, a former ambassador to Russia, and a host of other academics from Stanford, Stamos lays out a multi-pronged plan that incorporates securing U.S. voting systems, providing clearer guidelines for advertising and the operations of foreign media in the U.S. and integrating government action more closely with media and social media organizations to combat the spread of misinformation or propaganda by foreign governments.

National: Finally, a Top Voting Machine Maker Is Calling for Stronger Election Security Laws | Patrick Howell O’Neill/Gizmodo

Over the last few decades, the state of American election cybersecurity has been excoriated by hackers who hope to fix a host of glaring problems before the entire system is exploited. Voting machine makers as an industry have long pushed back against security and transparency efforts until, suddenly, this week. Tom Burt is the CEO of Election Systems & Software (ES&S), one of the biggest voting machine manufacturers in the United States. Last year, hackers gathered at the Def Con conference in Las Vegas to test the security of voting machines. While Burt’s company criticized the hackers and suggested the threat against their machines was minimal and “extremely unlikely,” the event was punctuated by an 11-year-old changing voting results and researchers finding a decade-old security flaw in an ES&S ballot counting machine used across the United States.

National: Leading voting-machine vendor vows to ditch paperless voting | Timothy B. Lee/Ars Technica

Election Systems & Software, which describes itself as the nation’s leading elections-equipment provider, has vowed to stop selling paperless electronic voting systems—at least as the “primary voting device in a jurisdiction.” And the company is calling on Congress to pass legislation mandating paper ballots and raising security standards for voting machines. “Congress must pass legislation establishing a more robust testing program—one that mandates that all voting-machine suppliers submit their systems to stronger, programmatic security testing conducted by vetted and approved researchers,” writes ES&S CEO Tom Burt in an op-ed for Roll Call. Over the last 18 months, election-security advocates have been pushing for new legislation shoring up the nation’s election infrastructure. Election-security reform proposals enjoy significant support among Democrats—who control the House of Representatives—and have picked up some Republican co-sponsors, too. However, such measures have faced hostility from the White House and from the Republican leadership of the Senate. “I don’t think there is any likelihood that we are going to move a bill that federalizes more of the election process,” said Sen. Roy Blunt (R-Mo.), a member of the Senate leadership team, last week.

National: Russia’s 2016 election interference was highly organized, but fixes for 2020 are possible: reports | Bradley Barth/SC Magazine

The campaign by Russia’s Internet Research Agency to interfere with the 2016 U.S. presidential election using fake Twitter accounts was even organized than many people realize, according to a new report from Symantec Corporation. But another new report from scholars at Stanford University prescribes more than 45 policy recommendations for how the U.S. can prevent a repeat performance of Russian meddling in 2020. The latter report, titled “Securing American Elections” represents the culmination of a study conducted by a team of scholars with expertise in areas such as cybersecurity, social media, election regulations, Russia and more. The recommendations are subdivided into seven categories: bolstering election infrastructure, regulating online political ads from foreign entities, countering election manipulation by foreign media, fighting state-sanctioned disinformation campaigns, improving transparency of foreign involvement in U.S. elections, establishing norms, and deterring future attacks.

National: McConnell Blocking Plans to Prevent Russian Election Attack | Jonathan Chait/New York Magazine

The House Judiciary Committee held hearings today on the Mueller report and its devastating findings of the Trump campaign efforts to collude with Russia, and Trump’s obstruction of justice thereof. The Republican message, articulated by ranking member Doug Collins, is that this is all in the distant past — the Mueller report came out in early spring; it’s already late spring — and we should focus on the future. “We’re not bringing Russians front and center,” he complained. “If we were attacked, then the priorities should be to go on the battlefields and not to the sideshow.” Funny thing about that: There actually are a lot of bills to safeguard the 2020 elections from the next Russian attack. Mitch McConnell is blocking all of them.

National: 5 steps to critical infrastructure collaboration | Randy James/FCW

The days of simply protecting critical infrastructure with guns, gates and guards or combating cyber threats solely with IT data and network protection are fleeting. Today’s threats are many and varied, as our physical and digital worlds become increasingly interconnected. They stretch all the way from contested regions around the globe back to the U.S. homeland — a country that is no longer the sanctuary it once was. Emerging threats — including the proliferation of weapons of mass destruction, information warfare against our election system, cyberattacks targeting both defense and civilian networks and even the recent Huawei indictments — put our nation’s military capability, critical infrastructure, democratic institutions and even the safety of everyday civilians at risk. In today’s threat landscape, our national defense strategy must incorporate a new, more robust and integrated “whole-of-nation” approach to homeland security. The plan must coordinate the assessment of defense and homeland security threats and synchronize how we address civilian critical infrastructure security and military mission assurance interdependencies. But the million-dollar question among government and industry leaders is not why we must adopt this approach — it’s how.

National: New Election Security Bills Face a One-Man Roadblock: Mitch McConnell | Nicholas Fandos/The New York Times

A raft of legislation intended to better secure United States election systems after what the special counsel, Robert S. Mueller III, called a “sweeping and systematic” Russian attack in 2016 is running into a one-man roadblock in the form of the Senate majority leader, Mitch McConnell of Kentucky. The bills include a Democratic measure that would send more than $1 billion to state and local governments to tighten election security, but would also demand a national strategy to protect American democratic institutions against cyberattacks and require that states spend federal funds only on federally certified “election infrastructure vendors.” A bipartisan measure in both chambers would require internet companies like Facebook to disclose the purchasers of political ads. Another bipartisan Senate proposal would codify cyberinformation-sharing initiatives between federal intelligence services and state election officials, speed up the granting of security clearances to state officials and provide federal incentives for states to adopt paper ballots. But even bipartisan coalitions have begun to crumble in the face of the majority leader’s blockade. Mr. McConnell, long the Senate’s leading ideological opponent to federal regulation of elections, has told colleagues in recent months that he has no plans to consider stand-alone legislation on the matter this term, despite clamoring from members of his own conference and the growing pressure from Democrats who also sense a political advantage in trying to make the Republican response to Russia’s election attack look anemic.

National: Election Security Is Still Hurting at Every Level | Lily Hay Newman/WIRED

The Russian meddling that rocked the 2016 US presidential election gave the public a full view of something officials and advocates have warned about for years: weak voting infrastructure and election systems around the US, and a lack of political will and funding to strengthen them. Two and a half years later, real progress has been made in key areas. But with a new presidential election less than 18 months away, glaring systemic risks remain. Many of those inadequacies show up in a new report from the Stanford Cyber Policy Center, which breaks down the threats facing the 2020 election and beyond, and proposes paths to managing them. But as the report also makes clear, many of those necessary steps will not be completed before 2020. Smooth-running elections will require a clear-eyed view of those lingering deficiencies.

National: Stanford group calls for major overhaul on election security. Here are their recommendations | Joseph Marks/The Washington Post

A plan released this week by a Stanford University group that includes former top government and tech industry officials aims to be the equivalent of the 9/11 Commission report for election security. Like the 9/11 report, which fundamentally reorganized the nation’s homeland security and intelligence structure after the Sept. 11, 2001, terrorist attacks, “Securing American Elections” aims big. It argues Russia’s 2016 election interference operation was an attack on fundamental American values, and should provoke the government and private sector to step up “defenses against efforts to erode confidence in democracy.”  The report’s 108 pages include 45 recommendations ranging from securing voting systems and combating online disinformation campaigns to negotiating major election security norms with allies and punishing adversaries who violate them. Like the 9/11 commission leaders who spent years pushing the government to fully implement their reforms amid partisan bickering, this group is preparing for a fierce lobbying campaign to turn its recommendations into reality, said Nate Persily, a report author and director of Stanford’s Cyber Policy Center.

National: House subcommittee approves funding bill with $600 million for election security | Maggie Miller/The Hill

A House Appropriations subcommittee approved a bill Monday night that includes $600 million in funding for the Election Assistance Commission (EAC) meant for states to bolster election security, with the money specifically earmarked for states to buy voting systems with “voter-verified paper ballots.” The approval comes as recent remarks by special counsel Robert Mueller emphasizing the dangers posed by foreign interference in U.S. election systems injected new life into the election security debate on Capitol Hill. The Senate already approved a bill Monday night to ban foreign individuals who meddle in U.S. elections from entering the country. The funds are part of the Financial Services fiscal 2020 budget, and were approved by voice vote by the House Appropriations Subcommittee on Financial Services and General Government. The bill now goes to the full House Appropriations Committee for consideration.

National: Election Rules Are an Obstacle to Cybersecurity of Presidential Campaigns | Nicole Perlroth and Matthew Rosenberg/The New York Times

One year out from the 2020 elections, presidential candidates face legal roadblocks to acquiring the tools and assistance necessary to defend against the cyberattacks and disinformation campaigns that plagued the 2016 presidential campaign. Federal laws prohibit corporations from offering free or discounted cybersecurity services to federal candidates. The same law also blocks political parties from offering candidates cybersecurity assistance because it is considered an “in-kind donation.” The issue took on added urgency this week after lawyers for the Federal Election Commission advised the commission to block a request by a Silicon Valley company, Area 1 Security, which sought to provide services to 2020 presidential candidates at a discount. The commission questioned Area 1 about its request at a public meeting on Thursday, and asked the company to refile the request with a simpler explanation of how it would determine what campaigns qualified for discounted services. Cybersecurity and election experts say time is running out for campaigns to develop tough protections.

National: DHS needs help peeking into state and local networks, cybersecurity official says | Benjamin Freed/StateScoop

A top federal cybersecurity official said Wednesday the Department of Homeland Security often lacks a clear picture of state and local governments’ network security, even as foreign adversaries increase their attempts to disrupt all levels of the public sector. And while federal agencies are getting better at working with state and local authorities, they face an ongoing challenge of staying ahead of an evolving threat landscape. “We don’t have good visibility in the state and local dot-gov [domain],” Rick Driggers, the deputy assistant director for cybersecurity at DHS’s Cybersecurity and Infrastructure Agency, said at FedScoop’s FedTalks event in Washington. Driggers said one of the most immediate steps state and local governments can take is to enact more robust information sharing with federal cybersecurity authorities. He said hackers, especially those backed by foreign governments, have increased their focus on state and local governments, raising the threat that a local population could suffer the brunt of a successful cyberattack.

National: NGA selects six states for election cybersecurity policy academy | Benjamin Freed/StateScoop

The National Governors Association announced Wednesday the six states that will participate in the organization’s latest cybersecurity policy academy. Officials from Arizona, Hawaii, Idaho, Minnesota, Nevada and Virginia will spend the next six months studying election security to come up with plans and practices to protect the integrity of their voting systems ahead of the 2020 presidential election. The NGA has convened the cybersecurity policy academies, which are run by the group’s Homeland Security and Public Safety division, since 2016. Last year’s program — which included Indiana, North Carolina, West Virginia and Wisconsin — focused broadly on IT security, ultimately producing a set of recommendations for greater collaboration between state and local governments.

National: States, experts ask EAC for more flexibility in voting machine standards | Derek B. Johnson/FCW

State officials and security experts say security updates contained in the Election Assistance Commission’s new Voluntary Voting System Guidelines 2.0 are badly needed, but there is concern that the bureaucratic process the agency has set up to approve and update those standards can’t keep up with the pace of technological change. Later this year, the commission is expected to vote to approve a five-page document outlining principles that will guide the development of VVSG 2.0, including a new emphasis on security. That process will be followed up with far more detailed technical guidance and standards that companies will rely on to design their new voting machines. At a May 21 hearing, the commission heard from a number of stakeholders who advised that the agency refrain from requiring a full vote to approve the technical portions of the guidelines, saying it would run counter to the goal of ensuring that voting machine standards account for the latest developments in technology.

National: Democratic base fired up by effort to ban Internet-connected voting machines | Joseph Marks/The Washington Post

As the 2020 election approaches, voting security groups are trying to rally the public behind an effort to ban Internet connections from U.S. voting machines that could be hacked by Russia and other foreign adversaries. And they’re getting an assist from activists on the left, who are still burned by the 2016 election, when Russia hacked troves of Democratic emails and strategically released them to damage the Hillary Clinton campaign. The joint effort has resulted in a staggering number of people — 50,000 — submitting comments on the issue to the Election Assistance Commission, a federal body that’s rewriting voluntary guidelines for voting machines, the organizing groups told me. The fact that a topic this technical can be an effective rallying cry for tens of thousands of people underscores that election security has become an increasingly pivotal issue in the 2020 contest — and tangible proof it’s resonating with a Democratic base that fears Russia, which sought to help the Trump campaign in 2016, might try to deliver the president a second term.