Former high-level Obama administration officials appeared before congressional Democrats on Thursday to offer suggestions on how to secure future elections from cyber threats. Jeh Johnson, the former secretary of Homeland Security, and Suzanne Spaulding, a former high-level cybersecurity official at the Department of Homeland Security (DHS), faced a myriad of questions from lawmakers about what Congress can do to help states shore up the cybersecurity of their election systems. The meeting took place less than a week after Homeland Security officials notified 21 states of evidence that Russian actors targeted their networks ahead of the 2016 election. Among their recommendations, Spaulding encouraged lawmakers to provide more resources to states for cybersecurity, suggesting that the money could be allocated through a grant program that also mandates a full assessment of their systems.
“We need to have a strong sense of urgency with regards to upcoming elections,” said Spaulding, who is now on the board of Harvard’s Digital Democracy Project. “We need to be focusing now on the midterm elections next November and the election in 2020.”
Lawmakers have introduced bipartisan legislation setting up grants for cyber planning and implementation at the state and local level, but the measure has yet to get a vote in either chamber. Both officials also got behind the idea of Congress mandating a nationwide election security assessment by the executive branch.
Johnson also suggested that Congress could institute “federal minimum standards” for cybersecurity election-related systems — though he encouraged lawmakers to tread lightly, given that states are responsible for administering elections and regard it as “their sovereign process.”