Perspective: Election securityState Officials Are Unhappy with Rollout of Election Security Framework

The federal government has developed a new threat-notification framework, which is meant to give U.S. officials a consistent process for alerting state personnel, the private sector, Congress, and the public of foreign attempts to interfere in U.S. politics through influence operations or cyberactivity. Sean Lyngaas writes in Cyberscoop that “State officials were only given a generic, one-page summary of the document, which is still restricted to the federal government.”

It was “either done without [states’] input or our input was ignored,” Mac Warner, the secretary of state of West Virginia, told Lyngaas.

Lyngaas writes:

Collaboration on cybersecurity between federal and state and local election officials has grown by leaps and bounds since 2016, when Russian hackers probed IT systems in states across the country, and election officials weren’t notified about that activity for many months. There is now a cyberthreat-sharing center for election infrastructure, and state and local officials have fostered much closer relationships with the Department of Homeland Security and the FBI.

He adds, though, that

state and local officials are still irked by what they see as bureaucratic obstacles to getting actionable threat information. Some state officials and lawmakers, for example, have criticized the FBI for refusing to name the two Florida counties where Russians accessed voter data in 2016.

Rectifying that notification process could be key to building on progress made in election security made since 2016.