CISA completed its election security review. It won’t make the results public  – CyberScoop

When the Trump administration began sidelining and laying off personnel at the Cybersecurity and Infrastructure Security Agency, it started by targeting employees who worked on election security and disinformation. At the same time, the Department Homeland Security announced it would conduct a comprehensive review of CISA’s election security mission.

This week, the agency confirmed that it has completed the review, but said that its findings won’t be released to the public.

“The assessment that CISA has undertaken is internal and will help inform how the agency moves forward to best support critical infrastructure,” a CISA spokesperson said. “This is an internal document that is not planned to be released publicly.”

A DHS spokesperson told CyberScoop in an email that the department had nothing else to share at this time.

Critics argue that withholding the review and its conclusions creates broad uncertainty among election security  stakeholders and jeopardizes the collaboration between the federal government, states and local governments, which relies on CISA’s  resources and technical expertise.

Every year, CISA provides hundreds of vulnerability assessments and technology improvements to financially strained election jurisdictions.  It also oversees sensors that can detect malicious attacks, trains thousands of state and local election workers, and shares the latest threat information. As the threats to election workers have increased over the past four years, CISA has also helped state and local officials shore up physical security at polling places and election offices and expanded de-escalation training.

Meanwhile, the nonprofit Center for Internet Security, which manages the federally funded Election Infrastructure Information Sharing and Analysis Center, stated this week that “due to the termination of funding by the Department of Homeland Security, the Center for Internet Security no longer supports the EI-ISAC.”

The move was expected, as a Feb. 14 DHS memo obtained by StateScoop indicated the department intended to “partially” terminate its cooperative agreement with CIS, with the White House saying the EI-ISAC no longer aligns with DHS’ mission.

The order technically leaves the New York nonprofit free to provide services to state and local governments, but without its prior designation, a majority of states are now legally barred from accepting its services.

Tim Harper, a senior policy analyst for elections and democracy at the Center for Democracy and Technology, called on CISA to make its review public, noting that “without transparency about the scope of CISA’s decisions, election officials won’t even know what options are available to them.”

“Without transparency on the agency’s plans, [states] are left scrambling to prepare for upcoming elections,” Harper told CyberScoop. “If CISA is abandoning them, election officials deserve to know — keeping them in the dark only helps bad actors.”

Last month, the National Association of Secretaries of State wrote to DHS Secretary Kristi Noem outlining a list of vital resources and assistance that states have relied on CISA to provide in order to help secure their elections.

“We favor continuity of the core resources above and welcome the opportunity as Chief Election Officials to discuss any potential changes or impacts to election security-related services before making a final decision,” the officials wrote.

The post CISA completed its election security review. It won’t make the results public appeared first on CyberScoop.

  –

Read More  – CyberScoop