Election officials face limited options as federal security resources fall away
A nonprofit agency that suddenly lost some of the federal funds it used to provide crucial election security support to states gave more details about the effect of the cuts in an email sent to state government officials on Wednesday.
In a memo obtained by Votebeat, the Center for Internet Security said it is evaluating the impact of the funding cuts and will continue providing many services as it does so, though it didn’t address how long that would continue. Those services include help responding to cybersecurity incidents such as hacking and ransomware attempts, and coordinated sharing of data about threats that can help election officials assess whether something is an isolated event or part of a larger attack.
CIS promised regular updates as it works “to determine how best to support these critical services without federal funding.”
Several states have passed laws in recent years banning private funding or support for election offices, limiting their ability to seek outside help. The CIS memo appears to acknowledge that some state and local officials might need to withdraw from services because of those laws.
“It is recommended that elections organizations contact their local counsel for advice regarding acceptance of services that are not federally funded,” the organization wrote in the memo.
The cuts reflect a broader shift in priorities at the U.S. Cybersecurity and Infrastructure Security Agency under the Trump administration, which says it is refocusing on “mission-critical areas” and cutting services it considers redundant. CISA is part of the Department of Homeland Security.
Election officials are still evaluating what the changes will mean, said Amy Cohen, executive director of the National Association of State Election Directors.
CISA confirmed this week that it had cut $10 million in federal funding for activities under its cooperative agreement with the Center for Internet Security, citing a need to eliminate overlap and redirect resources. A spokesperson said some services — including stakeholder engagement, cyber threat intelligence, and cyber incident response — were deemed “duplicative” and no longer aligned with department priorities. A CISA spokesperson declined to comment further on how these programs were duplicative.
The cuts target two clearinghouses run by CIS: the Multi-State Information Sharing and Analysis Center, or MS-ISAC, and the Election Infrastructure Information Sharing and Analysis Center, EI-ISAC, which provide cybersecurity intelligence, monitoring, and coordination for state and local governments.
The MS-ISAC serves a broad range of government agencies, while EI-ISAC was created specifically to help election officials with targeted threat analysis, real-time alerts, and response support.
Click on the link for the full article
