Dear Senators,

We write to express our strong support for the Secure Elections Act (S. 2261). This legislation, introduced by Senators James Lankford (R-OK), Amy Klobuchar (D-MN), Lindsey Graham (R-SC), Kamala Harris (D-CA), Susan Collins (R-ME), and Martin Heinrich (D-NM), would empower states to address rising cybersecurity risks to American elections without undermining their control over the administration of those elections.Dear Senators:

Election security is an essential aspect of our national security. Yet, to date, it has received too little attention from policymakers. In 2018, nearly 40 states will use electronic voting or tabulation systems that are over a decade old, often running on software that is no longer serviced with vendor security patches. A survey of nearly 300 election administrators in 28 states found that a clear majority need new voting machines before 2020. According to the Department of Homeland Security, voter registration systems in at least 21 states were targeted by foreign hackers during the last election.

In recent years, we have seen increasingly sophisticated cyberattacks in countries throughout the world. While there is no evidence that vote totals in the United States were manipulated in 2016, there is no guarantee that systems will be safe in 2018 or 2020. Future threats could come from any of a diverse range of foreign or nonstate adversaries.

The Secure Elections Act strikes a careful balance between state and federal action to secure American voting systems. The measure authorizes appropriation of grants to the states to take important and time-sensitive actions, including:

  • Replacing insecure paperless voting systems with new equipment that will process a paper ballot;
  • Implementing post-election audits of paper ballots or records to verify electronic tallies;
  • Conducting “cyber hygiene” scans and “risk and vulnerability” assessments and supporting state efforts to remediate identified vulnerabilities.

The legislation would also create needed transparency and accountability in elections systems by establishing clear protocols for state and federal officials to communicate regarding security breaches and emerging threats.

While state and local governments have always rightly held primary responsibility over American elections, the federal government has a responsibility to support the states and “provide for the common defense.” States and municipalities cannot be left on their own to defend against sophisticated cyberattacks from foreign powers. Just as the federal government provides state and local governments with grants to support security personnel and first-responders on the front lines of addressing terrorism and other national security threats, this legislation will enable prudent federal and state cost-sharing to deal with pressing cybersecurity issues. State and federal authorities have a crucial time-sensitive opportunity to secure voting infrastructure. Congress should act now to support cybersecurity for American elections.

Sincerely,

General Michael Hayden (Ret.)
Former Director of the National Security
Agency and Director of Central Intelligence
Mike Rogers
Former Member of Congress (R-MI);
Chair of the House Intelligence Committee
   
Grover Norquist
President, Americans for Tax Reform
The Honorable Rick Ledgett
Former Deputy Director of the National Security Agency
   
Adam Brandon
President, Freedom Works
Lt. Col. Tony Shaffer (Ret.)
Vice President, London Center for Policy Research
   
Paul Rosenzweig
Senior Fellow, R Street Institute;
Former Deputy Assistant Secretary of
Homeland Security for Policy
Bruce Fein
Former Associate Deputy Attorney General and General
Counsel of the Federal Communications Commission
   
The Honorable Bob Inglis
Former Member of Congress (R-SC)
Richard A. Clarke
Former Senior Advisor to the President for Cyber Security
   
The Honorable Mickey Edwards
Former Member of Congress, (R-OK),
Vice President, Aspen Institute
Trey Grayson
Former Secretary of State, Kentucky 
   
Bruce W. McConnell
Global Vice President, EastWest Institute;
Former Deputy Under Secretary of
​Homeland Security for Cybersecurity
Sam Reed
Former Secretary of State, Washington
   
Stephen Danzansky
Former Special Assistant to President
Reagan for National Security Affairs
Christine Todd Whitman
Former Governor of New Jersey and
Administrator of the Environmental Protection Agency
   
Jamil N. Jaffer
Founder, National Security Institute,
Antonin Scalia Law School at George
Mason University and Former Associate
Counsel to President George W. Bush
Bruce Schneier
Fellow and Lecturer, Harvard Kennedy
School and Berkman-Klein Center for
Internet and Society