Pushing bipartisan cybersecurity election legislation through both houses of Congress is difficult at best. Delivering legislation asking for cooperation with international allies to share security information, well, have a nice day on that one.
Thankfully, some members of the House and Senate seem undaunted. Last Friday, Sen. Amy Klobuchar (D-MN), the ranking member of the Senate Rules Committee, and Sen. Dan Sullivan (R-AK), introduced the Global Electoral Exchange Act, a companion to an earlier bipartisan bill that passed the House. The legislation proposes to start a program inside the State Department to share election security information with U.S. allies worldwide.
Global Electoral Exchange Act: Summary
You can read the entire bill here. Briefly, this is what it the law proposes (via Cyberscoop):
- Create a new program at the State Department for visiting election officials of allied nations to share strategies on best practices, audits, safeguarding election infrastructure, identifying disinformation campaigns and other election security issues.
- Allow the State Department to award grants to nonprofits involved in election security to fund an exchange of information with similar organizations in other countries.
- Under the legislation, the State Department would be required to update Congress every other year on the program’s progress and issue biannual reports to the congressional panels on foreign affairs.
“This bipartisan legislation will allow the State Department to work with our allies abroad to share information, discuss best practices, and combat the growing threat of election interference to democracies around the world,” Klobuchar said. Sullivan said the legislation “takes important steps to enhance collaboration between the United States and our allies to examine best practices and ensure future elections remain fair, free and absent of foreign interference.”
In late August, Congress and President Trump squabbled over allocating an additional $250 million to the states to support the Secure Elections Act, a bipartisan bill for stronger coordination between the U.S. Department of Homeland Security and other federal and state election agencies, and audit election results nationwide. The bill, which Klobuchar also sponsored, was held up for a year and there’s no word if it will be taken up again in the new year.
Cyber Threat Alliance (CTA)
The feds might want to use as a template the Cyber Threat Alliance (CTA), an association of private sector cybersecurity providers aligned to share threat intelligence. The 20-member Alliance was initially launched in 2015 but reformed two years later with a stronger set of resources. According to the CTA's website, members share timely, actionable, contextualized and campaign-based intelligence that can be used to improve their products and services to better protect their customers, more systematically thwart adversaries, and improve the security of the digital ecosystem.
Charter members include Check Point, Cisco, Fortinet, McAfee, Palo Alto Networks and Symantec. Affiliates include Dragos, IntSights, Juniper, NEC, NTT, Rapid7, Saint Security, SK InfoSec, Sophos and Telefonica’s ElevenPaths. Contributors include AlienVault, Lastline, Radware and ReversingLabs.
