After months of stalled progress in Congress, efforts to promote and fund nationwide election security improvements have finally gained some momentum this week. The Senate Intelligence Committee released[1] its long-awaited election infrastructure defense recommendations. Senate leaders got behind a revised version[2] of the Secure Elections Act. And late Thursday night, the Senate passed the omnibus spending bill, which includes $380 million for securing digital election systems. All the pieces are in place. The solutions are clear[3]. All that's left is the doing.
But, of course, that turns out to be the hardest part. Experts say that while Congress did take meaningful action this week, it likely comes too late to play an extensive role in securing this year's midterm elections.
"This is a great first step, but it’s not going to solve the problem," says Marian Schneider, president of Verified Voting, a group that promotes election system best practices. "Just the heightened awareness of what is the threat model and what are best practices for dealing with that threat model makes me hopeful and optimistic that those steps will be taken. But I would like to see the vulnerable systems replaced, and the clock is ticking. The farther we get into the year, the less likely it is. That’s just a reality."
'This alone is not going to be enough to solve the problem.'
Lawrence Norden, NYU Brennan Center
Lots of reliable organizations have come out with recommended election security best practices, both conceptual and technical, over the last year—including the Harvard Belfer Center[4], the DHS-funded nonprofit Center for Internet Security[5], and the New York University Brennan Center[6]. But that doesn't make the Intelligence Committee recommendations an empty gesture; they help