{"id":199213,"date":"2026-03-25T17:06:00","date_gmt":"2026-03-25T21:06:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/25\/on-cyber-local-elections-officials-are-natural-risk-managers-says-former-cisa-official\/"},"modified":"2026-03-25T17:20:09","modified_gmt":"2026-03-25T21:20:09","slug":"on-cyber-local-elections-officials-are-natural-risk-managers-says-former-cisa-official","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/25\/on-cyber-local-elections-officials-are-natural-risk-managers-says-former-cisa-official\/","title":{"rendered":"On cyber, local elections officials are &#8216;natural risk managers,&#8217; says former CISA official"},"content":{"rendered":"<p><a href=\"https:\/\/statescoop.com\/local-elections-cybersecurity-cdt-geoff-hale-qanda\/\">On cyber, local elections officials are &#8216;natural risk managers,&#8217; says former CISA official<\/a><\/p>\n<p><a href=\"https:\/\/statescoop.com\/local-elections-cybersecurity-cdt-geoff-hale-qanda\/\">https:\/\/statescoop.com\/local-elections-cybersecurity-cdt-geoff-hale-qanda\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-25 17:06:00<\/a><\/p>\n<p>Source Domain: <a href=\"statescoop.com\">statescoop.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>Geoff Hale got his start in defending the nation\u2019s elections infrastructure from cyberattacks in 2016. \u201cI guess I can thank Russia for that,\u201d he said, pointing to his work at the National Protection and Programs Directorate, which was two years later to be transformed into the Cybersecurity and Infrastructure Security Agency, the Department of Homeland Security division granted an expansive remit on coordinating and rallying technical and intelligence resources in response to cybersecurity threats, foreign and domestic.<\/p>\n<p>He recalled Russia\u2019s successful cyberattacks in 2016 against the Democratic National Committee, but also lesser known cyber activity aimed at state governments. Much has changed over the past decade, including the level of support offered by the federal cyber agency created during Donald Trump\u2019s first presidency. Federal support for state and local governments has been slashed broadly, including for programs that would aid local election officials as they prepare for the midterm elections and the 2028 presidential race.<\/p>\n<p>Aiming to provide local governments additional cyber support, the nonprofit advocacy group Center for Democracy and Technology last month announced a new initiative, led by Hale. In a recent interview, he described the nation\u2019s altered political backdrop and how his organization hopes to play a helpful role.<\/p>\n<p>This interview, which can be found in full on StateScoop\u2019s Priorities Podcast, has been edited for brevity and clarity.<\/p>\n<p>Colin Wood: How will you lead this new initiative to aid local election officials with their cybersecurity?<\/p>\n<p>Hale: It\u2019s really a focus on election infrastructure, the progress that has been made over the last decade in securing election infrastructure. By that you mean the office systems, the government networks, the voting systems, your voter registration databases, your e-pollbooks and everything that is IT related that an election official may rely on to administer the election. How do we ensure that those are well-protected from sophisticated cyber actors and those advanced threats?<\/p>\n<p>How has cybersecurity changed since you got your start in 2016?<\/p>\n<p>It has been tremendous. I can\u2019t speak to before 2016 because I got my start, I guess I can thank Russia for that, because in 2016 I was working for the Department of Homeland Security, at the predecessor to CISA. In the spring and summer of 2016, Russia had hacked the DNC, which everybody is pretty aware of, but also did some reconnaissance and some cyber activity on a voter registration database at a state level. We recognized that this was an advanced cyber actor and wanted to engage state and locals in helping to ensure that they\u2019re prepared and not alone facing cybersecurity threats like that.<\/p>\n<p>It was a huge undertaking, and DHS made a lot of mistakes in who we contacted, what our understanding was, but we were always there to lend support. And over time, we built trust in the election community. Over the course of that 10 years, you saw the maturation of cybersecurity programs for election officials really advance. Many states developed vulnerability disclosure programs, vulnerability management programs, they were improving their visibility on their own exposures and how they were closing those in a timely manner. The success was tremendous. It\u2019s always iterative progress and there\u2019s always more to do in cybersecurity, but it really shifted from a community that may have been hesitant to consider themselves cyber professionals to really embracing that aspect of the role.<\/p>\n<p>What are the resource gaps you hope to fill?<\/p>\n<p>Anyone who\u2019s spoken to an election official knows that their most important resource is time and every day brings us closer to another election. It takes time for election officials to navigate going to this location to receive that type of support, identifying where they\u2019ll learn about new vulnerabilities, or how things are changing because of Iran. In previous years, it was very clear that you could go to CISA, you could go to the Elections-Infrastructure Information Sharing and Analysis Center, and now I hear there\u2019s a contraction of that support. We are looking to ensure at CDT that we\u2019re partnering with the right people to translate and fill some of those coordination gaps and get the information down to election officials where necessary. It doesn\u2019t always have to be at CDT or a CDT-branded product, but connecting that dot so that election officials aren\u2019t spending their time trying to fill those gaps themselves.<\/p>\n<p>Despite the federal government pulling back support, many have pointed out it\u2019s better positioned than any other organization to coordinate intelligence sharing.<\/p>\n<p>It is yet to be seen if there will be publications for election officials on relevant election security threats and whether the ability to get that information to officials will be maintained. That\u2019s an area that\u2019s really been weakened, that trust in that existing relationship of who knows how to contact whom under what circumstances. I still love the CISA mission and the holdings that exist there and the work that\u2019s being done by plenty of good people, but that relationship with the election community seems to have been frayed.<\/p>\n<p>Smarter people than I always describe it as: cyber is a team sport, and you don\u2019t want it to be a pick-up game. You want to know who you\u2019re passing to, you want to know who you\u2019re engaging with, and who your defense is. Nobody\u2019s going to be an expert across the board on everything. If you have to do incident response, if you have to do cyber intelligence sharing, if you have to do communications of a cyber incident, all of those things are really different capabilities, and pushing to understand who has what information under those circumstances is a really key area that you want to have that preparatory environment.<\/p>\n<p>How is the war in Iran affecting preparations for the 2026 midterms?<\/p>\n<p>I\u2019m not sitting on any particular intelligence, but it\u2019s really interesting to think back on Iranian activity. They were very active in 2020, they were very active in 2022, and while many of their activities were kind of ham-handed and easily detected by the intelligence community, the reality is under these tensions, they\u2019ve already demonstrated that they are one of the most aggressive actors for election-related activity. What is it going to look like when the safeguards are off, when they have fewer guardrails in place? If I was a state-level CISO, I would be pressing to receive as many classified or unclassified briefings, from whomever.<\/p>\n<p>For those at state or local government elections agencies looking for assistance on cybersecurity, what resources are available through CDT?<\/p>\n<p>We\u2019ve got two layers of work taking place. At the national policy level, we\u2019re certainly talking about how to establish information-sharing organizations, not in competition with the ISAC. For the kind of cyber guidance that touches election officials directly, we\u2019re working with other organizations to provide the clearinghouse of data to train, to push particular cyber programs on chains of custody, on incident response, on incident preparedness, in order to advance the community going forward, through \u201826 and beyond.<\/p>\n<p>With Trump repeatedly suggesting that we don\u2019t need elections anymore and tweeting images of himself wearing a crown, is there any preparation being done at the local level to protect elections from threats inside the White House?<\/p>\n<p>I would say election officials are natural risk managers. Their whole business is to operate with integrity and administer the process as best possible under the circumstances. They\u2019re very aware of physical threat environments, they\u2019re very aware of cyber environments and they\u2019re tracking the news. So do I know for a fact that there are plans or inside threats or other elements or engagement from the administration? Not exactly. But I do know election officials to be excellent planners and that they test and prepare for many types of scenarios.<\/p>\n<p>\t\t\tWritten by Colin Wood<br \/>\n\t\t\tColin Wood is StateScoop&#8217;s editor in chief. Contact him at colin.wood@statescoop.com or cwood.64 on Signal.\t\t<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On cyber, local elections officials are &#8216;natural risk managers,&#8217; says former CISA official https:\/\/statescoop.com\/local-elections-cybersecurity-cdt-geoff-hale-qanda\/ Publish&#8230;<\/p>\n","protected":false},"author":1,"featured_media":199214,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/statescoop.com\/wp-content\/uploads\/sites\/6\/2026\/03\/GettyImages-2013953851.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,27],"class_list":["post-199213","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/199213"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=199213"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/199213\/revisions"}],"predecessor-version":[{"id":199215,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/199213\/revisions\/199215"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/199214"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=199213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=199213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=199213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}