>> support local food banks, vulture with organizations like small things that and contributor extra food to the committee patches. let's work to combat food insecurity. >> to watch this and all winning entries visit our website at studentcam.org. >> c-span jean filtered view of government. we are funded by these television companies and more including charter communications. >> charter is proud to be recognized as one of the best internet providers, and we're just getting started building 100,000 miles of new infrastructure to reach those who need it most. >> charting medications supports c-span as a public service along with these other television providers give you a front was the to democracy. >> up the next conversation on election security and integrity

with iranga kahangama, system homeland security secretary or cybercom infrastructure risk and resilience. this event is hosted by the center for strategic and international studies. [inaudible conversations] [inaudible conversations] >> all right. good afternoon. i am suzanne spaulding. i'm senior advisor at the center for strategic and international studies where i lead the visiting democratic institutions project. in 2016, i was undersecretary at

the department of homeland security where i had the great honor of leading the men and women who work so hard every day to try to safeguard our critical infrastructure, to strengthen its security and its resilience. and in 2016 we were really focused on election infrastructure. i had the opportunity to see firsthand the tremendous work that is done by our state and local partners, by our federal partners to protect our election infrastructure. particularly at the state and local level, by amazing public servants. the very public servants who today must that only the tireless as they always have been to get this work done that needs to be done for these elections, but today,, unfortunately, must also be

courageous. one in six election workers reported having been threatened in recent years. and the department of justice told us just this week that the investigating dozens of reports of threats against election officials. fortunately as we've seen they are finding some of these folks making the threats and prosecuting them. but in addition to these tidomestic threats, the most recent threat assessment from dhs warns, quote, we expect the 2024 election cycle will be a key event for possible violence and foreign influenced targeting our election infrastructure, processes, and personnel. nationstate adversaries likely will continue to spread this, this and malinformation aimed at undermining trust in government institutions, our social cohesion and democratic

processes. the assessment goes on to talk about ai insider and other technologies that can a be usedy our adversaries, and concludes that russia, china and iran continued to develop the most sophisticated alive influence campaign online. many of the tactics that these entries used to influence u.s. audiences will likely be used in the lead up to the 2024 election. dhs plays a vital role in safeguarding our elections against these potential threatsr and we are so fortunate today to have with us the iranga kaha who is the assistant secretary for cyber infrastructure risk of his late at t the office of poly and plans at the department of homeland security. prior to this position he served at the white house in the

national security council as director for cyber incident response. in that role he was a principal author of executive order 14028, improving the nation's cybersecurity. he also oversaw the federal government response to a wide range of malicious cyber activity, including the rush attributed solarwinds incident, china's exportation of microsoft exchangef servers, and ransomwae attacks such as those on colonial pipeline, on gbs foods. prior to joining the nsc he served as senior policy advisor at the fbi, working on an array of cyber internet and technology policy issues turkey earned a master public policy on the harvard kennedy school of government. iranga, it's great to have your today. we're going to give iranga an opportunity to make a few

opening remarks and then he and i are going to have a brief conversation, fireside chat, and then open it up the moments that are left for questions. >> great. thank you, suzanne ansys friday. skinny-dipping with a fellow dhs lump it is understood to be in good company. i wanted to thank you for giving us the opportunity to chat about this topic. on security, cyber security around the election infrastructure and all elements of it very seriously. you mentioned you were looking at this issue from 2016. our focus from 2016 to now has only strengthened and has only strengthened our resolve. we have learned from past elections and we continue to monitor and i want to reassure you and your community and the american public that the security of our infrastructure and our election system remain strong. it's something we have to learn and glow -- and grow with the

threats but our approach to election security has always been evolving. we've always had to deal with new and creative threats and risks that come with our elections. when you look at it in a recent past, we as a country and at the federal government adapted to dealing with elections in the covid environment. an array of unique challenges we've had to deal with and that's on top of existing cybersecurity threats by foreign influencers. in that vein, as we look forward and think about new and upcoming threats and risks and whether it's artificial intelligence or other of the things we will get into later today, i think we take that same mindset that we are clear item what we are seeing and understand new and evolving threats emerge but at the same time as a federal apparatus, we remain come ordinate and -- we remain coordinated to address these issues. i think it's become even more clear to us at -- as federal government employees that

stakeholders at the state and local level are really the key implementers of our election infrastructure. as we adjust, we want to be in a supportive role of state and local officials as much as possible. when you talk about elections and how people get their information, it's very much that they tend to be most comfortable with organizations and agencies that talk to them on a daily basis which are state and local whether it's your local county or school board, your governor and things like that. part of our process has been making sure those folks are empowered and those voices are raised. we've learned a lot of lessons and we continue to look at how we can further empower them and provide them resources and information as we learn to do that. another general theme of the biden administration at large has been more rapid declassification, more rapid sharing of information to better identify what those threats are.

that theme goes beyond elections. we saw in the run-up to the russian invasion of ukraine with the white rapidly declassify evidence and intelligence we had. from an infrastructure and organizational concept, we are better organized and better prepared to do things like that that may be more tactical but really helpful in making sure those that can action that information whether it's state and locals or other of election -- election officials at the context. we've done that by helping get security clearances for these individuals by doing tabletop exercises and making sure we can better inform those that have direct interventions with the elections and have the threat information they need. i think we feel very confident that going into this election season, we've learned a lot from our past elections and are laser focused on existing threats as well as emerging ones and the gamut of that.

i think we will get into this as well but we've also increased and improved their interagency coordination. the threat is only as big as the gaps we have in the federal apparatus whether it's today or going back to 9/11 and putting the pieces together of what's happening. we are in more constant communication with law enforcement partners, our intelligence committee partners, state and local conduits within a respected federal agencies are trying to spread the communications as well. i lay that all out and we know that the election will be a big deal. it's something that's on our radar and we are meeting constantly but we recognize there will be things that emerge we've never seen before. we seen that in the past. i remember being uniquely involved in a ballot paper shortage in 2022 as the supply

chains reduce the amount of paper needed to print balance. i never thought of that before that. dealing with that, we are postured to take care of any issues that may arise. we will obviously keep vigilant eye out. thank you for having me here today and i look forward to talking about this more. >> thank you for that overview. it's important both to be candid about the potential threats but also to be really informative about all of the good work going underway to address those threats. as a threshold matter, a lot of folks are used to the cybersecurity infrastructure system and how things can work with state and local election officials on the ground to safeguard our elections. you are from a different office. this is an operational component and your from the headquarters office that deals with strategy

plans and policy so talk to us a little about how your role is different than what fifa is doing and how you work together and collaborate. >> we are in lockstep. i talked to the leadership team daily if not hourly. on a range of these issues. ci is our operationalsa arm within the department that's on the ground meeting with state and local election security individuals. they are implementing guidance and conducting risk assessment, providing analysis and tools for state and local around physical protection, cybersecurity protection but kind of doing the on the ground work. i represent the secretary's broader strategic outlook coordinating our policy across multiple components. cifa is doing a majority of our work but we have an intelligence office and intelligence

analysis, secret service plays a role in security from the candidate perspective. i coordinate that broad department strategy and then serve as the representative when we talk about national security council policymaking and how we drive that coordinated effort with the interagency. when we talk about interagency partners, my office also helps drive some of the work we are doing with other parts of the intelligence communiqué, participating in the notification framework and identify what to do with campaigns we see coming across. it's a very good relationship. it's one that i think is needed to coordinate multiple different occurrences in the department to make sure the secretary and their leadership has the full picture but it's been a close relationship. >> given that division of responsibility, then your role in that broader cross department

perspective, we talked a little already about the threat assessments and the nature of the threats to elections. i came out of the intelligence and analysis office. talk to us more about the role they are going to be playing in this run-up to the election, helping across the inter-agency and state and local election officials to understand what the intelligence community is seeing in terms of potential threats and how all of you are thinking about those in terms of what worries you the most. >> obviously, a big part of this as i mentioned will be information sharing and making sure we can rapidly turnaround information we see. our shop is responsible for putting out information as

unclassified. with that expertise as well as inroads with state and local law enforcement and fusion centers across the country, there is a lot of good connectivity i may have to push out that information. they will be key. we work with dni and others to understand the threat. we see a range of threats and we've seen them in past elections and we have no doubt they will continue to want to prod and force our hand in future elections. from a foreign nation state perspective, we continue to have concerns about russia, china, iran playing a role in foreign disinformation and foreign influence operations. with the sophistication of ai, we will see maybe some more sophisticated, more precise attempts to pish and get access

to campaigns and campaign infrastructure. p thosehishing campaigns may be more delete -- believable. security will be a continuing threat. that's what we can send you to see across the board with all of our critical infrastructure owners and operators. cybersecurity will be really big. that goes across threat actors, that goes from cyber criminals who may not want to affect the election or are looking to ransomware for their own profit but then somehow, state and local offices realize it's connected to an election office. all of a sudden, you have information locked up or you have a hack and leak operation with voter registration rolls. we want to scan the intelligence community assessment that was put out regarding the 2022 election bluntly noted we see

nationstate adversaries scanning election campaigns and scanning election infrastructure to get access. cyber can be disrupted in and of itself or it can be a means to an and. that means a means to obtaining information to maybe leaking information or manipulating information so that it seems people and campaign elections are doing things that are not true. we have those range of issues from a technical perspective. to some of your earlier comments, i think that's a serious issue and summing the secretary and the department is concerned about. we see increasing threats of violence against election workers who are doing really hard work on a voluntary basis because they really believe in our elections. both them and voters on voting days deserve to be safe.

they deserve to have the protections they need and deserve not to be harassed afterwards. those are all threats we see coming. hardening infrastructure and fiscal bear and polling locations will be important from continued threats of violence to these workers. thirdly, i think we should think about the unexpected. threats are intentional but the risks are also unintentional. that can range from covid as i mentioned to certain parts of the country. that's something that's more tried and true and we are ready for the unexpected in that sense. those will also be threats that are more specific to election day or other specific types of parts the country because of the unexpected. things will happen, things we cannot predict whether natural disasters or otherwise but the operational risks are something

that keeps people up at night but something that's a little more manageable from the emergency management perspective. >> that range of threats, gives everyone a sense of what is facing state and local election officials today. they are experts at contingency planning. that is the nature of what they do. what if power goes out, what if we have a big hurricane re-storm? they have been planning and they've done that for decades. they also conclude the threat of violence and balancing the challenge with that threat of violence at the polling places is balancing the sense of security want to get people without intimidating or having an intimidating presence of law enforcement at the polling place.

that is an issue that may be heightened in the selection but it's one that election officials have dealt with for a long time. let's focus on that for a minute. but let's just focus on that for just a minute. what role can dhs and is dhs playing to help with that kind of planning and those relationships that are so critical with local law enforcement to make sure you are all able to provide a secure environment without an intimidating presence? >> sure. i appreciate the question and the nuance is important. upfront and want to be clue does not really a role for the federal law enforcement presence at polling locations. that's not in line with the law. i think there is a very strong supporting role. it's something we continue to do. the department can play a couple of different roles. as i previously mentioned with herio operational agency at cisa we can do risk assessment.

we can help election officials understand some of the physical vulnerabilities or physical weaknesses of a a given pollig location or an office that provides pardoning advice how they maybe want to help construct the organizational construct of the polling location or other offices. there's some limited funding opportunities as well like dhs grantm program and of the fedel grant programs we canro provide money so they can obtain the equipment and the protections that they need. and then that threat assessment and that threat information sharing, helping state and local law enforcement understand if we'reseeing a threat, if seeing some intelligence, we work hand-in-hand with agencies such as the department f justice, the federal bureau of investigation to make sure anything that is physical, a pilot threat is a violation of federal law is enforced and that the law enforcement community cann get after that in

partnership with our state and local efforts. i want to emphasize its a supporting role and i think that's the appropriate role for us to have and one we cherish with our state and local partner. >> dimension funding. i know from talking to state and local election officials that is a huge issue. they are again they are used to the sort of standard, getting all the work that needs to be done just to get elections up and running. but all of a this wider array of threats and a heightened threat environment in our increasingly -- is an added burden. for which they really need resources more than anything. again, they've always been sensitive to not having too much federal involvement, right? it's sort of the sacred thing in our country that our elections are run, , managed by our state and local election officials,

not by the federal government. and yet the federal government has the resources that state and local officials need. do you want to make a pitch to congress to provide more funding? how are you guys feeling about the amount of funding you are able to provide the state and local election officials? because i know they would like more. >> we would love to give them more. i would be happy to ask for more funding. i think that's going to be really key. we hear that from state and local officials. we're doing theof best with what we have. we have expanded some funny opportunities that are maybe insularity or next to some of these efforts. one thing i i would want it i think we did get over $1 billion in our state and local cybersecurity grant program from recent legislation. we have in implementing that we are in year two of this concept is specifically for dhs we have a pot of money where we can

issue funding issue to state and local entities to improve cybersecurity of state and local government institutions which probably have a good amount of overlap with election offices and election infrastructure. .. state gives a cybersecurity pn to dhs and we certify the plan and dispersed the money. we are in our second round of doing that. hopefully soon, we will get some interesting metrics about how that's being applied. i think that's a creative and good use of new sources of money that state and locals could consider. for the ,ta not necessarily turning in y direction. >> it's so critically important to preserving staining building public trust, legitimacy about

process so theyth will respect e outcome so disinformation and cyber are critical elements. you talked about that cybersecurity and i elections infrastructure keeping databases to blink the pallet to loading the ballot to election day to tabulation. that, the whole infrastructure and all the way to the wire services that are reporting that night. >> certification can be weeks and months after the actual election. >> we understand the critical importance of that certification in january. campaigns are also potential targets and you mentioned campaigns. i remember that clearly that was a big issue in 2016. we had a hack at the dmc but it

was tricky for dhs to navigate. that relationship with the political candidates as opposed to state and local election officials. how are you guys thinking about that today in terms of the kind of support for education or warning or whatever that you might be able to give to campaigns that might be targeted in a way that undermines our elections? >> we will continue to put information out there. the recently published intelligence community assessment of 2022, we specifically say we see nationstate actors prodding and scanning specifically within political campaigns. that will be a right target. we will provide as much information to everyone as possible and make sure those threats are done. i think there is an amount of cybersecurity that needs to be

implemented. that's a lesson we learn. at the lowest hanging fruit that can be exploited. known vulnerabilities, things are not -- things that are not patched. these are really the blocking and tackling a federal security that can open up to vulnerabilities. we will continue to push information out to everyone and make sure those that need it have it and we are publicizing any and all threats we have. where will posture to continue that information. we are connected with the information sharing centers that are working with the various areas of election officials. we are very vigilant to commit to kate that threat. >> i would be remiss if i didn't give a shout out to the defending digital campaigns organization on whose board i sit which provides free cybersecurity services to campaigns in addition to training and education. it's really important part of

that whole election process. >> absolutely. >> you've mentioned the scanning and a 2016, we were very concerned about scanning what was attributed to russia, ultimately scanning voter registration databases. my conclusion about what that was all about is that it was really designed to be in a position to support information operations. the information that's in those registration databases is not that sensitive. we thought what else could that be about? if you went in and corrupted that data and if you deleted names or change the spelling or addresses or corrupted that data and people show up then to vote on election day and they are turned away, they are told they are not there, you have long lines and chaos at the election around the election.

that undermines the public's confidence in the legitimacy of that election and is and if youn adversary and you care about that election to undermine legitimacy, so i want to focus on information operations. we are in a difficult environment for dhs to operate around disinformation because of the way it has gotten caught up in politics. the eu. reports coming out this week, czech government, russia is attempting to

interfere in june, using influential voices, etc. if we think putin was interested in the outcome of the '16 election, that the outcome of this '24 election may be viewed as an existential issue for him because of its potentially direct impact of support for ukraine. we should expect a full effort by russia to influence the outcome of that campaign. '16, when we began to realize russia was behind information operations, one consideration

was not wanting to appear to put a thumb on the scale in that election. how are you thinking about that today? how are you anticipating seeing this activity and how you will talk to the public about this activity in a way that seems, that may be trustworthy? sec. kahangama: foreign influence will be attractive for foreign governments to interfere in elections. it is something we have seen over many years. we've learned lessons. people may not be as interested in the workings of bureaucrats or technocratic things but we've instituted structures within

federal government. we have a framework we have put out. there is process for director of national intelligence to identify intelligence indicative of foreign influence operations, to coordinate with officials and understand the veracity and make a determination and how to notify the individual and/or public. that exists now intentionally. we have our eyes up in a way we hadn't in the past in terms of governmental coordination. everyone is on the same page about how issues come up and how we get ahead of them. we are proud of the work we have done. when we think about our role, we

think a couple different ways in addressing these campaigns. we want to focus on elevating state and local voices. this is a theme of how we want to uplift local partners. when these issues are coming, we want to make sure they are the ones that are going to refute this information, as it affects them. new hampshire, with the voice cloning activity around campaigns, president biden's voice, digitally altered, falsely created changing the day of the vote. that was the local justice unit in the state handle that. that is appropriate and meaningful. we have capable resources on the ground in state and locals.

they will be empowered by federal. dhs, secretary johnson, designated election infrastructure as a subsector, that's a bureaucratic conversation but that unlocks tools to prioritize resources and get election infrastructure out there. we maintain a website to make sure we are refuting claims inaccurate about the election infrastructure and promulgation, to make sure what is false in that space. finally, in coordination with partners, we want to highlight the tactics, techniques and procedures adversaries are using. we need to know the latest ways

they are looking to influence so the public can be more informed to identify those issues. government will out these campaigns when we can but they can be everywhere. they can be on social media without you realizing it. if we provide more info about how adversaries are doing it, we want that out there to inform the public. that is how dhs is thinking about this. more broadly, we are engaged with our colleagues on the broader threats. suzanne: i want to hit one of them but i do not have time. give me a sign when we are 10 minutes out. some of the threats highlighted,

trust in institutions, and the ability of the election process to serve the function of the peaceful transition/retention a power will not necessarily be obvious at the outset of information operations. i think about them undermining trust in the courts. 2019, we put out a report called, beyond the ballot, and a catalog the ways the kremlin was engaged in operations that undermine the public trust in our justice system. it was not just flawed and needing reform, but it was irrevocably broken. that is a debilitating message.

as we see courts increasingly being brought into directly involved in elections, all these cases, and cases involving former president donald trump, we know we will be in a situation in which people, where the cases don't go the way they want in the public, are likely to say the courts have acted politically etc. we know our adversaries will lean into those vulnerabilities that are probably of our own making and that undermining trust in the courts undermines their ability to be the essential role we look to them to play in helping to determine cases involving elections,

therefore may undermine that transition of power. his dhs working with the courts -- is dhs working with the courts? is this on the radar? is this the primary responsibility of some other element of government? sec. kahangama: valid question. there's a respect for separation of powers here. the courts have their cyber offices that are responsible for protecting those systems and making sure those things are coming out. we want to be respectful. providing information/advisories, we do that when appropriate. to zoom out, that's a common threat.

adversaries generally exploit divisions in culture and society to influence us, whether any range of issues. we are alert to that. suzanne: you mentioned ai. the department has come out with the first in the federal government, a proactive policy statement about the ways in which you are going to look at using ai and the challenges of ai. talk more in this precise election context. how are you helping with the

threats and dealing with challenges? sec. kahangama: i give credit to secretary mallorca. you may understand the activities the department does. others may not. 200,000 employees. secret service, customs, tsa, coast guard. in reality, the department in pursuit of its mission touch the lives of many americans daily. it gives the department a unique opportunity to leverage ai in an exemplary way, how to engage with society. we do both sides of the coin. we are part of policymaking and national security apparatus when

you talk about big picture white house decision-making but we are also implementing it. we see the risks and the national security space but we want to leverage them in the mission space to maximize what we are doing. we launched pilot programs to utilize resources with ai to better detect, train individuals, detect goods coming across the border. the secretary wants to leverage our ability to capture fentanyl coming in. it's an interesting use case for us. on the election front, we see ai as not necessarily introducing new risk in and of itself. it leads to a faster means with

which an adversary can potentially disrupt the election. you have to stack it on parts of the election. cybersecurity risk from better phishing emails, better language and scripts, who may have had broken english, election workers, campaigns, equipment vendors will be impacted by this. that piggybacks to your systems which could result in other campaigns to show how false claims of equipment being defective or manipulated, that is a possibility. same time, ai can create generated content that is false that can be used to intimidate people, poll workers.

harass these same individuals. thirdly, ai and content, more akin to new hampshire, can be attempts to disrupt the process. to put out false voice/video notes around when the election is happening or where. scramble people at the last minute. those are not new but they are hyper paste. they will be more sophisticated and harder to detect. a few months ago we put out an advisory on threats of ai outlining threats to election workers. [indiscernible] hey i is the news of the day in -- ai is the news of the day in

d.c. and silicon valley. we've tried to educate poll workers and election officials that ai is here and give them framework for how we think threats will potentially affect them and provide mitigating guidance. a lot of those and up being a mixture of educational and cybersecurity. making sure you're cyber and digital doors are locked. that you are not making yourself vulnerable to exploitation or targeting. we see the threat. we don't think it is new. we will need to be faster. we will take it from there. there will be an interesting part of the election landscape. suzanne: one thing i've long

felt about generative ai and fake videos/audio that seem real is this problem of what my colleagues call the liars dividend. as we get better at detecting, pointing out something is fake, this video/photo is fake, people begin to doubt their ability, that they cannot believe their eyes. it becomes difficult to prove something with video or audio that is real. we've seen how this can play out in the aftermath of an election where there are claims that things happened with ballot boxes or what have you, that things were going on in the rooms where they were being counted, where even if you have

cameras and you can show video, now because we have publicized how things could be fake, that you have this problem where the real things are no longer believed. there are folks working hard to address that challenge around ways to watermark video, for example, that would preserve a chain of custody but can you talk about how you might be working to address that challenge? sec. kahangama: the issue of watermarking is cited in president biden's ai executive order. we've been in contact with technical parts of the government like nist, department of commerce, who is charged with leading the technical overlays of what those efforts may look like, so that will be important.

more practical reality is the roles of the companies to play. ai companies are thinking about this. there is some wild stat about every election occurring this year at every conference. ai companies understand that. you see it happening in countries already, tooling around with generative ai is not something that will be novel in a few months. the companies get it. the conferences talk about agreements to better understand and take action around these issues. the companies creating this tech are starting to think about it, which is helpful. i encourage them to continue.

suzanne: i want to give you an opportunity, a big part of dhs mission, we've talked about clinical work with state and local election officials and federal partners, vendors and the folks involved in the infrastructure and the importance of communication but a big part is communicating with the public. you've talked about it. it's a challenge for dhs and all institutions today to communicate with the public, many of whom are skeptical about government institutions. how are you thinking about the important role dhs has in communicating with the public in

the context of this environment? what are you thinking about to try and overcome that and make sure you are indeed putting forward trusted and trustworthy -- a big part is to put the spotlight on first-hand sources of information at the state and local level but broadly, how are you thinking about that? what is the most important message you would want the public to have from this conversation, as they think about '24 election safeguards? sec. kahangama: communicating with officials and the public will be tricky.

it will not shake resolve or stop us from putting out info and communicating at a range of levels whether at the technical levels of cybersecurity experts, physical security experts, various branches of government or the american public. we will not shy away from giving information we have. transparency is a benefit in this context. we are committed to doing that. we have power in numbers and a lot of federal partners that have different pieces of the pie. it's a complicated federal set of responsibilities. folks may not always get why one agency cannot do it all but being in lockstep with partners at doj and others, based on the

threat, and having a joint message will be important. we've tightened that up and we will be locked at the hips to make sure we are communicating as one. i don't think that changes anything. there will be challenges. we will do our jobs. that is what we are here to do. we will do it faithfully, as down the line as we can. in terms of what the public should take away, it's vitally important you go to trusted voices and sources. identify where and who your local election officials are, where their website is, that they will update info. they will be the ones putting out authoritative sources of info. you need to know where to get that from. that should be your resource.

we have a ton of federal resources. working with as local a partner as you can, education in the run-up will be important. suzanne: shout out to the national association of secretaries of state, the association of all the secretaries of state and election officials across the country, red and blue states, nonpartisan, and they have # trustedinformation2024 where individuals can go. all 50 states are listed there. all the state election websites. that is an authoritative place to go to see how you can get info from those who have firsthand info about the time, place and banner of the elections. really important.

we have a few minutes left, if we've got questions. [indiscernible] paul, give me the sign when we are out of time, thanks. >> i work at customs. given the rise of ai, the internet of things, there are more vulnerabilities of hackers. how can we secure wireless networks everyone uses? deepfakes could easily land on the tablets of americans. sec. kahangama: you hit on a good point. state and local agencies doing these are susceptible to common

vulnerabilities. they tend to be small offices at times, sometimes even using public wi-fi. understanding nature of network, conductivity and doing proper cyber analysis will be important. there are free cybersecurity services the department offers where we can scan for vulnerabilities and gave you a report. -- give you a report. we also publish the known exploited vulnerability list which is a list of products which we know adversaries are utilizing. those of the most critical patches -- those are the most critical patches. >> ap.

you mentioned social. so much disinformation is spread on social platforms. are you in discussion about how to stop that? are you letting them handle it the way they want? are they reaching out to you to ask for advice? are they saying we will do whatever we want? sec. kahangama: i get it. i will respectfully hold pending litigation. thank you. suzanne: that was one of the questions i had, the degree to which these court cases are impacting important work dhs and government have done as part of our whole of nation --

[indiscernible] >> you mentioned getting clearances for state and local officials? can you expand on that? is this recent? sec. kahangama: it is standard practice. back in the day, dhs tends to own responsibility of providing security clearance. it is something we do across a range of sectors. we do classified briefings to executives of companies and

other infrastructure owners and operators so they have context of why we are concerned about a threat. that is a service dhs has long provided. focusing on local officials is one part of that. suzanne: that peace is a post 2016 improvement. getting state and local officials clearances to share sensitive info. that was something they were concerned about and was a real challenge in '16. governors, i think have access to classified info by virtue of their office, which is members of congress -- they don't get clearances, mostly because of

separation of powers issues but the decision was made by virtue of their office, they need access and so they get it. after 9/11, i was among those who said we need, governors are in the same situation and they should be given clearances or access, not clearances, but access based on their positions. 2016 we were sharing information with cleared individuals in the governors offices, assuming it would get to the election officials. in some states it did. some it didn't. we realized we needed to make sure those independent offices had their own ability to get access to sensitive info when necessary. sec. kahangama: these days, governors have homeland security

advisors at the state level and we also administer clearances but we work in concert with fbi, who has 54 field offices across the country, so we can get individuals in secure rooms, so we work with them to put them in local fbi offices, secure comms, and then we are able to deliver information from d.c. to where they are. suzanne: thank you so much, with all you have on your plate, to take the time and educate us about the threats and the great work being done to address threats and help americans have confidence in legitimacy of that process and the outcome. best of luck to you as you continue to work. sec. kahangama: t