Commentary: DHS’ Big Data Integration Challenge

By Francis X. Taylor

This commentary originally appeared in The Cipher Brief, August 8, 2018.

Department of Homeland Security Secretary Kirstjen Nielsen recently traveled from Washington D.C. to New York with her senior team in tow, to announce the creation of the National Risk Management Center.  It is intended to be DHS’ tip of the spear when it comes to information sharing between the public and private sectors about emerging and sometimes urgent, cyber security threats. 

In an opinion piece posted on CNBC, Nielsen said that the U.S. is not “connecting the dots” quickly enough and said “Between government and the private sector, we have the data needed to disrupt, prevent and mitigate cyberattacks.  But we aren’t sharing fast enough or collaborating deeply enough to keep cyberattacks from spreading or to prevent them in the first place.”

As DHS takes on a new collective defense strategy by putting a premium on public-private information sharing efforts, The Cipher Brief wanted to know a little more about how DHS itself stores and accesses the vast amounts of data it holds. 

Francis Taylor served as DHS’ Under Secretary for Intelligence and Analysis during President Obama’s second term.  One of his priorities was to figure out how DHS could better use data technology tools to increase its operational effectiveness.  It was an issue that he also had to tackle during his time in the private sector, where he worked as Vice President and Chief Security Officer for General Electric. 

Taylor shared his insights with The Cipher Brief, offering a better understanding of the current efforts within DHS to strengthen its capacities, especially at the enterprise level.  We also wanted him to explain what makes integration such a vexing task.

The Cipher Brief: Can you give us some strategic context around data analysis and integration?

Taylor:  Data analysis and integration is critical to how we protect our country and our border. After 9/11 the discussion was about “connecting the dots.” Today there are trillions of dots of information that are available to help us understand what individual, organization or nation- state represent a threat to our people, our country and way of life. Much of that information comes from around the world and allows us to push our analysis beyond our border to regions across the globe. Not only must DHS integrate the data that it collects in the performance of its mission, it must integrate that data with other data from open source, our international partners, and the intelligence and law enforcement communities to have a full picture of the threats we face.

The Cipher Brief:What kinds of data does DHS collect and store?

Taylor: DHS is the third largest department of our government.  DHS components comprise the largest number of federal law enforcement officers in our government and the department conducts its law enforcement mission worldwide.  It interacts daily (and collects information on) U.S. citizens, foreign nationals and U.S. and foreign businesses applying for benefits from the U.S. Government.  DHS also collects data in conjunction with its law enforcement and security missions enforcing U.S. immigration and trade security regimes, immigration violations, citizenship, refugee and asylum applications, and trusted traveler programs.  DHS stores all of this data in more than 900 unconnected databases and the information is kept in silos that are then accessed by the components to perform daily missions. Many of these databases were created long before DHS was established in 2003 and contain old technology that make it difficult to update and integrate.

The Cipher Brief:  How does the issue of data overload negatively impact DHS’ mission to protect the country?

Taylor: I believe that DHS has all the information it needs to proactively defend our country, but the information that is collected is not available to the operators for data analytics that would improve their understanding of threats to our homeland.  The amount of valuable intelligence sitting in DHS data systems is staggering and would be invaluable to DHS and the rest of the U.S. government if it was better analyzed and shared with the appropriate stakeholders.

The Cipher Brief:What is the DHS Information Sharing Enterprise and how does the National Vetting Center (NVC) support the overall mission?

Taylor: The DHS Information sharing enterprise is embodied in the DHS Information Sharing and Safeguarding Governance Board (ISSGB) which is chaired by the DHS Chief Information Officer and the DHS Under Secretary for Intelligence and Analysis. All of the components of the Department are represented on the ISSGB. Unfortunately though, the ISSGB has been largely ineffective in moving the needle within the Department to improve information sharing across the enterprise.  DHS component elements generally do not see value in integrating information across the enterprise.  And there is little incentive to change this paradigm, absent dedicated funding for the enterprise and a clear prioritization of this integration from the Department’s leadership.

The NSC established the National Vetting Center (NVC) in DHS to serve as a focal point for all USG vetting to support travel and border security. It is a logical enhancement to CBP’s National Targeting Center (NTC) that has developed and deployed significant capability in data analytics and integration that improves our understanding of threats to our travel and trade activities as well as our border. NVC envisions building on the NTC foundation to develop even more sophisticated tools and processes to vet individuals applying for benefits within our country.  As the Obama administration was transitioning, former DHS Secretary Jeh Johnson asked all senior staff what we would have done differently, based on what we had learned during our time at the helm.  My answer was that we should have moved ALL vetting for benefits administered by the Department to the National Targeting Center as a government-wide shared service.  My rationale was simple, the Secretary of DHS is the one official in our government that has the final say over who is allowed into our country, but the Secretary does not own the process to ensure that the vetting is effective and continues to improve.  I believe the NVC begins that process and will significantly improve how we make decisions across our government on applications for benefits.

The Cipher Brief: What is the state of DHS data integration and information sharing (i.e. HSIN)?

Taylor: The DHS Data Framework is a joint endeavor by the DHS CIO and Under Secretary for Intelligence and Analysis to build a data lake with the top 20 databases essential to the Department’s vetting and assessment mission. I understand the momentum of the data framework has slowed significantly. I also understand that CBP is driving the data framework as the next level of improvement in information sharing but that DHS headquarters support for initiative is lacking.

The Homeland Security Information Network (HSIN) continues to be the most effective system for DHS to communicate with its state, local, tribal, territorial and private sector partners. But it has real shortcomings.  It needs continued investment to make it more a data sharing platform and not just a communication platform.  HSIN does not allow for data searching and online queries.  This needs to change if the system is to continue to be valuable to DHS stakeholders at every level.

The Cipher Brief:Why is creating DHS-wide searchable data stores so difficult for the Department? Would DHS benefit from a data integration acquisition and standards czar?

Taylor: Most law enforcement organizations are organized to pursue investigating and interdicting wrong doers.  It is the most important aspect of the mission, and I share focus on these priorities.  However, the absence of an integrated data system denies DHS components and others the ability to fully exploitat the information stored in Department systems.  This is inefficient. The lack of an integration function at the headquarters-level makes fixing this shortcoming harder.  The original vision for the Department was to have little centralized-control of operations and to keep operational power within the components.  Each DHS component approaches its missions from its own narrow organizational mission perspective. The components have built processes and procedures from their individual operational perspectives and not from the perspective of how these procedures can be more effectively integrated to meet the collective mission of the Department.  Add to this the fact that budgeting and oversight of the Department is controlled by more than 80 Congressional oversight committees and you can imagine the dysfunction and disincentive to collaborate.

The Cipher Brief: Finally, how do blockchain, advanced encryption or other types of algorithms increase the likelihood of safe data sharing across the DHS Information Sharing Enterprise?

Taylor:  All of the new information analysis technologies will greatly improve information sharing in the Department. Some of this technology is already in use in some of the components; yet it is not systematic and does not optimize the use of these technologies.

IN-THE-NEWS: CGA President Doug Lute Participates in Five Eyes Roundtable

View the full event HERE.

At a time of growing international instability, the Five Eyes intelligence arrangements (which brings the UK together with the United States, Australia, Canada and New Zealand) is of vital important to the security of Britain and its allies.

While questions are being raised over the long-term future of NATO, Five Eyes represents another crucial pillar of our national security – mitigating threats from hostile states, terrorism, and other non state actors. Why does the continuation of the Five Eyes matter and what can be done to support and enhance it for the challenges ahead? A distinguished panel, including two former Prime Ministers, a former NATO Secretary General, and a former Former US Permanent Representative to NATO, discussed these issues in this unique event.

Panelists:

Rt Hon Stephen Harper PC, Canada’s 22nd Prime Minister Hon

John Howard OM AC, Former Prime Minister of Australia

Ambassador Douglas Lute, Former US Permanent Representative to NATO, Former US Deputy National Security Advisor

Rt Hon Sir Donald McKinnon ONZ GCVO, Former New Zealand Minister of Foreign Affairs and Trade and Former Secretary General of the Commonwealth

Rt Hon the Lord Robertson of Port Ellen KT, Former Secretary General of NATO, Former UK Secretary of State for Defence

PRESS RELEASE: Cambridge Global CEO Jake Braun Presents DEFCON Voting Village Report at LRPP Conference

June 28, 2018 (Singapore) - This week, Cambridge Global Advisors (CGA) was proud to announce that CEO Jake Braun presented the 7th Annual International Conference on Law, Regulations, and Public Policy (LRPP) in Singapore.  Hosted by the Global Science & Technology Forum (GTSF), the conference brings together public sector leaders from around the world to discuss the latest developments in legal, policy, and regulatory space.

Bruan’s presentation featured a discussion on the ground-breaking “Voting Machine Hacker Village” demonstration at last year’s DEFCON -- the largest, longest running hacker conference in the world. Coming at a time when intelligence and news was emerging about Russian-backed attempts to hack U.S. voting infrastructure during the 2016 election, the DEFCON Voting Village sought to serve as an awareness-building opportunity.  The Village assembled more than 25 pieces of election equipment including voting machines and pollbooks still widely used in U.S. elections today and made them accessible to thousands of hackers.

Following on the Voting Village demonstration, Braun and several other Village organizers co-authored an award-winning report, detailing the Voting Village findings. The report can be accessed here.

In presenting this report at the LRPP 2018 Conference, Braun furthered his efforts to raise awareness about the severity and pervasiveness of cyber threats facing not only the U.S. but also democracies around the world.

“Nefarious cyber actors, including but not limited to Russia, know no boundaries,” said Braun. “What the DEFCON Voting Village revealed last year is that this is election security a global problem that will continue to persist. We have to work together, across all nations, in the cyber, public policy and legal arena to make our elections more secure. LRPP gives one forum to start and continue this important conversation.”

The Voting Village is slated to run again at this year’s DEFCON, August 9-12, 2018, hosted annually in Las Vegas.

 

###

About CGA

Cambridge Global Advisors is a strategic advisory services firm with deep expertise at the global, national, state and local levels. CGA assists clients in the management, development, and implementation of their programs, practices, and policies – with a special emphasis on homeland and cybersecurity. CGA works with government, non-profit organizations, and Fortune 500 companies to provide consulting and project management services as well as public diplomacy, stakeholder engagement, and communications.  To learn more, visit www.cambridgeglobal.com or follow on Twitter at @camb_global

Commentary: National Vetting Center a Needed, Not Controversial, Security Asset

By Francis X. Taylor

This commentary originally appeared in Homeland Security Today, June 11, 2018.

For decades the U.S. has screened and vetted those who wish to enter the United States or apply to come to U.S. as visitors, immigrants or refugees. While technology and threats have changed, what has remained the same is the need for our officials on the front lines to have the most up-to- date and accurate information to decide who should or should not be allowed to enter our country.

To that end, earlier this year the National Vetting Center (NVC) was created to strengthen, simplify, and streamline the complex, ad hoc, and sometimes inefficient ways that intelligence is used to inform operational decisions related to screening and vetting. Despite the hype, I believe the NVC should not be viewed as part of the heated national debate on extreme vetting. Instead, the NVC should be viewed as the continuing improvement of effective security processes to improve the security of our travel, immigration and trade infrastructure. Specifically, I believe there are three added benefits to the government and to America’s overall national security posture with the launch of the NVC.

First, the practices and procedures that the U.S. government uses for screening and vetting must be dynamic and continually evolve in terms of throughput, redress, privacy, and accuracy. The NVC is a positive step in that direction. Following the 9/11 terrorist attacks, the U.S. created a system to better protect the homeland against potential terrorists. Lessons learned after each attempted terrorist plot since 9/11 caused the government to incrementally mature the system but never fully institutionalize these best practices in one organization.

While U.S. intelligence, law enforcement and security professionals continue to scour the globe for transnational criminals, spies, drug smugglers and weapons proliferators trying to enter the country illegally or with bad intent, the NVC can serve as a single place to analyze a broader set of applicable government information – with the right privacy regime to ensure that the right analysts have access to the proper information at the right time.

Second, I believe the NVC is a smarter use of the government’s existing knowledge, expertise, and money, as well as a realization of the post-9/11 mission to connect the dots of those transiting to the homeland for nefarious reasons.

Threats are not the only thing that have changed since the turn of the century. Technology has clearly evolved at a near exponential pace. Through the NVC, federal agencies will have the ability to use the NVC’s tools and analytic programs in a consolidated, efficient, and streamlined fashion with greater accuracy and speed than ever before. This approach would allow for secure information sharing at a volume and speed that was not possible just five years ago.

Through the creation of the NVC, the U.S. government will have an agile center that can evolve as the threats to the homeland evolve. The threat picture is ever-evolving and the government needs to move quicker to counter the tools that our adversaries are using. Today’s technology will allow agencies to maintain control of their data and permit it to be accessed securely and only by those with the right and proper authorities for the purpose of a specific, legally authorized screening mission.

Finally, the NCV will allow for better coordination and collaboration. Right now, agencies are screening and vetting people properly and with much success – the system is not broken. But we can do it better. And we can expand the work beyond the counterterrorism-only focus of the past 17 years. The NVC will allow for a “task-force” approach to these activities rather than the ad hoc mechanisms that currently exist. Co-locating vetting analysts from different agencies will allow these trained professionals to collaborate, share information where appropriate and access the expertise that resides within each agency to make better, more timely and more informed decisions – including redress decisions. And this scalable model will provide agencies the flexibility to meet the evolving threats we no doubt will face in the coming years as terrorists, criminals and others change their tactics in an attempt to evade the latest vetting protocols.

As the former Under Secretary for Intelligence and Analysis at Department of Homeland Security (DHS), I helped to tackle these same issues while serving in the last administration. I commend DHS for picking up where we left off. And it is my hope that they can build on our path to strengthen this capability with the right outcomes from the start.

It is important that the NVC is a government asset and does not belong to one department or component. It is also important that the NVC is a truly joint facility that allows assignees from across the interagency to collaborate, co-train, and fuse intelligence and experience within the art of screening and vetting. I wish the first director of the NVC my very best: This problem is not insignificant and yet the solution is ever-critical to the protection of our homeland.

Press Release: CGA Principal Francis Taylor Keynotes 2018 IALEIA/LEIU Training Conference

Former DHS Intel Leader Raises Information Sharing Issues Critical to the Work of U.S. Intelligence & Law Enforcement Community

Anaheim, CA (April 9, 2018) Today, Cambridge Global Advisors (CGA) was proud to announce that Principal Francis X. Taylor, former Under Secretary for Intelligence and Analysis at the U.S. Department of Homeland Security, provided keynote remarks at the 2018 International Association of Law Enforcement Intelligence Analysts (IALEIA)/Law Enforcement Intelligence Units (LEIU) conference. The annual joint IALEIA/LEIU gathering brings together hundreds of information analysts, operators and law enforcement professionals for training and discussion on the nation’s most pressing homeland security threats.

Focusing on a theme of enhanced information sharing and technologies that promote “getting information to the point of attack” to enable better decision making, Mr. Taylor’s speech raised several top-of-mind incidents including the tragic Parkland, Florida school shooting, cyberattacks to U.S. critical infrastructure and the migration crisis putting pressure on European partners.

“This audience represents the tireless set of professionals keeping us safe on the home front, but it’s not enough for them to understand and communicate within their own communities effectively,” commented Taylor. “Today’s threats – such as terrorism acts, nation-state interference, criminal activities, or even rouge cyberattacks – often originate outside of the U.S. Events in any part of the world can impact any local jurisdiction in the bat of an eye.  That’s which is why national/international enhanced information sharing and technologies like artificial intelligence, innovative data aggregation tools represent the future of homeland security.”

The IALEIA/LEIU conference kicked off on Monday, April 9 and will run through the week, featuring panels, plenary sessions and training opportunities. Full remarks from Mr. Taylor’s speech will be available online following Monday’s speech at

###

About CGA
Cambridge Global Advisors is a strategic advisory services firm with deep expertise at the global, national, state and local levels – with a special emphasis on homeland and cybersecurity. CGA works with government, non-profit organizations, and Fortune 500 companies to provide consulting and project management services as well as public diplomacy, stakeholder engagement, and communications.  To learn more, visit www.cambridgeglobal.com or follow on Twitter at @camb_global

Press Release: India Launches First-Ever Gov Cyber Training Program

Cambridge Global CEO & University of Chicago Lecturer, Jake Braun, Leads Historic Effort to Massively Scale India's Cyber Workforce

(Gujarat, India. March 21, 2018) This week, Cambridge Global Advisors (CGA) was proud to announce that CEO Jake Braun participated in a groundbreaking Cyber Security and Governance training effort for the Government of the  Indian State of Gujarat. Conducted through the University of Chicago, where Braun also serves as a cyber policy lecturer, Braun helped to deliver cyber policy training more than 240 senior executives from the Government of Gujarat, India. The training culminated in an MOU signing and press event on Tuesday, March 20 that featured leaders from the partnership organizations: Dr. Rajiv Gupta, Additional Chief Secretary, Labour and Employment Department Government of Gujarat & M.D., GNFC Ltd. and Dr. Balaji Srinivasan, Vice President, University of Chicago.

Touted as the first-of-its-kind in India, the partnership is currently administering a "train the trainer" cybersecurity program that will help India achieve its goals of scaling a massive government cyber workforce in the next few years. Along with several new national policies that have critically impacted India's needs for government cyber jobs, the nation has already made historic moves to digitize its currency and implement a monumental biometric data program. Under the University of Chicago curriculum model, participating senior executives will, in turn, train thousands of students at India's Industrial Training Institutes (ITIs) to fill cyber jobs and carry out government cyber operations critical to bolstering India's economy, positively impacting its global footprint, and safeguarding national security.

Of the training, Jake Braun said: "In this global and modern world, cybersecurity is an issue without borders. As more people come online, the challenge of filling cyber vacancies to meet evolving demand is a commonality that governments of all sizes encounter. I couldn't be more honored to support this mission in Gujarat, and to partner with the University of Chicago to equip what is soon-to-be one of the nation's largest cyber workforce bodies on the best policies and practices to keep all citizens safe and secure online."

With years' worth of experience in cyber policy and cyber workforce development issues, CGA is a strategic advisory services firm with deep expertise and experience at the global, national, state and local levels. The firm is currently working with U.S. government entities including the U.S. Department of Homeland Security to identify solutions and strategies to train and bolster its own cyber workforce.

Under the University of Chicago's program, Jake Braun is slated to conduct additional trainings over the coming months in Gujarat.

###

About CGA
Cambridge Global Advisors is a strategic advisory services firm with deep expertise at the global, national, state and local levels. CGA assists clients in the management, development, and implementation of their programs, practices, and policies – with a special emphasis on homeland and cybersecurity. CGA works with government, non-profit organizations, and Fortune 500 companies to provide consulting and project management services as well as public diplomacy, stakeholder engagement, and communications.  To learn more, visit www.cambridgeglobal.com or follow on Twitter at @camb_global

PRESS RELEASE: Cambridge Global CEO Jake Braun Honored with Multiple Cybersecurity Excellence Awards

March 6, 2018 (Washington, DC)This past month CEO of Cambridge Global Advisors (CGA) Jake Braun was named recipient of three awards for his work in raising awareness around cyber threats facing U.S. democracy and election infrastructure, such as those attempted by Russia during the 2016 elections.  

One of the cyber industry’s most coveted programs, the 2018 Cybersecurity Excellence Awards annually honor individuals and companies that demonstrate leadership in information security. With over 400 entries, Braun was nominated and won respective honors in all categories for which he was nominated:

The Cybersecurity Excellence Awards specifically recognized Braun’s work with DEFCON – the world’s largest, longest-running hacker conference – where Braun led the creation of DEFCON’s first-ever Voting Machine Hacking Village. The Village assembled more than 25 pieces of election equipment including voting machines and pollbooks still widely used in U.S. elections today and made them accessible to thousands of hackers who were encouraged to test the technology and expose cyber vulnerabilities for educational purposes.

Commenting on the honors, Braun said: “I am deeply proud of these awards, which, to me, demonstrate that election security isn’t just a hacker thing. The 2018 elections are getting underway, and it’s critical we approach this issue as the national security concern it is.  We must do all we can to protect the vote – and our democracy – from foreign enemies that want to sow discord and distrust.”

Beyond his work with DEFCON, Braun has partnered with institutions and organizations including the University of Chicago and the Atlantic Council to focus on forwarding of policies and best practices that will help election administrators better safeguard the vote from cyberattacks in 2018 and beyond. In October, Braun worked with the Atlantic Council to release an award-winning report about the DEFCON Voting Village’s findings. This report is still being used by U.S. national security leaders to inform new policies to secure the critical infrastructure of the U.S. election system.

###
Cambridge Global Advisors is a strategic advisory services firm with deep expertise at the global, national, state and local levels. CGA assists clients in the management, development, and implementation of their programs, practices, and policies – with a special emphasis on homeland and cybersecurity. CGA works with government, non-profit organizations, and Fortune 500 companies to provide consulting and project management services as well as public diplomacy, stakeholder engagement, and communications.  To learn more, visit www.cambridgeglobal.com or follow on Twitter at @camb_global

NYTimes: Russia Sees Midterm Elections as Chance to Sow Fresh Discord, Intelligence Chiefs Warn

This article citing CGA Principal Douglas Lute appeared in the New York Times, February 13, 2018.

WASHINGTON — Russia is already meddling in the midterm elections this year, the top American intelligence officials said on Tuesday, warning that Moscow is using a digital strategy to worsen the country’s political and social divisions.

Russia is using fake accounts on social media — many of them bots — to spread disinformation, the officials said. European elections are being targeted, too, and the attacks were not likely to end this year, they warned.

“We expect Russia to continue using propaganda, social media, false-flag personas, sympathetic spokespeople and other means of influence to try to exacerbate social and political fissures in the United States,” Dan Coats, the director of national intelligence, told the Senate Intelligence Committee at its annual hearing on worldwide threats.

Mr. Coats and the other intelligence chiefs laid out a pair of central challenges for the United States: contending with the flow of Russian misinformation and shoring up the defenses of electoral systems, which are run by individual states and were seen as highly vulnerable in 2016.

“There should be no doubt that Russia perceives its past efforts as successful and views the 2018 U.S. midterm elections as a potential target for Russian influence operations,” said Mr. Coats, testifying alongside Mike Pompeo, the C.I.A. director; Christopher A. Wray, the F.B.I. director; and other leading intelligence officials.


“Throughout the entire community, we have not seen any evidence of any significant change from last year,” Mr. Coats said.

The warnings were striking in their contrast to President Trump’s public comments. He has mocked the very notion of Russian meddling in the last election and lashed out at those who suggested otherwise.

Mr. Trump has not directed his intelligence officials to specifically combat Russian interference, they said. But Mr. Pompeo said that the president has made clear that the C.I.A. has “an obligation, from the foreign intelligence perspective, to do everything we can to make sure there’s a deep and thorough understanding of every threat, including threats from Russia.”

Russia appears eager to spread information — real and fake — that deepens political divisions. Bot armies promoted partisan causes on social media, including the recent push to release a Republican congressional memo critical of law enforcement officials.

The bots have also sought to portray the F.B.I. and Justice Department as infected by partisan bias, said Senator Mark Warner of Virginia, the top Democrat on the intelligence committee.

“Other threats to our institutions come from right here at home,” he said. “There have been some, aided and abetted by Russian internet bots and trolls, who have attacked the basic integrity of the F.B.I. and the Justice Department. This is a dangerous trend.”

Russia does not, however, appear to be trying to penetrate voting machines or Americans’ ballots, United States officials said.

“While scanning and probing of networks happens across the internet every day, we have not seen specific or credible evidence of Russian attempts to infiltrate state election infrastructure like we saw in 2016,” Jeanette Manfra, the chief cybersecurity official at the Department of Homeland Security, said in an interview last week.

Right now, Mr. Pompeo said, Russia is trying to focus on what are known as influence operations — using social media and other platforms to spread favorable messages — not hacking.

“The things we have seen Russia doing to date are mostly focused on information types of warfare,” he said.

Intelligence officials and election-security experts have said both the states and federal agencies have made significant progress in addressing voting system vulnerabilities since 2016, when state-level officials could not even be warned of attacks because they lacked the necessary security clearances.

 

The intelligence community was focused on gathering information about potential attacks and then sharing it with local and state election officials, Mr. Coats said during the hearing.

Mr. Coats called Moscow’s meddling “pervasive.”

“The Russians have a strategy that goes well beyond what is happening in the United States,” he said. “While they have historically tried to do these types of things, clearly in 2016 they upped their game. They took advantage, a sophisticated advantage of social media. They are doing that not only in the United States but doing it throughout Europe and perhaps elsewhere.”

Mr. Pompeo was also asked about reports last week by The New York Times and The Intercept that American intelligence agencies spent months negotiating with a Russian who said he could sell stolen American cyberweapons and that the deal would include purportedly compromising material on Mr. Trump. The negotiations were conducted through an American businessman who lives in Europe and served as a cutout for American intelligence agencies.

Mr. Pompeo called the reporting “atrocious, ridiculous and inaccurate” and said the C.I.A. had not paid the Russian. The Times, citing American and European intelligence officials, said only that American spies had paid the Russian $100,000 for the cyberweapons using an indirect channel. Those weapons were never delivered. The Russian did provide information on Mr. Trump, which intelligence agencies refused to accept and remains with the American businessman.

“Our story was based on numerous interviews, a review of communications and other evidence. We stand by it,” said Dean Baquet, the executive editor of The Times.

Mr. Pompeo did appear to acknowledge the operation itself, saying that “the information that we were working to try and retrieve was information we believed might well have been stolen from the U.S. government.”

He and the other intelligence chiefs, including Adm. Michael S. Rogers, the departing director of the National Security Agency, also addressed the slew of other threats they see facing the United States. They cited North Korea’s nuclear program, Islamist militants in the Middle East and even illicit drug trafficking, especially the smuggling of cheaply made fentanyl, a powerful opioid responsible for thousands of deathseach year.

But as has been the case for years, the intelligence leaders presented cyberactivities of rival nations and rogue groups as the foremost threat facing the United States. They warned that such risks were likely to only grow, citing China, Iran, North Korea and Russia, along with militant groups and criminal networks, as the main agitators.

To ease the flow of information, the Department of Homeland Security is trying to get at least one election official in each state a security clearance. To date, 21 officials in 20 states received at least interim “secret”-level clearances, Ms. Manfra said in the interview.

The federal government is also working to provide states with enhanced online security “to ensure the American people that their vote is sanctioned and well and not manipulated in any way,” Mr. Coats said.

Homeland Security has added 32 states and 31 local governments to a system that scans internet-connected systems in the federal government every night for vulnerabilities, offering weekly reports and fixes to any issues they find, Ms. Manfra said.

Specialists also spend weeks auditing cyberdefense systems in both federal agencies and state elections offices, and last month, the department decided to prioritize requests for the latter to ensure that they get done swiftly, she added.

Virtually every state is taking steps to harden voter databases and election equipment against outside attacks and to strengthen postelection audits. When the National Association of Secretaries of State holds its winter meeting this weekend in Washington, half of the sessions will be devoted wholly or in part to election security.

New standards for voting equipment were approved last fall that will effectively require manufacturers to include several security improvements in new devices. States are moving to scrap voting machines that do not generate an auditable paper ballot as well as an electronic one; Virginia has decertified most of its devices, Pennsylvania has declared that all new devices will produce paper ballots, and Georgia — a state whose outdated equipment produces only electronic voting records — has set up a pilot program to move to paper.

But a host of problems remains. Roughly one-fifth of the country lacks paper ballots, and replacing digital-only machines costs millions of dollars. Federal legislation that would allot funds to speed up the conversion to paper is crawling through Congress.

Many experts, meanwhile, believe that Russian meddling in the presidential race was but a foretaste of what is to come — not just from the Kremlin, but also from other hostile states and private actors.

“Russia learned a lot last year in what really, I think, can be seen as a series of probing attacks,” Douglas Lute, a retired Army lieutenant general, deputy national security adviser to President George W. Bush and ambassador to NATO under President Barack Obama, said in an interview. “I think we should expect that they learned and they’re going to come back in a much more sophisticated way.”