Cybersecurity Awareness Month Provides Platform to Prevent Election Cyberattacks
Secure and successful elections have always relied on the cooperation and coordination of election officials, poll workers and voters. The 2016 election elevated the role that State and local government’s information technology department staff play in supporting secure voting experiences. The U.S. Election Assistance Commission, or the EAC, recently kicked off Cybersecurity Awareness Month by livestreaming a roundtable discussion in their Washington, D.C. office.
The EAC’s Director of Testing and Certification Brian Hancock describes the current election cybersecurity climate:
Once an issue is introduced into the election ecosphere, it often remains a permanent and recurring part of the landscape. For example, a recent Google search of the words “cybersecurity elections” produced over 12 million hits. And at nearly every election-related forum I’ve attended during the past year, cybersecurity was a key topic of discussion.
The EAC’s roundtable discussion brought together six stakeholders to discuss cyberattack prevention, resource allocation and incident response plans. EAC Chairman Matt Masterson moderated the discussion featuring the Chief Technologist of Internet Architecture Project at Center for Democracy and Technology Joseph Lorenzo Hall, Senior Intelligence Analyst for the Multi-State Information Sharing and Analysis Center Ben Spear, Chief Information Officer for the City and County of Denver Scott Cardenas, and two CSG Overseas Voting Initiative Technology Working Group members, Denver Elections Director Amber McReynolds and New York State Board of Elections Director of Operations Thomas Connolly.
In Denver, Amber McReynolds and Scott Cardenas are constantly finding better ways to operate secure and successful elections. During the roundtable discussion, both McReynolds and Cardenas highlighted the importance of other policymakers, State and local, willing to lend a hand to work together, share information, and create preventive solutions for any foreseen potential hiccups in upcoming elections.
While developing cybersecurity preventative solutions is crucial, stakeholders must also plan for incidents should they occur. Ben Spear discussed the importance of having a plan for “who does what,” containing and eliminating threats, either fixing the existing systems or acquiring new systems as well as looking back on an incident to see how well you handled it, if you still managed to provide opportunity for everyone to vote, and what you can do better next time in responding to a specific threat or attack.
The EAC has new cybersecurity resources available now online from Multi-State Information Sharing and Analysis Center, the National Institute of Standards and Technology, the Department of Homeland Security, and more.
CSG’s Overseas Voting Initiative launched in 2013 through a cooperative agreement with the U.S. Department of Defense’s Federal Voting Assistance Program, to improve the return rate of overseas absentee ballots from service members and U.S. citizens abroad. The link to CSG’s Overseas Voting Initiative can be found here: http://www.csg.org/ovi/default.aspx