Coordination Helped Inform State and Local Officials
In the runup to the election, there were widespread concerns about malicious actors spreading disinformation, hacking into voter registration databases, locking election security officials out of databases through ransomware attacks, manipulating vote tallies and potentially targeting the power grid to disrupt the vote.
None of that came to pass due to the coordination of security efforts by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
CISA spent years building partnerships with groups such as the Elections Infrastructure Information Sharing and Analysis Center, an election security clearinghouse for state and local governments staffed and operated by the Center for Internet Security.
CISA also built up strong working relationships with groups including the National Association of State Election Directors and the National Association of Secretaries of State, both of which commended the cooperative election security efforts.
“One of the big lessons learned from 2016 was that information sharing needed to improve significantly, so we put processes in place as a community to better share security information from the federal level to state and local election officials, as well as from election officials to our federal partners,” NASED Executive Board President Lori Augino tells StateTech. “The ISAC is the primary means of information sharing, including how information is shared to and from CISA and election officials, and it’s been very successful.”
The sharing of threat intelligence was critical, as was the coordination between federal, state and local officials. These practices and relationships should continue to be strengthened in the months and years ahead. American elections are a notoriously decentralized affair, with thousands of counties administering elections on the ground and reporting up to state officials. Coordination will always be crucial to ensuring that emerging threats are detected and planned for.
Security Technology and Training Go Hand in Hand
Coordination wasn’t the only thing enhanced between 2016 and 2020. States also made investments in better cybersecurity technologies.
Augino notes that states “implemented things like two-factor authentication, phishing trainings, risk and vulnerability assessments and other best practices, which have been especially valuable this year as more people have been working remotely as a result of the pandemic.”
Working in coordination with the nonprofit Center for Internet Security, CISA has helped states deploy endpoint detection and response software, which is designed to identify and block malware and anomalous activity.
Lawrence Norden and Gowri Ramachandran, election experts at New York University’s Brennan Center for Justice, write in Slate that many states used federal and state funding to “modernize their IT infrastructure, while strengthening the technical knowhow of local election officials.”
Election systems, often outdated, had previously been “difficult to maintain, did not integrate well with modern systems, and featured security gaps that were easily exploited by bad actors,” Norden and Ramachandran write.