The Threats Are Local, but the Danger Is National
High-profile cyberattacks, or even just the specter of them, have the potential to erode trust in the electoral process. Earlier this year, a team of elite white-hat hackers gathered in Las Vegas in an attempt to infiltrate voting machines. They succeeded, according to Politico.
These types of drills amplify the need for a comprehensive approach to cybersecurity, one that anticipates and mitigates risks from a variety of actors, including nation-states and cybercriminals seeking to disrupt U.S. elections as well as the average worker who might click on a malicious link in an email.
Federally, we’re starting to move in the right direction. The 2017 designation of election systems as critical infrastructure by the Department of Homeland Security was a pivotal moment, underscoring the national security implications of election security. It catalyzed efforts at federal, state and local levels to strengthen the cybersecurity defenses of election systems. This represents progress, but there’s more work to be done.
RELATED: Take these six steps to secure local elections.
A Multilayered Approach Enhances Cybersecurity Defenses
Risks to the entire electoral ecosystem must be well understood, from the databases that store voter information to the machines used for casting and counting votes and the administrators and volunteers who staff them.
Actionable steps toward a more effective, robust cybersecurity posture that accounts for all attack vectors and vulnerabilities include the following:
- Secure voter registration databases. Cyberattackers might seek to disrupt the voter registration process, illicitly access voter registration databases or otherwise sully the public’s faith in the legitimacy of votes. Implementing strong access controls, encryption and regular security audits can help protect these databases from unauthorized access and tampering.
- Protect voting machines. Voting machines and the systems that tabulate and report results must be virtually impenetrable to hackers, and their veracity must be unquestionable. For starters, this means using machines that provide a verifiable paper trail, conducting rigorous pre-election testing and ensuring that machines are not connected to networks that can be exploited by hackers.
- Implement robust incident response plans. Preventive cybersecurity won’t help you once you’re breached. But a circumspect incident response plan that includes protocols for identifying, containing and mitigating attacks can be a lifeline. It’s impossible to overstate the importance of quickly restoring system integrity and voter confidence in the event of a cybersecurity incident.
- Promote cyber hygiene among election staff. Training election officials and staff in cybersecurity best practices is critical for preventing security breaches. This includes awareness of phishing attacks, the importance of strong passwords and the secure handling of sensitive data.
- Enhance interagency and private sector collaboration. Strengthening partnerships between election authorities, cybersecurity agencies and private sector cybersecurity firms facilitates the sharing of threat intelligence, best practices and technological solutions to enhance election security.
DIVE DEEPER: IAM supports a zero-trust environment.
Federal Funding Plays a Critical Role
As cyber adversaries become more sophisticated, thwarting them becomes more expensive.
But the reality is that many local and state election offices have limited budgets that cannot always cover the requisite cybersecurity defenses. This financial shortfall risks precipitating security holes that adversaries might exploit to undermine public confidence in election outcomes. Federal funding is key to bridging this resource gap.
What’s more, this funding must be viewed as an investment in the nation's security. By allocating resources to protect against cyberthreats, the federal government safeguards the democratic process against external aggression and internal subversion.
I’ll add that securing the electoral process isn’t just an administrative challenge; it’s a national security imperative. Election integrity underpins the legitimacy of government and paves the way for a peaceful transfer of power. Both of these are core tenets of a functioning, globally recognized democracy.
Federal funding for election cybersecurity must therefore be sustained and strategic. This means addressing immediate vulnerabilities but also investing in the long-term resilience of election infrastructure. Key areas for investment include:
- Cybersecurity expertise. Investment in training and hiring skilled cybersecurity personnel for state and local election offices is critical to identifying and mitigating threats.
- Incident response and recovery. Resources must be allocated for developing and implementing incident response plans, ensuring that election offices can quickly recover from cyber incidents without compromising the integrity of the vote.
- Interagency collaboration. Enhancing coordination among federal, state and local agencies and leveraging private sector expertise can strengthen the overall security of the electoral process.
LEARN MORE: Evaluate cybersecurity training programs.
Stronger Solutions and Better Collaboration Offer a Way Forward
As the U.S. gears up for future elections, state, local and federal agencies must make improved cybersecurity technology a part of its arsenal. investments in technology provide a path forward, but only if collaboration is occurring across all levels of government.
At the end of the day, this really is a matter of safeguarding the cornerstone of democracy: secure, fair and free elections. The time to act is now, while elections are top of mind across the nation. This is an opportunity to help ensure that election security remains a top priority for all stakeholders involved in the electoral process, now and in the years to come.