With the election now less than 3 months away, there has been a lot of coverage on how to ensure the voting process is secure. Congress has recently made $380 million available in funding to improve the federal election process. The Department of Homeland Security’s Election Infrastructure Subsector Government Coordinating Council released a white paper this summer containing some helpful advice in regards to secure elections.
Here are 5 tips DHS is recommending to improve overall cyber security posture:
- Post-election auditing is a common practice for many jurisdictions, however, this practice can be time consuming and costly. Jurisdictions should deploy efficient and effective auditable voting systems to ensure the resilience of the process.
Planning and Exercising
- Most election officials already have developed a contingency plan. Additional resources should be used to update these plans to include cyber disruptions, as well as a scheduled rehearsal for these particular plans.
- Training on cyber security practices should be required for the entire staff, not just the IT staff.
- Start with building a comprehensive portrayal and understanding of what systems are being defended and which systems are high-value or high-risk. Several states have already started examining items such as two-factor authentication or moving to a top-down structure to support a more secure registration process
- Utilize resources to not only improve defensive posture but also to improve the ability to detect and recover from possible incidents. Investments in regular backups (both online and offline) of critical data (like voter registration data) and testing of those backups will ensure the ability to recover from possible ransom ware or other attacks intended to destroy or alter data.