Jan 02 2024
Security

How Does the Federal Government Keep Elections Secure?

As the 2024 primary season begins, CISA and other agencies prepare assistance for state and local communities.

The security of the electoral process has become a paramount concern for cybersecurity experts in recent years. From foreign meddling to disinformation campaigns, election officials and their cyber teams have security top of mind.

While states and local communities are in charge of the technology and data needed to run an election, federal agencies play a key role in helping to ensure the integrity of a process that is fundamental to democracy.

The Cybersecurity and Infrastructure Security Agency describes election infrastructure as an assembly of systems and networks that includes voter registration databases and associated IT systems; IT infrastructure and systems used to manage elections; voting systems and associated infrastructure; and storage facilities for election and voting system infrastructure.

Click the banner below to learn how federal agencies are implementing zero trust architecture.

Why Is Election Security Important?

Given the contested nature of the 2020 vote and the looming 2024 primaries, which begin on Jan. 23 in New Hampshire, election security is a hot issue right now, largely because the nation faces a demonstrably real threat landscape.

“We're legitimately scared that foreign actors will disrupt the election,” says Bruce Schneier, adjunct lecturer in public policy at the Harvard Kennedy School. “They have been doing that for decades, and from 2016 on we've seen operations coming out of Russia, China, Iran and possibly North Korea. We know these things are happening.”

“We also worry about domestic actors, because the cost of these kinds of interference operations is becoming so cheap that you no longer have to be a nation-state to do them,” Schneier says, pointing to the rise in off-the-shelf malware that’s readily available and relatively inexpensive to implement.

The very nature of the electoral process means cyber teams are under intense pressure to get this right.

“The thing about elections is, there's no recovery,” Schneier says. “If your bank account gets hacked, we could spend two weeks to figure it out, and then we’ll give you your money back. If Pennsylvania can’t find its voter rolls, we're not going to do Pennsylvania again next week. The failure modes are so catastrophic.”

DIVE DEEPER: How did disinformation affect the 2020 election?

How Does Election Security Work?

Election security aims to ensure that all parts and pieces of the voting process work reliably.

With the high-profile legal action related to alleged compromises of Dominion Voting equipment, cyber teams need to secure the voting machines. They need to ensure the security of networks that transmit data as well as the back-end systems that tabulate results, among other elements.

The mechanisms of election security “encompass a broad spectrum of cybersecurity tools and practices,” says Surjeet Mahant, senior managing director and global head of cyber risk management for K2 Integrity, a risk management and regulatory advisory firm.

These may include “vulnerability scanning to detect and address security weaknesses, continuous penetration testing and purple teaming, robust and agile monitor and respond capabilities, with best of breed incidence response mechanisms,” Mahant says.

Bruce Schneier
The thing about elections is, there's no recovery. The failure modes are so catastrophic.”

Bruce Schneier Adjunct Lecturer in Public Policy, Harvard Kennedy School

What’s the Federal Government’s Role in Election Security?

While state and local government work to assure voters of the accuracy of the count, the federal government plays a key supporting role.

Much of that support is indirect. “The federal government is reasonably hands-off. It’s mostly grants and funding,” says SailPoint CISO Rex Booth, a former chief of cyberthreat analysis at CISA and former director of stakeholder engagement in the Office of the National Cyber Director.

In addition, the federal government establishes cyber best practices. The National Institute of Standards and Technology “pushes out a lot of the requirements that federal agencies are then obligated to follow. Those become the de facto standard, from the federal government's perspective, for how systems should be secured,” Booth says.

At a high level, CISA “has been playing a pivotal role in providing guidance on safeguarding state elections,” including “significant information sharing to help states enhance their election security posture, ensuring a resilient and secure electoral process,” Mahant says.

CISA offers hands-on assistance as well, with a field staff of over 650 individuals nationwide working to support state and local partners. The federal support is essential, says Jeff Brown, Connecticut CISO and faculty at IANS Research, a Boston-based cybersecurity research and advisory firm.

“Election cybersecurity monitoring requires a coordinated effort across all parties,” he says. “Our federal partners can assist with cybersecurity and malicious activity monitoring by request. This central coordination helps with rapid threat identification and faster dissemination of threat intelligence across the states.”

READ MORE: Federal agencies and state governments collaborate to secure elections.

What’s the Technology Behind Election Security?

Election security depends on many of the same tools that ensure cybersecurity in general, says Scott C. Algeier, executive director of IT-ISAC, which manages the Elections Industry Special Interest Group.

Among these, he lists:

“There are a range of well-established best practices and risk management frameworks that state and local election officials use, including the NIST Cybersecurity Framework,” Algeier says.

Through the Joint Cyber Defense Collaborative (JCDC), CISA has compiled a toolkit to help state and local government officials secure election infrastructure. In addition to free CISA Cyber Hygiene Services vulnerability scanning, the agency encourages the use of commercial tools.

These include, among other tools, the Google Advanced Protection Program to protect users from targeted online attacks; Microsoft Windows Backup and Restore to automatically back up Windows 10 and 11 operating systems to an external drive or network location; Zscaler’s Ransomware Risk Assessment to scan for ransomware-specific intrusion; and Google reCAPTCHA to keep malicious software from engaging in abusive activities on a user’s website.

READ MORE: Mail-in votes require special cybersecurity attention.

Elections also rely on technologies that are not internet-connected, such as voting machines, ballot marking devices and ballot tabulators.

“For these systems, some other security controls come into play, such as securely storing the equipment; using tamper-proof and tamper-evident seals; physical inspections of the equipment before, during and after use; and maintaining chain-of-custody logs, along with video surveillance,” Algeier says.

Taken together, these safeguards can ensure election security, delivering an accurate vote count while simultaneously building trust in democratic processes.

adamkaz/Getty Images
Close

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.