Creating election security alliances
- By Sara Friedman
When preparing for secure, successful elections, one of the keys is getting as many stakeholders involved as possible to protect against threats. For Amber McReynolds, Denver's director of elections, making those connections starts with local government agencies.
McReynolds is able to work with Denver CIO Scott Cardenas to bring in technology services related to the city and county’s 311 service, network infrastructure and applications to create an elections strategy.
“We can have year-round conversations on the expectations and needs, so by the time that election night rolls around we can have a fairly smooth process,” Cardenas said during an Oct. 4 webinar held by the Election Assistance Commission.
Due to the centralization of the city’s IT services over the past nine years, expertise in elections has spread from one person to five. Other counties in Colorado, the U.S. Department of Homeland Security and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are also sharing threat information to increase the knowledge base.
Thomas Connolly, director of the New York State Board of Elections, agreed with McReynolds and Cardenas on the need for collaboration, but he said that it can be difficult for 62 counties with a range of cybersecurity resources and capabilities to effectively share information.
Connolly said he encourages his election officials to take advantage of free resources provided by DHS for election security and other innovations from the private sector.
“Election officials need to realize that it is hard to keep track of everything from the state and local standpoint, and there are may be other people who know more about security,” Connolly said. “It is important to build a two-way dialogue so technology providers can understand what we are doing and how to secure those systems.”
Prior to the 2016 elections, the New York State Board of Elections used Google’s Project Shield service to protect its website against distributed denial-of-service attacks. Voters could find their polling places and check election results, and state election officials were assured that hackers could not shut down the website.
“If our website went down and took our election results offline, we realized it would immediately cast doubt [on the process], which we did not want to happen,” Connolly said. “Google sent an engineer to help us get this service off the ground over a weekend.”
As a contingency, Connolly’s office also gave redundant data on New York polling locations to Google and Facebook to make sure the information was accurate and could serve as a backup in the event of a website outage or DDOS attack.
When it comes to improving security processes, Ben Spear, senior intelligence analyst at MS-ISAC, encouraged officials to come up with comprehensive incident response plans that identify the individuals responsible for responding to the threat, enable officials to spot problems and follow best practices to eliminate threats once they are contained.
“It is also important to review what happened once the incident is over because the biggest [way to improve] is to determine how we dealt with the incident response and how we can do better next time,” Spear said.