Recent news articles have focused on the unused HAVA funds that the Federal government has allocated for election security, and the implication is that this inaction is the result of a lack of urgency or a sense of complacency.
Those of us on the frontlines of the election security challenge know that the issue is more sophisticated than this. We are aware that the threat level to elections is high. Many groups and individuals have much to gain by manipulating votes and casting doubt on election results. We also know that cybercriminals look for any possible way to infiltrate the election process, and the Internet makes it possible to find avenues of connection that did not exist before. And we’re aware that breaching a small tangential part of the election process can provide an attacker with an inroad to a larger more significant aspect of the election.
The issue isn’t our lack of awareness or sense of urgency. The real issue is that in the midst of sensationalized scare tactics and doom predictions that serve political and business agendas, it’s hard to know exactly what the real threats are and how we can best defend against them. Complacency is far from the underlying collective feeling regarding election security. Overwhelm generated by all of the unknowns; however, is very real, and it can be our biggest roadblock because too often it leads to inaction or ineffective action.
The good news is that while the problem of election attacks is certainly a serious one, it is not impossible. There are definitive things we know about cyber attack methods and proven ways to find out which cyber threats are probable for specific election organizations. There are also clearly defined best practices that provide effective defenses against cyber attack. What’s even better news is many of these practices are simple habits that can become a regular part of your operations with some focused effort.
While it can be counter-productive to react to the panic-inducing headlines, it is important to wisely assess the threat risk and take thoughtful action. Knowledge is our greatest tool in protecting the 2020 election.