Election Security Insights – May 2019
In This Issue
- Discover where the latest attacks have occurred in the Election Incident Map.
- CyberDefenses Perspective: If it's not complacency, what is it?
- Noteworthy Headlines
- Protecting 2018 was just a warm-up. Learn what the FBI had to say.
- What exactly are Russia's plans for 2020?
- The Meuller findings are impacting election security plans. Learn how.
- Read how election security spending is expected to change in the coming months.
- CyberDefenses Blog: Discover the one thing that makes election assessments actionable.
Interactive Election Incident Map
In this interactive map, we capture information about the latest election cybersecurity incidents as they occur. Stay informed of the most recent attack locations and methods so you're armed with knowledge that can help you protect your data and systems.
COMPLACENCY ISN'T AFFECTING ELECTION SECURITY PROGRESS, THE UNKNOWNS ARE
by Brian Engle, CISO and Director of Advisory Services
Recent news articles have focused on the unused HAVA funds that the Federal government has allocated for election security, and the implication is that this inaction is the result of a lack of urgency or a sense of complacency.
Those of us on the frontlines of the election security challenge know that the issue is more sophisticated than this. We are aware that the threat level to elections is high. Many groups and individuals have much to gain by manipulating votes and casting doubt on election results. We also know that cybercriminals look for any possible way to infiltrate the election process, and the Internet makes it possible to find avenues of connection that did not exist before. And we’re aware that breaching a small tangential part of the election process can provide an attacker with an inroad to a larger more significant aspect of the election.
The issue isn’t our lack of awareness or sense of urgency. The real issue is that in the midst of sensationalized scare tactics and doom predictions that serve political and business agendas, it’s hard to know exactly what the real threats are and how we can best defend against them. Complacency is far from the underlying collective feeling regarding election security. Overwhelm generated by all of the unknowns; however, is very real, and it can be our biggest roadblock because too often it leads to inaction or ineffective action.
The good news is that while the problem of election attacks is certainly a serious one, it is not impossible. There are definitive things we know about cyber attack methods and proven ways to find out which cyber threats are probable for specific election organizations. There are also clearly defined best practices that provide effective defenses against cyber attack. What’s even better news is many of these practices are simple habits that can become a regular part of your operations with some focused effort.
While it can be counter-productive to react to the panic-inducing headlines, it is important to wisely assess the threat risk and take thoughtful action. Knowledge is our greatest tool in protecting the 2020 election.
FBI Director: Protecting 2018 Elections Was a Dress Rehearsal for 2020 - CyberScoop
Protecting the 2018 U.S. midterm elections from foreign meddling was a “dress rehearsal for the big show” of the 2020 presidential elections, which adversaries are expected to target, FBI Director Christopher Wray said.
Here's Russia's Playbook for Disrupting the 2020 Election - ThinkProgress
If there’s one thing the Mueller report made crystal clear, it’s that Russian interference efforts were just as widespread and damaging as previous reports had indicated. And as America gears up for another presidential election in 2020, there’s little reason to think the Kremlin’s operations won’t return. If anything, they might be worse — and make use of a slate of new technologies that weren’t available in 2016.
Menendez Drops Election Security Bill In Wake of Meuller Findings - InsiderNJ
U.S. Senator Bob Menendez, the Ranking Member of the Senate Foreign Relations Committee and the architect of Russia sanctions legislation, today cited the Mueller Report findings that Russia and other foreign adversaries interfered in the 2016 elections, in demanding Congress act where the Trump Administration has failed and secure our nation’s election infrastructure. The Senator announced legislation to provide robust funding to states to safeguard their voting systems.
State's Spending on Election Security Expected to Pick Up in 2019 - StateScoop
States and territories spent just 8 percent of the $380 million in federal election-security grants in the six months after they were distributed last year, according to the U.S. Election Assistance Commission. But in a report Thursday, the commission said it expects the bulk of that funding to be spent before the 2020 presidential election.
The One Thing That Makes Election Security Assessments Actionable
by Brian Engle, CISO and Director of Advisory Services
Whether your cybersecurity program is advanced or in its beginning phases, an election security assessment is a significant part of improving your cybersecurity stance. However, an assessment is only one step in strengthening your defenses against cybercrime. The actions and decisions that follow an assessment are the true determining factor of success.
The methodologies and scope of assessments can vary widely, and while it’s possible to use any assessment as a solid jumping off point for better security practices, there is one element in an assessment that goes a long way in ensuring that a cybersecurity assessment serves as a strong catalyst for better election security.
cyberdefenses.com/elections | firstname.lastname@example.org
CyberDefenses is an award-winning Managed Security Services Provider (MSSP) specializing in election security. Schedule a 30-minute conversation to learn how we can help protect your election from cyber attack.