Quite the hot-button issue these days. Step into the proverbial public square, or be invited behind closed doors, and you’ll find elections are being discussed with fervor. With all the extra attention, it’s important to note that more eyes will be on security than ever – and the scrutiny won’t just be coming from passive personnel.
Implementing an effective cybersecurity strategy demands viewing security from all possible angles. If you are an election organization, not only is it important to make sure your internal environment is secured against attacks, it’s important to understand the external forces that could impact overall security. If you understand how adversaries are trying to infiltrate election processes, skew tallies, and cast doubt on the election results, you will be positioned advantageously when it comes time to shore up defenses.
Cyber Intelligence is the security discipline that opens insight into external threat forces. It provides valuable information to more thoroughly deter cybercrime and find out who perpetrated/ is perpetrating an attack when it does happen. You may think this sounds Sherlockian, but most things do until broken down into their elementary parts.
What exactly is Cyber Intelligence? And how does it specifically help improve election security?”
First, it’s helpful to understand that Cyber Intelligence encompasses several cybersecurity practices, including:
- Threat Intelligence – Gathering data about the activity of known and new threat actors, to gain an understanding of their preferred targets and typical attack methods.
- Threat Hunting – Monitoring networks, endpoints, and systems for any abnormal activity that could indicate a possible breach or attack.
- Cybercrime Investigations – Discovering the perpetrators and mechanics behind a specific security event.
- Cybersecurity Research – Studying new trends in cybercrime, common attack methods, motivators for activity, and other factors that organizations should consider when building their defenses.
Election security can be complex because it involves a tremendous range of reasons behind potential attacks. Some adversaries want to manipulate voting results in favor of, or against a candidate. Others are interested in registering fraudulent voters. Even more others will want to tamper with equipment, in order to cast doubt on the accuracy of the entire election. There are also entities interested entirely in propagating misinformation to influence the results.
Cyber Intelligence can play a key role in helping to identify who is interested in corrupting an election and provide insight into why. Cyber Intelligence can uncover (and help election teams understand):
- What areas are most likely to be attacked.
- How to best manage data access user controls.
- Certain activity indicating potential security problems.
- Strategies to protect against the most likely threat scenarios.
- How to train staff to protect data .
- When and where to be extra vigilant.
- How to reassure voters that the election process is secure against the most common threats.
Knowledge is power. No more clearly is this true than in the world of election security. Understanding your adversary is critical to being able to protect things like voter registration records, the transfer of data between precincts and the state, and the overall voting process. As you prepare for the 2020 elections, consider that Cyber Intelligence could be an invaluable weapon in your cybersecurity arsenal.