Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Government

Federal Cybersecurity Agency Launches Program to Boost Support for State, Local Election Offices

CISA launched a program aimed at boosting election security, shoring up support for local offices and hoping to provide reassurance to voters that elections will be safe and accurate.

CISA known exploited vulnerabilites

The nation’s cybersecurity agency has launched a program aimed at boosting election security in the states, shoring up support for local offices and hoping to provide reassurance to voters that this year’s presidential elections will be safe and accurate.

Officials with the U.S. Cybersecurity and Infrastructure Security Agency planned to introduce its new election security adviser program Thursday to the National Association of State Election Directors and on Friday to the National Association of Secretaries of State. Both groups have their annual meetings this week in the nation’s capital.

For state and local election officials, the list of security challenges keeps growing. Among them: potential cyberattacks waged by foreign governments, criminal ransomware gangs attacking computer systems and the persistence of election misinformation that has led to harassment of election officials and undermined public confidence.

Just in the past few weeks, AI-generated robocalls surfaced in New Hampshire before the state’s presidential primary and a cyberattack affecting the local government in Fulton County, Georgia, has created challenges for its election office.

The CISA program includes 10 new hires, all of whom join the federal agency with extensive election experience. They will be based throughout the country and join other staff already in place that have been conducting cyber and physical security reviews for election offices that request them.

The agency was formed in the aftermath of the 2016 election, when Russia sought to interfere with a multipronged effort that included accessing and releasing campaign emails and scanning state voter registration systems for vulnerabilities. Election systems were designated as critical infrastructure, alongside the nation’s banks, dams and nuclear power plants, opening them up to receiving additional support from the federal government.

CISA Director Jen Easterly announced plans for the program at a July meeting of the state election directors in South Carolina. The new team will be entirely focused on elections, which is critical because of the complexities surrounding voting that vary by jurisdiction, said CISA Senior Advisor Cait Conley, who leads the agency’s election security efforts.

“Understanding the complexity of each state’s election operating environment and their security needs is critical to us being effective partners in helping them mitigate those needs and ensuring the infrastructure security and resilience,” Conley said.

Advertisement. Scroll to continue reading.

The new advisers include the former state election director in Texas, Keith Ingram; the former chief information officer for the Ohio Secretary of State’s Office, Spencer Wood; and the former elections supervisor in Escambia County, Florida, David Stafford.

“I know what they are up against, particularly in the smaller jurisdictions. I want to be there to help them prepare for what’s ahead and support them on the good and more challenging days by linking them to our expertise and services,” said Lori Augino, another of the new election security advisers who previously served as the state election director in Washington state. “The resiliency of our election system depends on this network of support.”

State election officials welcomed the additional help.

“No county is going through this alone without partners and no state is going through this alone without partners. And we’re lucky to have this relationship with CISA to help make sure that our cybersecurity infrastructure is hardened against efforts by bad faith actors to interfere with it,” said Al Schmidt, who serves as Pennsylvania’s chief elections officer.

Karen Brinson Bell, executive director of the North Carolina State Board of Elections, said she has already spoken with the new CISA election security adviser for her region and shared some of her needs.

“For CISA to be able to be more on the front lines assisting us is really the right step forward,” Brinson Bell said.

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

Funding/M&A

Private equity giant plans to buy Forcepoint’s Global Governments and Critical Infrastructure (G2CI) business unit for $2.5 billion.

Cyberwarfare

US National Cybersecurity Strategy pushes regulation, aggressive 'hack-back' operations.

Government

Companies have announced securing billions of dollars in cybersecurity-related contracts with the United States government in 2022.

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Government

CISA has described and published a set of principles for the development of security-by-design and security-by-default cybersecurity products.

Cloud Security

Redmond is accused of “negligent cybersecurity practices” that enabled a successful Chinese hack of the United States government.

Government

TSA instructs airport and aircraft operators to improve their cybersecurity resilience and prevent infrastructure disruption and degradation.