Why Is Election Security Important?
Given the contested nature of the 2020 vote and the looming 2024 primaries, which begin on Jan. 23 in New Hampshire, election security is a hot issue right now, largely because the nation faces a demonstrably real threat landscape.
“We're legitimately scared that foreign actors will disrupt the election,” says Bruce Schneier, adjunct lecturer in public policy at the Harvard Kennedy School. “They have been doing that for decades, and from 2016 on we've seen operations coming out of Russia, China, Iran and possibly North Korea. We know these things are happening.”
“We also worry about domestic actors, because the cost of these kinds of interference operations is becoming so cheap that you no longer have to be a nation-state to do them,” Schneier says, pointing to the rise in off-the-shelf malware that’s readily available and relatively inexpensive to implement.
The very nature of the electoral process means cyber teams are under intense pressure to get this right.
“The thing about elections is, there's no recovery,” Schneier says. “If your bank account gets hacked, we could spend two weeks to figure it out, and then we’ll give you your money back. If Pennsylvania can’t find its voter rolls, we're not going to do Pennsylvania again next week. The failure modes are so catastrophic.”
How Does Election Security Work?
Election security aims to ensure that all parts and pieces of the voting process work reliably.
With the high-profile legal action related to alleged compromises of Dominion Voting equipment, cyber teams need to secure the voting machines. They need to ensure the security of networks that transmit data as well as the back-end systems that tabulate results, among other elements.
The mechanisms of election security “encompass a broad spectrum of cybersecurity tools and practices,” says Surjeet Mahant, senior managing director and global head of cyber risk management for K2 Integrity, a risk management and regulatory advisory firm.
These may include “vulnerability scanning to detect and address security weaknesses, continuous penetration testing and purple teaming, robust and agile monitor and respond capabilities, with best of breed incidence response mechanisms,” Mahant says.