Election Security
,
Fraud Management & Cybercrime
,
Government
CISA ‘Committing More Resources Than Ever Before’ to Election Infrastructure
The United States’ cyber defense agency has launched a nationwide effort to secure the 2024 election, deploying teams of advisers across the country and leading coordinated exercises with federal, state and local officials, as well as key private sector partners.
See Also: Maximizing data utility in mission delivery, citizen services, and education
The Cybersecurity and Infrastructure Security Agency election security mission “is a whole-of-agency effort,” said Cait Conley, a senior adviser at CISA who leads the agency’s partnership engagement and coordination efforts with state and local election officials.
The agency has been preparing for the national vote for over a year, establishing dedicated election security adviser positions in each of its regional offices in July 2023 to strengthen front-line support for local election workers and infrastructure, she told Information Security Media Group.
CISA recently completed filling those positions in all 10 of its regional offices, Conley said. The advisers “work hand-in-hand with state election offices.” The agency has also hosted a series of security exercises dubbed “Tabletop the Vote,” most recently leading a four-day cyber and physical incident planning workshop in late August with the national associations of state secretaries and election directors.
“We are committing more resources than ever before to support the election infrastructure community,” said Conley, who previously served as executive director of the bipartisan Defending Digital Democracy Project at Harvard University’s Belfer Center.
Although 2024 is shaping up to be CISA’s most expansive effort in election security, the agency is no stranger to defending the democratic process. CISA previously played a crucial role in safeguarding the 2016 and 2020 elections, implementing many of the same strategies and initiatives that are now being scaled up for this year’s unprecedented push.
Despite ongoing efforts by foreign adversaries to influence U.S. elections, attempts to subvert the vote have been largely unsuccessful in past elections. CISA’s continued expansion of advanced threat detection and response strategies in 2016 and 2020 played a significant role in thwarting attempts by Russia and others to compromise the integrity of the electoral process.
The agency has recently issued warnings about “increasingly aggressive Iranian activity during this election cycle,” including reported activities to compromise former President Donald Trump’s campaign (see: Iran Amplifies US Election Influence Campaign).
The Department of Homeland Security designated election infrastructure as a subset of the government facilities sector in 2017, further recognizing the vast networks of voter registration databases, information technology systems, polling places and voting systems as critical infrastructure.
CISA has since published an election cybersecurity toolkit through its flagship public-private partnership, the Joint Cyber Defense Collaborative, as well as an election security Rumor vs. Reality platform to provide reliable information on disinformation campaigns related to the national vote.
The agency over the last six years has rolled out a wide range of no-cost voluntary services and resources aimed at reducing risks to election infrastructure, including vulnerability scanning, physical security assessments and supporting the nationwide adoption of .gov
domains, which experts say enhance trust by ensuring that election information is verified and comes from official, credible sources.
The use of CISA and CISA-funded services “is higher than ever,” CISA Director Jen Easterly said at the National Association of State Election Directors’ summer conference.
“Our capabilities and posture in this area is simply ‘night and day’ when compared to 2016,” she added.