#RSAC: Election Security Beyond the Ballot Box

Feb 28, 2020 02:00 am Cyber Security 267

#RSAC: Election Security Beyond the Ballot Box

There has been a lot written in recent years about election security and ensuring the integrity of voting systems. While voting machines are important, so too are non-voting election technologies, which was the topic of a session at the RSA Conference in San Francisco.





Aaron Wilson, Senior Director of Election Security at the Center for Internet Security (CIS), explained that non-voting election systems include things that support elections. Those systems include electronic poll books, election night reporting systems, voter registration systems, and electronic ballot delivery.





"There is a lot to that attack surface, but there are not a lot of standards and regulations," Wilson said.





The Center for Internet Security has developed a guide to help secure those non-voting election systems that has 160 best practices to help reduce risk and improve confidence. The overall goal, according to Wilson, isn't necessarily that every election official will do all the steps, but rather they will have a guide that provides questions to ask vendors and IT staff.





Core Recommendations





There are three key areas that Wilson suggested election officials should look at. The first is dealing with Denial of Service (DoS) risks.





"Denial of Service is concerning because you know exactly when to wage the attack against an election system," he said. "If you can take a service down in a moment of critical need it can have significant impact."





Ransomware is also a risk that election officials need to defend ag ..

Support the originator by clicking the read the rest link below.

election security beyond ballot
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!