Inside Cybersecurity

April 21, 2024

Daily News

Elections ISAC initiates campaign urging officials to focus on cyber basics

By Jessica Karins / June 30, 2022

The Elections Infrastructure Information Sharing and Analysis Center has announced a new awareness campaign encouraging state and local officials to ramp up their cybersecurity efforts as midterm elections approach.

EI-ISAC’s new Cyber STRONG Campaign will aim to raise awareness among officials in state, local, tribal and territorial governments about steps they can take to protect elections, using the slogan “Strong elections are Cyber STRONG.”

“At the EI-ISAC, we recognize that cybersecurity is one of many priorities of election officials across the country,” EI-ISAC Senior Director Marci Andino said in a statement. “With that in mind, we’ve designed the Cyber STRONG Campaign to make it easy for hardworking election officials to implement specific action steps to continue the progress they’ve made in enhancing their cyber defenses as we head into the mid-term elections.”

The Cyber STRONG website urges election officials to take actions that would make “huge strides toward securing the election process in your jurisdiction, continuing the important work you're already doing to instill public confidence in the election process.”

One recommendation is for election offices to stay connected to the EI-ISAC, which offers “election-specific cyber threat intelligence” to its members along with detection and response tools for IT systems and access to assistance from the CIS Security Operations Center. The group has about 3,300 organizations as members.

Another recommendation is to proactively block connections to known harmful websites. Officials can enroll in the security service Malicious Domain Blocking and Reporting, which blocks connections to potentially harmful web domains linked to malware, phishing and other threats.

Election officials are also urged to conduct tabletop exercises with their staff addressing potential cyber threats and train them to exercise caution to avoid phishing schemes, and to take advantage of CIS resources for identifying election misinformation.

Information about best practices in election security is available through the EI-ISAC “Essential Guide to Election Security.”

E-ISAC chair Trever Timmons, who is chief information officer at Colorado’s Department of State, said the Cyber STRONG steps will help election offices take the actions that will be most helpful in strengthening election security.

“At the end of the day, the responsibility for election cybersecurity rests with election officials, and the EI-ISAC has consistently demonstrated a commitment to being there for them with the practical, actionable recommendations that will help make a difference in cyber defense across the election community,” Timmons said.

The Center for Internet Security is home to the EI-ISAC, the Multi-State ISAC and manages the well-known CIS Controls and CIS Benchmarks. – Jessica Karins (jkarins@iwpnews.com)