As more MSSPs, MSPs and other cybersecurity organizations get into the election security business, new guidance from the Cybersecurity and Infrastructure Security Agency (CISA) will help them maintain and restore confidence in the reliability of voting systems and mitigate voter misinformation.
In cooperation with the U.S. Election Assistance Commission (EAC), CISA has released “Enhancing Election Security Through Public Communications,” a guide for state, local, tribal and territorial election officials who are the primary sources of official information about elections.
The guide offers useful information and tactics to help election officials address risk to election infrastructure and operations by developing a public communications plan that conveys accurate information about how they administer and secure elections and by preparing their teams to communicate effectively.
CISA asserts that open communication with citizens is crucial to maintaining public trust in the security and integrity of the election process.
Mick Baccio, who leads Splunk’s research efforts as a member of its SURGe team and who served as White House Threat Intelligence Branch Chief in both the Obama and Trump administrations, emphasized that imperative during an interview with MSSP Alert at Splunk .conf24 in June.
“I think CISA has done a great job since 2020 when Chris Krebs (former CISA director) was fired by tweet (by President Donald Trump), and what the Director (Jen Easterly) has reasonably done since then,” said Baccio. “I think CISA has made a tremendous effort to convince people exactly that, that the elections are fair and free and secure.”
However, he acknowledges that a sizable number of American voters are still not convinced that the last presidential election was free and fair and are no closer to believing that the next one will be any more secure.
“I think there's equally as many folks that, no matter what you say and no matter what information you present, it's just you're not going to convince anyone, and I don't know how to fix that,” Baccio said. “So, just keep having the conversation, tell them again and again and keep finding a way to make that message resonate.
“It goes back to security in general. I could be the smartest guy. I can have the best research. But if I don't know how to effectively articulate that to the audience and make it resonate, then why am I even here?”
Election Security Becomes a Business
Speaking to MSSP Alert for a recent article about election security, Adam Marrè, Arctic Wolf chief information security officer, described the business opportunities ahead for cybersecurity providers.
“MSSPs, MDR (managed detection and response) providers in particular, will play a crucial part in ensuring the integrity of elections by providing services and knowledge to protect organizations conducting elections from cyberattacks and other potential exploits,” he said. “The threats to elections are very real, with nearly half of respondents in a recent survey anticipating an increase in cyber incidents during this election season.”
Berkeley, California-based Kivu Consulting is one of the MSSPs involved with election security this year. Gary Alterson, vice president of Managed Security Services, told MSSP Alert that Kivu has signed on with a larger (unnamed) company to provide election security services for their clients.
Alterson believes that while voting machines are by-and-large safe from exploits, BEC campaigns and account takeovers could be commonplace. For example, an individual might be scammed by an email from someone posing as candidate asking them to wire money to a certain campaign office or PAC.
“It's not impossible to say that in addition to those seeking to cause mistrust in an election or otherwise influence an outcome, there won't be others looking for financial gain,” he said. “As you think about campaigns, PACs or election offices, the closer you get to an election, they're going to pay pretty fast in the event of a ransomware attack.”
Cybersecurity tech giant CrowdStrike is big player in the election security game, availing its Cybersecurity & Election Security Resource Center to voting districts. The center serves as a repository of knowledge, programs and resources that can help strengthen the security posture of elections entities and campaigns.
Fortinet, a company that partners with MSSPs, provides election services through its State & Local Government practice, as well as a variety of safe and secure election resources and best practices. Mandiant, a Google Cloud company, is another security provider that’s offering specialized services to protect election systems, including incident response and attack surface management.
Communication Key to Ensuring Election Integrity
Election officials frequently engage in public communications and answer questions from the media and the public on a wide range of topics, such as election dates and deadlines, voter registration, candidate filings, voting locations, election worker recruitment, security measures, and the publication of results.
To help them with this critical function, CISA and the EAC developed “Enhancing Election Security Through Public Communications,” providing a framework and practical tools for developing and implementing a year-round communications plan.
“The ability for election officials to be transparent about the elections process and communicate quickly and effectively with the American people is crucial for building and maintaining their trust in the security and integrity of our elections process,” CISA Senior Advisor Cait Conley said. “This guide is about providing election officials with resources and tools that help them do that as they work tirelessly to meet the unique needs of their state and local jurisdictions.”
To learn more about strengthening election security, visit Protect 2024 on CISA.gov.