Russia's apparent efforts to influence the 2016 presidential election showed that the U.S. system is vulnerable to many cyber threats — and not just in the voting booth. It therefore seems inevitable that Russians and other potential actors will attempt to disrupt future U.S. elections, or at least work towards that option.
So how can Americans better protect our electoral infrastructure from cyber disruption? We will never achieve 100 percent security, of course, but officials can still do much to defend our election process. Here are six key steps that could bring dramatic improvements:
Change our mindset about the problem
Right now, our focus is on protecting individual voting machines from hackers who might change selections. But an election consists of far more infrastructure, including voter registration databases, voter lists for poll workers to check against and vote tallying systems. If a malicious actor succeeded in corrupting any of these systems, it could significantly undermine the electoral process.
Americans need to view the entire electoral infrastructure as a critical asset — like a power grid or communications network — deserving of the same attention and resources. Officials must also consider non-cybersecurity, low-tech approaches such as ensuring that the voting process produces a clear, checkable paper trail that is kept for an extended period of time after the vote.
Adopt a risk-management approach
Though we can never entirely eliminate the threat, we can manage risk to bring threats down to an acceptable level.
Consider what the National Institute of Standards and Technology Cybersecurity Framework is doing to help business. It advises executives so they can think about cybersecurity in risk-management terms — the same way they might view litigation risk or the likelihood of natural disasters. It shifts the focus from treating cyber threats as a technical problem to be solved to seeing them as a long-term risk to be mitigated.
This framework helps corporate executives think through the problem and determine how to allocate resources. It might be, for example, that upgrading all voting machines does not result in the largest marginal return on a cybersecurity dollar. Instead, jurisdictions might reduce their risk more by increasing the resilience to tampering of voter registration databases or enabling backup methods for vote tallying if primary systems are knocked off-line.
By adopting a risk-management framework, electoral officials would have an analytic foundation for making these kinds of decisions.
Make cybersecurity a priority
Top election officials should make clear that election infrastructure cybersecurity is a priority and that they plan to hold themselves and their staff accountable. Raffi Krikorian, the new chief technology officer for the Democratic National Committee is taking this to heart. He recently spoke to WIRED about how he's improving security for his party's infrastructure.
The corporate world has shown that when a chief executive and other top-level officials make cybersecurity a priority, the company's security posture improves. New York State recently passed cybersecurity rules requiring financial services companies to hire a chief information security officer and have a specific board member oversee cybersecurity compliance efforts.
Accountability is also crucial. Not in the sense of a "zero tolerance" policy for intrusions — because that's a recipe for failure. You can, however, hold people accountable for implementing sound risk-management plans and being diligent in addressing risks. The New York regulations require financial institutions that suffer material breaches to notify the state's Department of Financial Services within 72 hours of discovering the entry.
Establish an incident response plan
Effective response plans enable organizations to contain cyber threats and reduce their impact. These plans must involve real-time, rapid communications with both workforce and customers. For election infrastructure, they should enable officials to limit damage quickly, while communicating with the public to maintain confidence in the voting process. In preparation, officials should run regular, mock exercises of their response plans.
Build relationships in the security industry
Election officials must develop relationships with cybersecurity experts, state or local information technology organizations, federal law enforcement and the Department of Homeland Security. They should not be meeting these people for the first time during a crisis.
This recommendation does not mean the federal government takes over the voting process. But if the potential threat is a foreign adversary or nation-state-backed group, state and local officials are going to need assistance in combating it. Federal officials also likely have experience in dealing with cyber threats to other critical infrastructure components that would be valuable in the electoral context.
Election officials should know what resources are available to address the threat and should have worked through the necessary legal agreements for how they will contact and work with varying forms of help. Discussions of these logistics should begin long before Election Day.
Create a culture of information sharing
The Electoral Assistance Commission and state and local election officials should establish an information-sharing and analysis organization to disseminate key threat intelligence and share best practices for securing the election infrastructure.
Similar groups exist in virtually all other critical U.S. infrastructure areas — such as the Financial Services Information Sharing and Analysis Center or the Energy Information Sharing and Analysis Center. The groups share information about threats and relay best practices to combat them.
The six steps listed above are not hard to follow. Nor do they cost a great deal or require a high degree of sophistication. But they do require commitment from the top and a sustained investment over time.
Americans can improve the security of our electoral system and maintain voter confidence in the process. Some jurisdictions are already taking steps along these lines.
Wisconsin is one state now looking into new security measures to protect voting infrastructure. Meanwhile, Minnesota is taking a more secure old-school, low-tech approach by using paper ballots, and not connecting tallying machines to the Internet.
But all election officials nationwide need to focus on this problem and start the hard work that cybersecurity demands.
Michael Daniel worked in the Obama administration as special assistant to the president and cybersecurity coordinator at the White House. He is now president and chief executive of the Cyber Threat Alliance.