A survey conducted by cybersecurity firm Arctic Wolf and the Center for Digital Government reveals that many local and state government leaders responsible for election integrity feel unprepared and ill-trained to address cybersecurity threats.
Description
The survey findings indicate that nearly 60% of officials in city, county [3], and state offices are either not prepared or only somewhat prepared to detect and respond to cybersecurity incidents targeting elections [3]. Furthermore, the research shows that only about 4% of US states and 3.6% of cities are fully prepared to detect and recover from election-targeted cybersecurity incidents. Additionally, a majority of respondents anticipate either an increase or no change in cyber incidents related to the 2024 elections compared to the 2020 Presidential Election. However, over a third of respondents reported inadequate budget to address cyber concerns within their elections team, and a significant number do not receive election-specific cybersecurity awareness training [2].
Areas of concern in election-related cybersecurity include public awareness campaigns [1], staff training [1], tabletop exercises [1], and free security tools [1]. To address these concerns [1] [2], the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) offers support to election officials [1].
Conclusion
The survey results highlight the pressing need for improved cybersecurity preparedness among local and state government leaders responsible for election integrity. Insufficient training and budgetary constraints pose significant challenges in addressing cyber threats targeting elections. To mitigate these concerns, it is crucial to prioritize public awareness campaigns, staff training [1], tabletop exercises [1], and the utilization of free security tools. The support provided by the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) can play a vital role in enhancing the cybersecurity readiness of election officials. Looking ahead, it is imperative to allocate adequate resources and implement comprehensive training programs to ensure the integrity and security of future elections.
References
[1] https://www.cisecurity.org/about-us/media/media-mention/phishing-disinformation-top-2024-election-security-concerns
[2] https://www.infosecurity-magazine.com/news/us-states-prepared-cyber-elections/
[3] https://securityboulevard.com/2024/01/survey-election-workers-feel-unprepared-for-upcoming-cyberthreats/
