Updated: Aug 26, 2020
As we head towards one of the most anticipated and important elections of the modern world, US election cybersecurity as a whole is at the forefront of mainstream global interest. Nation-states and hacker groups have set their sights set on the U.S., aiming to cause chaos and influence the outcome of the election results in the hopes of economic and political gain.
We wanted to hear what top cyber leaders thought about election security heading into this season. We’ve compiled some of their expert insights on the dangers to election security this go around and how organizations should be thinking about security and preparing for the worst-case scenario.
Scott M. Giordano, Esq., V.P. and Sr. Counsel, Privacy and Compliance, Spirion
"The top dangers to election security, both to political campaigns and to voting mechanisms, are found within their respective supply chains. A common means for state actors to attack election integrity is to compromise a relatively small supply chain member without the resources to defend itself, then to use that member as a launching point for the next stage of the attack. By this point, campaign leaders and public officials should have reviewed every supply chain member’s security plan and determined whether it was adequate.
The most effective cybersecurity measure ever invented is an alert employee. Campaign staff should assume that state actors and other hostile parties will attempt to subvert the election process and actively monitor their email and mobile devices for phishing and other attacks. They should also be wary of anything out of the ordinary, like urgent demands made via email that really would be done by phone. Finally, everyone should read David Sanger’s The Perfect Weapon, which chronicled the many cybersecurity failures that took place during the 2016 election – the bad guys no doubt will attempt to re-use what worked last time."
Jonn Callahan, Principal Application Security Consultant, nVisium