Election security pros focus on effective partnerships

Written by

Trust the process.

That’s the message from a group of election security experts who, during a virtual panel discussion at CyberTalks, said they are working to safeguard the 2020 election from an array of cybersecurity threats.

Benjamin Hovland, a commissioner on the U.S. Election Assistance Commission, Jack Cable, an election security technical adviser at the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, and Matt Masterson, a senior cybersecurity adviser at CISA, explained that the goal isn’t only to protect the Nov. 3 election, but also to ensure that the American people can trust the results. The CyberTalks panel was led by John DeSimone, vice president of cybersecurity, training and services at Raytheon Intelligence and Space.

John DeSimone, VP, Cybersecurity, Training & Services, Raytheon Intelligence and Space leads election security panel at CyberTalks 2020

In a series of questions, DeSimone, probed the election security experts on the ways that U.S. government entities and the defense industrial base are working together “from a mission assurance perspective” to protect U.S. voting systems from interference or an unexpected technical failure. The ultimate goal would be to prevent America’s electorate from being impacted by any efforts to subvert the true intent of a ballot cast on Election Day.

“For us, it’s really been a matter of identifying and working with anyone and everyone that can bring some value that can have a conversation with our state and local partners and help manage the rest of the system and give some perspective on that,” said Matt Masterson, of CISA.

“In this sector, we have intrusion detection sensors deployed across all 50 states on the election infrastructure,” Masterson added. “We’re constantly getting a feed of information from state and local officials. … Some of the private sector companies we work with then push out whether the technical indicators [warrant] general risk information threat updates.”

The election security practitioners who participated in the panel are responsible for protecting a wide range of crucial digital tools, both new and old. As the Department of Homeland Security’s Jack Cable put it, group is charged with voting machines, online voting registration systems, the technologies used to tabulate votes and other crucial infrastructure.

“Our role is more to advise the local election offices on how to best run through elections and, because of that, we have a heavily decentralized election process, there’s a really wide range of election infrastructure that we have to protect,” said Cable.

The conversation, which took place on Day 2 of a weeklong series of cybersecurity discussions presented by CyberScoop, also touched on the transparency mechanisms put in place in order to help U.S. voters understand their vote has been counted, and that it can be verified in the event of an audit, or a ballot recount.

“What advice are you providing to election officials administering ballots on how to handle data integrity, or authentication or various types of voting — either in person or by mail?” DeSimone asked.

“The totality of the election process is usually one that is filled with controls, whether that’s having bipartisan teams in the polling place to ensure that everyone is following the rules, to having bipartisan teams and other aspects of that,” said Benjamin Hovland, of EAC.

“For most states, you request an absentee ballot and fill out those instructions, and there are safeguards put in place to make sure that is secure and accurate. What we hit here is really the sweet spot for election officials … and these safeguards put in place throughout the process to ensure that accuracy. Again, it is what election officials do, it’s what they expect, and they do a great job of it.”

View the full video recording on demand at CyberScoop.

This article was produced by CyberScoop and underwritten by Raytheon Intelligence and Space.