The Cybersecurity and Infrastructure Security Agency or CISA has announced the “Protecting U.S. Elections: A CISA Cybersecurity Toolkit,” which provides state and local election officials with free services and tools to improve the cybersecurity and resilience of their infrastructure.
“I am very proud to announce another valuable resource that can help officials further reduce their cyber risk and improve their security posture,” says Jen Easterly, Director, CISA.
She added that the state and local election authorities must deal with challenges to their infrastructure daily from things like insider threats, malicious actors, and foreign involvement. This is just another tool to aid them in their continuous efforts to maintain the security and resilience of the American election processes.
CISA regularly collaborates with state and local election officials to safeguard their systems as the principal federal agency in charge of election security. In addition, CISA provides several services, information products, and other resources.
As the principal federal agency in charge of overseeing national election security, CISA has assembled a toolkit of free services and tools through the Joint Cyber Defense Collaborative (JCDC) to assist state and local officials, election officials, and vendors in enhancing the cybersecurity and cyber resilience of the U.S. election infrastructure.
The free tools, services, and resources offered by CISA, JCDC members, and other members of the cybersecurity community are included in this toolbox. These free resources were assembled by the JCDC of CISA, which collaborated with organisations from the public and private sectors, including the election community, and JCDC alliance members. The toolkit’s broad categories are arranged to assist election officials: Utilise an Election Security Risk Profile Tool created by CISA and the U.S. Election Assistance Commission to evaluate their risk; locate tools for securing voter data, websites, email systems and networks. Also, safeguard assets from assaults such as phishing, ransomware, and distributed denial-of-service (DDoS).
The most recent tool that CISA and its partners have created to aid the election community is the toolkit. To counteract the disinformation, CISA’s website provides a wealth of information and advice on topics ranging from cybersecurity to physical security for polling places and election officials.
The organisation collaborates with election authorities in all 50 states, the District of Columbia, and the territories to provide cybersecurity services, technical help, and guidance as well as to frequently share relevant and useful information and intelligence.
The following steps should be taken to create the cybersecurity baseline before employing the toolkit to handle risks, according to CISA: Use the free CISA Cyber Hygiene Services Vulnerability Scanning; prioritise patching known exploited vulnerabilities; maintain updated systems and software, adhere to best practices for password management, such as using multifactor authentication and a password manager; and create offline backups of your data.
Meanwhile, the White House Office of Science and Technology Policy (OSTP) is seeking public input on how to safely progress and adopt the Privacy-Enhancing Technologies (PETs). This can enable the future by embracing data-driven technologies like AI while safeguarding privacy.
PETs are tools that let researchers, clinicians, and anyone with permission glean insights from sensitive data without ever having access to the data itself. The fundamental value of PETs lies in their ability to keep data “hidden” from researchers while allowing analysis of that data.
It may enable new types of collaboration and norms for the appropriate use of personal information. Agencies may facilitate greater collaboration across entities, sectors, and borders to address shared concerns, so contributing to the development of solutions in areas such as health care, climate change, financial crime, human trafficking, and pandemic response.