Expert Reaction On DHS Still Struggling With Plan For Election Infrastructure

By   ISBuzz Team
Writer , Information Security Buzz | Feb 12, 2020 02:26 am PST

government report is criticizing the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) for not completing strategic and operational plans to address security election infrastructure. CISA was to develop and roll out a plan well before elections especially to address concerns about incident response.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Chris Olson
Chris Olson , CEO
InfoSec Expert
February 12, 2020 10:28 am

The cyber risks that presidential hopefuls face goes beyond encryption and domain management at the state and local level. Protecting our election systems and voters from hacking and disinformation campaigns requires understanding how the digital ecosystem is used to target consumers with customized messages to influence their behavior. Candidates\’ websites, like all others, rely heavily on code supplied by third and Nth parties. This digital supply chain is a popular target of attacks because the digital third and Nth parties too often pay little attention to security and privacy yet can access sensitive contributor information like email and mailing addresses, employer names, and credit card details. To make matters worse, the code third parties supply to these sites aren\’t within the control of candidates\’ IT teams; they have no way of seeing the code without specialized tools and expertise. Our adversaries focus their efforts on this largely unmonitored third-party code on candidate websites/mobile apps to extract voter preferences and design disinformation campaigns. If candidate teams know and keep track of what code is doing what in their digital assets, they\’ll stem the spread of fake news that has unfortunately become part of our everyday lives.

Last edited 3 years ago by Chris Olson

Recent Posts

Would love your thoughts, please comment.x