TheReview_Sept_Oct_2021_FINAL

Preparing for Cyber Incidents

What is the worst-case scenario for a local elected official when it comes to cybersecurity? The biggest threat and worst-case scenario for an election official is a ransomware attack—which can potentially cost millions of dollars. That affects their jurisdiction, and they lose access to critical systems during an election period. If their systems lock down and they cannot get into the system, they are unable to conduct the election until the system is back online. Ransomware is a huge problem, not only here in the United States, but internationally. It is important to have backup systems and to have this information available, so if your system is locked, you can reestablish it. What can localities with limited resources and outdated equipment do to shore up security for elections? Localities that are faced with these limitations can take advantage of the low-cost or no-cost services available to them such as email security from Microsoft’s Defending Democracy program, Google’s Protect Your Election program, Web Application Protection from Cloudflare’s Athenian Project , and by becoming a member of the EI-ISAC to receive cyberthreat information and cybersecurity services, such as our Malicious Domain Blocking and Reporting service. They can visit www.cisecurity.org/elections to learn more about our no-cost EI-ISAC membership. Since we are adding new features and services to the EI-ISAC membership on a regular basis, those that are already EI-ISAC members can contact us at elections@cisecurity.org to explore if there are additional cybersecurity defenses appropriate for their organization. The most common challenges for local entities, which some organizations adhere to, but is worth underscoring, is the necessity of providing easily available technical resources to ensure that software and hardware patches are up to date and limit the usage of end-of-life and end-of-maintenance software and hardware. Recurring security awareness training must be happening in addition to vigorous random phishing campaigns to make sure their staff are applying the lessons of the training. What are the most overlooked aspects of cybersecurity at the local level?

Can you describe some of the advantages of joining EI-ISAC? Members receive access to threat information from the federal government and our monitoring of over 700 state, local, tribal, and territorial networks to provide targeted information on the threats impacting election officials. They can also monitor for cyberthreats and vulnerabilities on the open Internet. And they have access to no-cost incident response assistance through our CIRT team and as part of a collaborative partnership among the membership to engage on best practices, lessons learned, and issues impacting their jurisdiction.

This article was originally published by the National League of Cities on CitiesSpeak.

SEPTEMBER / OCTOBER 2021

29

THE REVIEW