U.S. election systems are diverse in terms of governance and technology. This reflects the constitutional roles reserved for the states in administering and running elections but makes it challenging to develop a national picture of cybersecurity risk in election systems. Moreover, it requires each state and jurisdiction to evaluate and prioritize risk in the systems it oversees. With funding from the Cybersecurity and Infrastructure Security Agency, researchers from the Homeland Security Operational Analysis Center have developed a methodology for understanding and prioritizing cybersecurity risk in election infrastructure to assist state and local election officials.
Key Findings
- Election systems consist of multiple components (voter registration, pollbooks, voting machines, tabulation equipment, and official websites) that are administered and controlled at different levels, depending on the state.
Prioritizing risk across system components requires evaluating three factors
- The first is the likelihood of a successful attack, using fault tree analysis to determine the level of sophistication needed based on security controls implemented on each system component.
- The second is the scale of impact of an attack, based on whether a successful attack could affect a single location, a jurisdiction, or an entire state.
- The third is the severity of an attack, as measured by the extent to which it would impede election officials’ efforts to carry out election processes.
Recommendations
- Officials can use the ratings or scores on likelihood, scale, and severity to prioritize efforts to protect the election infrastructure in their care.
- Armed with an understanding of potential adversaries’ tiers, the capability required to execute a particular type of attack on a particular component, and the scale and severity that such an attack would have if successful, election officials can direct protective resources toward the types of prevention and remediation that make most sense for their specific jurisdictions.