The Cybersecurity and Infrastructure Security Agency (CISA) has released a cybersecurity checklist for state and local election administrators.
CISA’s guidance comes at a critical time when administrators bolster their cyber and physical security measures against an array of digital threats. Cait Conley, CISA’s senior adviser to the director, emphasizes the urgency: “Election officials around the country are unwavering in their commitment to…meeting an evolving threat environment.”
Among their recommendations, CISA advises the enablement of multi-factor authentication across all accounts—a staunch defense against phishing. They urge the separation of election networks from other business functions and continuous monitoring of network traffic for rogue activities. This kind of vigilance is key in spotting and stopping ransomware attacks in their tracks.
CISA suggests keeping offline encrypted backups of critical systems and data, coupled with regular drills on restoring those backups after potential attacks. Moreover, election officials are encouraged to pore over their service contracts with web providers, ensuring that a robust incident response plan is in place.
Beyond the digital realm, the agency has rolled out a checklist for mitigating threats against election offices themselves—a step towards ensuring the safety of election workers from threats like bombs. Measures include securing building entry points and close monitoring of parking areas for unapproved vehicles, among other protocols.
Read more here.
No Comments