State and local elections officials preparing for the 2018 elections are strapped for time and resources, but the Department of Homeland Security’s National Protection and Programs Directorate is stepping in to help. Two weeks ago, at the request of the Elections Government Coordinating Council, NPPD released guidance on what states and localities should do with their share of the $382 million from 2018 Help America Vote Act Security Fund, said Matt Masterson, NPPD senior cybersecurity advisor, during a June 12 Senate Judiciary Committee hearing. NPPD provided insights on where the money should be used to address risks in the election process. “We focused first on common IT vulnerabilities that exist across elections — things like patching, training for phishing campaigns as well as manpower,” Masterson said.
Long-term suggestions included looking into election systems’ overall resilience, ensuring auditability and defensibility through long-term investments and training local officials in cybersecurity.
The NPPD is working directly with state and local officials across the country to help them improve their elections infrastructure. Part of this process involves providing states with free resources such as vulnerability scans and training.
Seventeen states have received the results of such vulnerability scans, Masterson said, and those results showed that the elections sector is no different from others when it comes to cybersecurity.