In October 2017, Sen. Ron Wyden (D-Ore.) sent letters to five of the top voting machine companies in America asking how their organizations were structured and what steps they have taken to ensure their machines are protected from cyber threats. “As our election systems have come under unprecedented scrutiny, public faith in the security of our electoral process at every level is more important than ever before,” Wyden said. “Ensuring that Americans can trust that election systems and infrastructure are secure is necessary to protecting confidence in our electoral process and democratic government.” The questions touched on a wide range of topics related to cybersecurity, such as whether the companies had experienced a recent data breach, whether they employ a chief information security officer and how frequently their products have been audited by third-party evaluators.
FCW obtained the responses sent by those five companies (Five Cedars Group, Hart Intercivic, Election Systems and Software, Unisyn and Dominion Voting). All reported no evidence of a breach or successful cyber intrusion, but three — Five Cedars Group, Unisyn and Dominion Voting — said they did not have a CISO.
Hart Intercivic provides optical scan and DRE voting machine services to jurisdictions across at least 14 states. The company did not directly respond to Wyden’s questions but insisted its machines “are required to meet strict certification requirements” from federal, state and local authorities.
Full Article: What are voting machine companies doing about cyber? — FCW.