CISA releases toolkit to improve cyberdefenses ahead of elections
The Cybersecurity and Infrastructure Security Agency (CISA) published an election security toolkit Wednesday highlighting free resources for vendors and state and local government officials, continuing a campaign to beef up cyberdefenses ahead of the midterm elections.
The toolset was developed in collaboration with the Joint Cyber Defense Collaborative, or JCDC, a private-public partnership announced last summer as part of the Black Hat cybersecurity conference. The toolkit includes links to freely available resources to combat threats including phishing, ransomware, distributed denial-of-service (DDoS) attacks, and election-specific concerns. It also breaks down which tools can be used to protect which parts of election infrastructure, including voter information, websites, email, and networks.
“Each day, state and local election officials confront threats to their infrastructure from foreign interference, nefarious actors, insider threats, and others. This is one more resource to help them in their ongoing efforts to ensure American elections remain secure and resilient,” said CISA Director Jen Easterly in a press release.
CISA has long been involved in securing election systems, which are considered critical infrastructure, including helping run the Elections Infrastructure Information Sharing and Analysis Center or EI-ISAC.
In testimony before the Senate Judiciary Committee last week, CISA senior election security advisor Kim Wyman said the level of digital and physical targeting of election workers is the highest she’s seen in her 30-year career. In April, Easterly told Congress election security for the midterms was a top priority for the agency — including helping election official navigate anticipated Russian misinformation campaigns.
The toolkit announcement coincided with the kickoff of Black Hat and DEF CON in Las Vegas, which will feature keynotes from current and former CISA officials, as well as election security-related events.
Andrea Peterson
(they/them) is a longtime cybersecurity journalist who cut their teeth covering technology policy at ThinkProgress (RIP) and The Washington Post before doing deep-dive public records investigations at the Project on Government Oversight and American Oversight.