Q: What are some of the physical safety and cybersecurity challenges and pain points that state and local governments are facing as they prepare for the upcoming elections?
A:Well, obviously, right now the whole issue of the health and safety of the voting population is a pretty key issue. We have an entire country that is mired in a pandemic crisis, and having humans stand in line for potentially hours on end to cast a ballot is a breeding ground for viral transmission. Coupled with that is the issue around how to keep the voting machines themselves from being tampered with. There have been many instances from hackathons and conferences where we have seen that voting machines can be manipulated by physical means. If one vote on one machine is noted as potentially being manipulated, then the entirety of the vote can be compromised, and with all the turmoil we have nationally right now, we don’t want that.
Q: What is "electronic voting," and how does it differ from "online voting?" And why should we care?
A:Electronic voting is basically just allowing a vote to be cast via some electronic means. This has already been commonplace in many parts of the US for a long time. Online voting is much broader in that it is voting via email and other online sources, which is potentially problematic. Consider that other countries — including the Netherlands, Germany, Ireland, Finland, and the UK — have all tried online voting and eventually punted on that approach, as it was counter to the integrity that the voting system required. It is hard enough to have a safe and secure vote in person or through the mail, and the challenge becomes even greater when you throw in the anonymity and potential fraud that the internet allows for. It would take a truly innovative solution to allow for safe and secure online voting.
Q: With the second wave of COVID-19 already in full swing and ongoing political tensions, what are the key steps election officials can take in order to ensure these factors aren't exacerbated on election day?
A:The most important thing is open communication and avoiding the perception of impropriety or obfuscation. In other words, those leaders should be working very hard to let everyone in those districts know exactly what is happening and to clearly communicate what each voter should expect. That way, everyone understands what is happening and isn't surprised by new controls. Additionally, they should provide clear evidence to everyone who votes on what they are doing to secure those devices and keep them from being tampered with. The goal needs to be making sure every voter knows that their vote counts and is being secured as it is processed.
Q: What does a successful election day look like, from the perspective of both cybersecurity and the health and well-being of voters?
A:From the health perspective, we want to see lots of PPE and social distancing and a fast process to get folks through the voting line. We also want to see plenty of cleaning being done and that those waiting in line get as much open air as possible. For the cyber side of things, there should be dedicated and separate circuits that the vote data uses, and connectivity on the voting machines should be turned off until it’s time to transmit results. As well, the machines should all be locked and controlled via physical means by people who have the authority to act should they see anything amiss.
Q: How can state and local agencies leverage federal funding to help provide safer and more secure elections?
A:There are federal, state, and local pools of money that are afforded to help with all of this. But each district should be moving on this now, and they should have been moving on it a long time ago. Regardless, the money and manpower are available to provide for safe and secure elections. The time to act is now, and each district needs to have a plan for the worst-case scenario. Funds should be allocated along the lines of what will stop problems in the voting cycle and should not just be tossed at the bigger project side of this. Secure connectivity, secure machines, open communications, and health and well-being are what need to be funded.
Q: Want to know more?
A:Listen to all three podcasts here.