To maintain democracy, digital election networks must be improved

Automation, segmentation and continuous oversight of voting systems will strengthen trust in government

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

As the pres­i­den­tial elec­tion enters its home stretch, the Demo­c­ra­t­ic Nation­al Con­ven­tion cyber hack and issues with local vot­ing machines have made cyber­se­cu­ri­ty part of the elec­tion sto­ry. After the elec­tion, I ful­ly expect an accu­sa­tion from the los­er about elec­tron­ic vot­er fraud, which will cast doubt on the most impor­tant ele­ment in any elec­tion: Trust.

Relat­ed: State elec­tions tar­get­ed by hackers

Ed note_RedSeal_Ray RothrockBelief in the valid­i­ty of our vot­ing sys­tem is at the heart of democ­ra­cy. Pro­tect­ing the elec­tron­ic vot­ing infrastructure—from the vot­ing booth to the final results—must be a high pri­or­i­ty for the Unit­ed States. And it can be done. With good plan­ning and care­ful deploy­ment, we can make our vot­ing infra­struc­ture very hard to hack.

We need to under­stand that we’re not just talk­ing about indi­vid­ual machines, we’re talk­ing about a dig­i­tal net­work. Even if vot­ing machines aren’t con­nect­ed to a net­work while peo­ple are vot­ing, the results will be assem­bled in an elec­tron­ic data­base, rolled up across each state and report­ed out.

Every elec­tron­ic net­work has vul­ner­a­bil­i­ties. Like any­thing built and used by peo­ple, errors are inevitable. It’s rea­son­able to antic­i­pate issues and design con­tin­gen­cies across tab­u­la­tion sys­tems, how­ev­er the con­nec­tions between them intro­duces a new lay­er of com­plex­i­ty and oppor­tu­ni­ty for error. We need to make sure that our dig­i­tal net­works are resilient.

The first step in eval­u­at­ing net­work risk and dig­i­tal resilience is to deter­mine all the paths a hack­er could take into the net­work. Next, iden­ti­fy the most impor­tant assets in the sys­tem, under­stand if and how they could be reached, and block that access.

We have to do this know­ing that net­works are con­stant­ly chang­ing. Even on Elec­tion Day. Net­work over­sight and eval­u­a­tion must be con­tin­u­ous, not a one-time effort. I can hear the con­ver­sa­tion now, “Yep, we checked it two weeks ago. And, we are sure noth­ing has changed.” Really?

Good net­work design can go a long way to putting up bar­ri­ers and slow­ing down the hack­ers. One rec­om­mend­ed method is net­work seg­men­ta­tion. This is sim­i­lar to build­ing rooms, halls and doors with­in a build­ing. A prop­er­ly seg­ment­ed dig­i­tal net­work can have con­trol points that allow or block traf­fic in and out of those “rooms.”

Much of this involves peo­ple, but we just don’t have enough skilled tal­ent to meet all our secu­ri­ty require­ments. Our peo­ple need automa­tion to con­stant­ly eval­u­ate a com­plex, seg­ment­ed net­work. An objec­tive mea­sure­ment to eval­u­ate our readi­ness and focus lim­it­ed time and human resources on the weak­est links also will help.

It’s a com­plex job, how­ev­er the heart of our democ­ra­cy is depen­dent on its suc­cess. We must trust our elec­tions so we can trust the result­ing government.

More sto­ries relat­ed to elec­tion security:
Trump wins by wide mar­gin as top lure for spam campaigns
How hack­ers could influ­ence the pres­i­den­tial election