Tuesday, May 21, 2019

DHS Security Tip 19-001, Best Practices for Securing Election Systems

On May 21, 2019, The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Hunt and Incident Response Team (HIRT) published their idea of Best Practices for Securing Election Systems, with high-level tips covering the following topic areas:


  • Software and Patch Management
  • Log Management
  • Network Segmentation
  • Block Suspicious Activity
  • Credential Management
  • Establish a Baseline for Host and Network Activity
  • Organization-Wide IT Guidance and Policies
  • Notice and Consent Banners for Computer Systems
  • Additional Resources


MY GAWD, what a waste of government resources. That Security Tip is nothing more than a generic set of best practices for managing security of any computer network infrastructure.

The complete election system has a number of separate subsystems, some of which can be supported with computer and network systems. A true "election system security guide' would name each of these component process systems and have specific information (no just compete) security advice for each. The basic component processes of any election system are the following:


  1. Voter registration process system.
  2. Voter registry record set
  3. Ballot creation system
  4. Ballot distribution system
  5. Voter validity check upon distribution of ballots or appearance at polling place
  6. Ballot marking process
  7. Ballot marking recording process (at local polling place or central location after ballot transportation)
  8. Ballot tabulation process
  9. Ballot tabulation reporting process
  10. Ballot tabulation accumulation.


Each of these process needs a system of action, with security processes embedded, preferably using at least the full Parkerian Hexad as the framework for each set of security guides.

Now, anyone want to build out this described "election system security tip?"

(c) 2019 D. Cragin Shelton

1 comment:

char sample said...

Thank you for posting this.