From the activities of political parties to the rise of electronic, wireless voting and tabulation machines, the electoral process has increasingly become technology-driven expanding voter participation. On the one hand, improved access and outreach through cyber innovations encourages more citizenry to help shaping their community’s or nation’s future. On the other, it has meant that elections and the electoral process are now vulnerable to cybersecurity attacks.

Although media outlets worldwide are treating the recent Democratic National Committee hacks in the United States as if it were a new phenomenon, using cyberspace to influence election outcomes is not new. In a demonstration this year, David Levin, of Vanguard Cybersecurity, pierced cybersecurity measures safeguarding elections information at the Florida Divisions of Elections not once, but three separate times. The 2008 and 2012 campaigns of both U.S. political parties fell victim to cyberattacks. Further, such activity is not a uniquely American phenomenon. Just this year, a hacker claimed to have been hired to affect the 2012 and 2014 national election outcomes in Mexico and Colombia, respectively, as well as several similar efforts in South and Central America. Digital spying on the opposition, the installation of malware, the hacking of websites, the creation of false social media profiles—all of these tactics and more have been and continue to be deployed by hackers to move electorates around the world toward a particular candidate.

Trained Cybersecurity Professionals Needed
To address this vulnerability, campaigns and political parties are increasing outreach to the IT and cybersecurity communities for well-trained, certified professionals to ensure cybersecurity for political and electoral efforts. This acceleration and opportunity is critically important: these events, scale and scope are not merely caused by technology; they are caused by people who are compromising the integrity of the electoral process. The solution lies with people as well. Our focus, a campaign platform plank, if you will, is on the pressing need for cybersecurity professionals to help ensure clean, fair, non-cyber-influenced elections.

Elections have an impact and history that extends over time, as do technologies. However, even the humblest of tools can accomplish little on its own. To maximize its value, cyber technology tools are best utilized by trained and certified individuals, people with the competencies, expertise and experience. To that end, it is imperative that we increase the ranks of our cybersecurity professionals, and their involvement globally, to preserve the integrity of electoral processes and results. No election—or business outcome—should be subjected to cybersecurity-based influences when the solution is at hand: highly skilled, trained and certified professionals.

Matthew S. Loeb, CGEIT, FASAE, CAE, Chief Executive Officer of ISACA

[ISACA Now Blog]

By Philip Hung Cao

Philip Hung Cao (aka #tekfarmer), MSCS, ZTX-I, CCISO, CISM, CCSP, CCSK, CASP, GICSP, PCNSE is a Strategist, Advisor, Contributor, Educator and Motivator. He has 20 years' experience in IT/Cybersecurity industry in various sectors & positions.

Leave a Reply