Fair and free elections are a hallmark of American democracy. The American people’s confidence in the value of their vote is principally reliant on their confidence in the security and resilience of the infrastructure that makes the Nation’s elections possible. Accordingly, an electoral process that is both secure and resilient is a vital national interest and one of CISA’s highest priorities.

CISA is committed to working collaboratively with those on the front lines of elections—state and local governments, election officials, federal partners, and vendors—to manage risks to the Nation’s election infrastructure. CISA will remain transparent and agile in its vigorous efforts to secure America’s election infrastructure from new and evolving threats.

Announcements

July 31, 2020: CISA released two new assessments and infographics on Election Infrastructure Cyber Risk and Mail-in Voting in 2020 Infrastructure Risk. Each method of voting carries risk that you, as election officials, manage. These assessments and infographics are voluntary resources intended to help the Federal Government and election officials understand and manage risks to election infrastructure and operations.

Download/share the Election Infrastructure Cyber Risk Assessment Download/share the Election Infrastructure Cyber Risk Infographic	Download/share the Mail-in Voting in 2020 Infrastructure Risk Assessment Download/share the Mail-in Voting in 2020 Infrastructure Risk Infographic

Additionally, CISA released the Guide to Vulnerability Reporting for America’s Election Administrators which provides election administrators with a step-by-step guide, list of resources, and a template for establishing a successful vulnerability disclosure program to address possible vulnerabilities in their election systems. Download and share this guide here.

July 14, 2020: CISA is pleased to announce the publication of the Cyber Incident Detection and Notification Planning Guide for Election Security. The planning guide and templates are voluntary tools to help jurisdictions effectively recognize and respond to potential cyber incidents. The templates can be tailored to fit the exact needs of each jurisdiction. Download and share this guide here.

Overview

Every year, citizens across the United States head to their local polling stations in order to cast their ballots for the candidates of their choice. The Cybersecurity and Infrastructure Security Agency (CISA) works to ensure the physical security and cybersecurity of the systems and assets that supports the Nation’s elections. Known as election infrastructure, this assembly of systems and networks includes but is not limited to:

• Voter registration databases and associated IT systems
• IT infrastructure and systems used to manage elections (such as the counting, auditing, and displaying of election results, and post-election reporting to certify and validate results)
• Voting systems and associated infrastructure
• Storage facilities for election and voting system infrastructure
• Polling places to include early voting locations

In January 2017, the Department of Homeland Security (DHS) designated the infrastructure used to administer the Nation’s elections as critical infrastructure. This designation recognizes that the United States’ election infrastructure is of such vital importance to the American way of life that its incapacitation or destruction would have a devastating effect on the country.

CISA is committed to working collaboratively with those on the front lines of elections—state and local governments, election officials, federal partners, and vendors—to manage risks to the Nation’s election infrastructure. CISA will remain transparent and agile in its vigorous efforts to secure America’s election infrastructure from new and evolving threats.

For a collection of voluntary tools and resources, visit the Election Security Resource Library.

CISA’s Election Services

While ultimate responsibility for administering the Nation’s elections rests with state and local governments, CISA offers a variety of free services to help states ensure both the physical security and cybersecurity of their elections infrastructure. Additionally, election infrastructure’s critical infrastructure designation enables CISA to provide services on a prioritized basis at the request of state and local elections officials.

Cybersecurity Assessments

Detection and Prevention

Information Sharing and Awareness

Training and Career Development

Election Security Resources

• Election Security Resource Library
• COVID-19 Disinformation Toolkit
• Cyber Incident Detection and Notification Planning Guide for Election Security
• Election Infrastructure Cyber Risk Assessment and Infographic
• Guide to Vulnerability Reporting for America’s Election Administrators
• Mail-in Voting in 2020 Infrastructure Risk Assessment and Infographic