Election Infrastructure Security

Image of red and blue buttons with the word "vote" on top of a blue-star background.

Fair and free elections are a hallmark of American democracy. The American people’s confidence in the value of their vote is principally reliant on the security and resilience of the infrastructure that makes the Nation’s elections possible. Accordingly, an electoral process that is both secure and resilient is a vital national interest and one of the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA)’s highest priorities.

CISA is committed to working collaboratively with those on the front lines of elections—state and local governments, election officials, federal partners, and vendors—to manage risks to the Nation’s election infrastructure. CISA will remain transparent and agile in its vigorous efforts to secure America’s election infrastructure from new and evolving threats.

ANNOUNCEMENTS

August 10, 2022: CISA and the Joint Cyber Defense Collaborative (JCDC) worked with the open-source community, private and public sector organizations, and JCDC alliance members to develop the Cybersecurity Toolkit to Protect Elections, a catalog of free services and tools available for state and local election officials. These tools build on existing efforts to help state and local election officials protect against ransomware, phishing, and DDoS attacks.

Overview

Every year, citizens across the United States cast their ballots for the candidates of their choice. CISA works to ensure the physical security and cybersecurity of the systems and assets that supports the Nation’s elections. Known as election infrastructure, this assembly of systems and networks includes but is not limited to:

  • Voter registration databases and associated IT systems
  • IT infrastructure and systems used to manage elections (such as the counting, auditing, and displaying of election results, and post-election reporting to certify and validate results)
  • Voting systems and associated infrastructure
  • Storage facilities for election and voting system infrastructure
  • Polling places to include early voting locations

In January 2017, DHS designated the infrastructure used to administer the Nation’s elections as critical infrastructure. This designation recognizes that the United States’ election infrastructure is of such vital importance to the American way of life that its incapacitation or destruction would have a devastating effect on the country.

CISA Election Security Resource Spotlight

Cybersecurity Toolkit to Protect Elections: CISA—through the Joint Cyber Defense Collaborative (JCDC)—has compiled a toolkit to help state and local government officials, election officials, and vendors enhance the cybersecurity and cyber resilience of U.S. election infrastructure. The toolkit provides both an election security risk profile tool to assess risk as well as tools and services focused on protecting the election infrastructure assets most commonly targeted by phishing, ransomware, and distributed denial-of-service (DDoS) attacks.

Election Security Training and Exercise Offerings: CISA offers no-cost trainings and exercise services to enhance security and resilience of election infrastructure. The trainings typically run 30-90 minutes each and available both in-person and virtually on topics such as election security best practices to build trust, insider threats, ransomware, and phishing.

Election Infrastructure Cyber Risk Assessment and Infographic are intended to assist the election community and federal partners in understanding and managing risk to critical election systems.

Election Infrastructure Security Resource Guide is a catalog of CISA’s wide range services and products (cybersecurity assessments, on-site and virtual trainings and exercises, and other resources) available to support State and local election officials.

Election Risk Profile Tool is a user-friendly assessment tool for state and local election officials to understand the range of risks they face and how to prioritize mitigation efforts.

Cyber Incident Detection and Notification Planning Guide for Election Security contains templates to help jurisdictions effectively recognize and respond to potential cyber incidents. Templates can be tailored to fit the exact needs of each jurisdiction.

Physical Security of Voting Locations and Election Facilities Guidance includes resources and four actionable steps­­—to Connect, Plan, Train, and Report—that election officials should consider to improve the physical security posture and enhance resilience of election operations in their jurisdiction.

Election Security Rumor vs. Reality webpage addresses some common election-related rumors, provides factual information, and lists the resources to support these facts.

Real Fake graphic novel, the first in the Resilience Series, communicates the dangers and risks associated with mis-, dis- and malinformation campaigns. The plot shows how threat actors capitalize on political and social issues (especially around election cycles) to plant doubt in the minds of targeted audiences and steer their opinion.

Bug Bytes graphic novel­, the second in the Resilience Series, communicates the dangers and risks associated with mis-, dis-, and malinformation campaigns. Readers follow protagonist Ava as she uncovers a disinformation campaign set to damage 5G critical communications infrastructure in the United States.

Thousands of local jurisdictions make up the U.S. elections stakeholder community and together represent the “Last Mile” in reducing risk to election infrastructure. The Last Mile Initiative provides customized products (e.g., Snapshot Posters, Election Day Emergency Response Guides, and other templates) to address the dynamic or conditional cyber and infrastructure risks of state and local election administrators, the private-sector partners that support them, and political organizations. This whole-of-nation approach provides the election community with awareness of CISA’s resources for identifying and implementing election security measures based on best practices and industry standards.

For more information, including to request customized Last Mile products, please contact electionsecurity@hq.dhs.gov.

Election Security Resources Library

This library contains election security resources (guidance documents, reports, infographics, etc.). These resources aim to provide state and local governments, election officials, campaign officials, the vendor community, and voters with voluntary tools to secure election-related assets, facilities, networks and systems from cyber and physical risks.

Join the EI-ISAC

The Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), is a voluntary, collaborative partnership between the Center for Internet Security (CIS), CISA, and the Election Infrastructure Subsector Government Coordinating Council (EIS GCC). The EI-ISAC is funded through DHS grants and offers state and local election officials a suite of elections-focused cyber defense tools, including threat intelligence products, incident response and forensics, threat and vulnerability monitoring, cybersecurity awareness and training products.

Membership in the EI-ISAC is open to all state, local, tribal, and territorial organizations that support election officials of the United States of America. Membership is voluntary and no-cost for participants.

​Mis, Dis, Malinformation

CISA’s Mis-, Dis-, Malinformation Team (MDM Team) is charged with building national resilience to mis-, dis-, and malinformation (MDM) and foreign influence activities. The MDM Team does this by helping the American people and DHS stakeholders understand the scope and scale of MDM activities targeting elections and critical infrastructure, and by enabling them to take actions to mitigate risks associated with MDM.

CISA’s Election Services

CISA's services are available at no cost to state and local government officials and private sector election infrastructure partners. All services are available upon request and are strictly voluntary and confidential; CISA only provides services when requested and does not disclose which stakeholders it works with.

Key areas of our services are included in the links below:

  • Regional Directors, Cybersecurity Advisors, and Protective Security Advisors are regionally located personnel who offer state and local governments, as well as private sector partners, immediate and sustained assistance, coordination, and outreach to prepare for and protect from cyber and physical threats.
  • Exercises, such as tabletops, provide stakeholders with mechanisms to examine plans and procedures, identify areas for improvement, share best practices, and enhance preparedness against threats to election infrastructure, including cyber-attacks and physical threats such as civil unrest or threats to election officials.
  • Cybersecurity Assessments, such as Cyber Hygiene Scanning, Risk and Vulnerability Assessment, and Cyber Resilience Reviews.
  • Detection and Prevention, such as Cyber Threat Hunting and Enhanced Cyber Services.
  • Information Sharing and Awareness, such as National Cyber Awareness System alerts and advisories, and the Homeland Security Information Network portal.
  • Incident Response, provides 24/7 intrusion analysis in response to cyber incident.
  • Training and Career Development including the Federal Virtual Training Environment (FedVTE) cybersecurity training, and National Initiative for Cybersecurity Careers and Studies Catalog.

Election Security is a Partnership

Securing election infrastructure is a partnership. CISA collaborates with federal departments and agencies, state and local government, election officials, and other valued partners such as the National Association of Secretaries of State, National Association of State Election Directors, International Association of Government Officials, and the National Association of Election Officials. Through both new and existing engagements, CISA and this community of election infrastructure stakeholders are enhancing efforts to secure election systems

State and Local Officials’ Roles and Responsibilities

America’s election processes are governed and administered by state and local election officials in thousands of jurisdictions across the country who:

  • Manage and secure election infrastructure on a day-to-day basis
  • Reduce risks and ensure the integrity of elections at the state and local level
  • Administer statewide voter registration databases
  • Provide training courses or materials for election workers on running elections in the state
  • Provide a process for testing and certifying voting equipment for use in the state
  • Disburse funds for the procurement of updated voting equipment and improvement of election administration procedures

CISA Roles and Responsibilities

  • Share timely, actionable threat information
  • Provide no-cost cybersecurity and physical security assistance, by request
  • Develop and help deploy sensors to detect malicious activity, by request
  • Foster robust processes for coordination between the election community and CISA and Federal partners

Federal partners

CISA also coordinates with various federal partners to develop and provide resources and assistance to help secure America’s election infrastructure from new and evolving threats. These Federal agencies include:

ELECTION SECURITY GCC and SCC RESOURCES

Government Coordinating Council

The Election Infrastructure Subsector (EIS) Government Coordinating Council (GCC) enables local, state, and federal governments to share information and collaborate on best practices to mitigate and counter threats to election infrastructure.

Specifically, the EIS GCC provides for interagency, intergovernmental, and cross-jurisdictional coordination within the Election Infrastructure Subsector and between this subsector and other sectors identified in Presidential Policy Directive/PPD-21 on “Critical Infrastructure Security and Resilience.” The EIS GCC is composed of primarily state and local election officials, as well as appropriate federal partners, to represent the operating landscape of the Election Infrastructure Subsector.

Sector Coordinating Council

The mission of the Election Infrastructure Subsector Coordinating Council (SCC) is to advance the physical security, cyber security, and emergency preparedness of the nation’s election infrastructure, in accordance with existing U.S. law. This mission will be accomplished through voluntary actions of the infrastructure owners and operators represented in the Council, as set forth in Presidential Policy Directive/PPD-21 and related authorities. The EISCC will serve as the principal asset owner interface with other private critical infrastructure sectors as well as with the Department of Homeland Security (DHS), the U.S. Election Assistance Commission (EAC), the state, local and tribal governments (SLTTs), and the EIS GCC.

  • Supply Chain Risks to Election Infrastructure Subsector Infographic: Developed in partnership with the Election Infrastructure SCC Supply Chain Risk Management Working Group offers key considerations and recommendations for election jurisdictions and election system providers to keep in mind as they mitigate risks and maintain a strong supply chain security posture. Supply Chains serving election infrastructure are comprised of four categories: Hardware, Software, Services, and Paper Supplies.

Election Security GCC and SCC Resources

The below resources were developed by the Election Infrastructure Subsector’s Government Coordinating Council (GCC) and Subsector Coordinating Council’s (SCC) Mis/Disinformation Working Group to provide voluntary tools for State and local election officials to prepare for and respond to risks of mis-, dis-, and malinformation (MDM).

 

For questions or more information, please email us at EISSA@cisa.dhs.gov.

Was this webpage helpful?  Yes  |  Somewhat  |  No