Election Infrastructure Security

Fair and free elections are a hallmark of American democracy. The American people’s confidence in the value of their vote is principally reliant on the security and resilience of the infrastructure that makes the Nation’s elections possible. Accordingly, an electoral process that is both secure and resilient is a vital national interest and one of the Cybersecurity and Infrastructure Security Agency’s (CISA) highest priorities.

CISA is committed to working collaboratively with those on the front lines of elections—state and local governments, election officials, federal partners, and vendors—to manage risks to the Nation’s election infrastructure. CISA will remain transparent and agile in its vigorous efforts to secure America’s election infrastructure from new and evolving threats.

ANNOUNCEMENTS:

November 9, 2022: CISA Director Jen Easterly issued a statement today on the security and the resilience of the 2022 elections.

November 4, 2022: El material de CISA "Rumor vs. Realidad" está ahora disponible en español. Encuéntrelo en @CISAgov y compártalo en Twitter para crear conciencia acerca de la información electoral exacta y de las narrativas electorales comunes de MDM. 

November 4, 2022: CISA’s Rumor vs. Reality webpage is now available in Spanish. Check it out. The page provides accurate and reliable information related to common MDM narratives and themes that relate broadly to the security of election infrastructure and related processes.   

November 4, 2022: CISA published, "What to Expect When You Are Expecting An Election," a blog by Kim Wyman, CISA's Senior Election Security Advisor. 

October 18, 2022: CISA released the Tactics of Disinformation Series, available in English and Spanish, to provide state, local, tribal, and territorial government officials and private sector partners insight into eight common tactics used by disinformation actors to spread false narratives as well as proactive measures that can help mitigate the effectiveness of each tactic.  

• Download/share the Tactics of Disinformation Series (English-version)
• Download/share the Tactics of Disinformation Series (Spanish-version)

October 12, 2022: CISA offers a new training, Non-Confrontational Techniques for Election Workers, to empower poll workers and election officials to safely navigate potentially escalating situations at election facilities and polling locations. Available in-person or virtually, this and other election trainings, are customizable and can be tailored to meet specific stakeholder needs.

• View the 15-minute abbreviated version of the full training: www.youtube.com/watch?v=rCWt7gDwEPc
• For other election trainings, check out: Election Trainings and Exercises Offerings Flyer
• To request the full training or any of the other election trainings, email electionsecurity@cisa.dhs.gov or contact your regional CISA office.

October 6, 2022: In partnership with the Federal Bureau of Investigation (FBI), CISA issued a Public Service Announcement (PSA) titled, Foreign Actors Likely to Use Information Manipulation Tactics for 2022 Midterm Elections. The PSA informs the public that foreign actors may intensify efforts to influence the outcome of the 2022 midterm elections in order to undermine confidence in the election processes and influence public opinion of the elections' legitimacy.

• Download/share the Foreign Actors Likely to Use Information Manipulation Tactics for 2022 Midterm Elections

October 4, 2022: In partnership with the Federal Bureau of Investigation (FBI), CISA issued a Public Service Announcement (PSA) titled, Malicious Cyber Activity Against Election Infrastructure Unlikely to Disrupt or Prevent Voting. The PSA informs the public that attempts by cyber actors to compromise election infrastructure are unlikely to result in large-scale disruptions or prevent voting. It also provides a list of recommendations for protecting against election-related cyber threats.

• Download/share the FBI-CISA PSA: Malicious Cyber Activity Against Election Infrastructure Unlikely to Disrupt or Prevent Voting

Overview

Every year, citizens across the United States cast their ballots for the candidates of their choice. CISA works to ensure the physical security and cybersecurity of the systems and assets that supports the Nation’s elections. Known as election infrastructure, this assembly of systems and networks includes but is not limited to:

• Voter registration databases and associated IT systems
• IT infrastructure and systems used to manage elections (such as the counting, auditing, and displaying of election results, and post-election reporting to certify and validate results)
• Voting systems and associated infrastructure
• Storage facilities for election and voting system infrastructure
• Polling places to include early voting locations

In January 2017, DHS designated the infrastructure used to administer the Nation’s elections as critical infrastructure. This designation recognizes that the United States’ election infrastructure is of such vital importance to the American way of life that its incapacitation or destruction would have a devastating effect on the country.

​Mis-, Dis-, and Malinformation

CISA’s Mis-, Dis-, and Malinformation (MDM) mission is to build national resilience to MDM and foreign influence activities that threaten critical infrastructure. CISA does this by helping the American people and DHS stakeholders understand the scope and scale of MDM activities targeting elections and critical infrastructure, and by enabling them to take actions to mitigate risks associated with MDM.

• For more information, visit CISA's MDM webpage.

CISA’s Election Services

CISA's services are available at no cost to state and local government officials and private sector election infrastructure partners. All services are available upon request and are strictly voluntary; CISA only provides services when requested and does not disclose with which stakeholders it works.

Key areas of our services are included in the links below:

• Cybersecurity Assessments, such as Cyber Hygiene Scanning, Risk and Vulnerability Assessment, and Cyber Resilience Reviews.
• Detection and Prevention, such as Cyber Threat Hunting and Enhanced Cyber Services.
• Exercises, such as tabletops, providing stakeholders with mechanisms to examine plans and procedures, identifying areas for improvement, sharing best practices, and enhancing preparedness against threats to election infrastructure, including cyber incidents and physical threats such as civil unrest or threats to election officials.
• Incident Response, provides 24/7 intrusion analysis in response to cyber incidents.
• Information Sharing and Awareness, such as the National Cyber Awareness System alerts and advisories, and the Homeland Security Information Network portal.
• Regional Directors, Cybersecurity Advisors, and Protective Security Advisors are regionally located personnel who offer state and local governments, as well as private sector partners, immediate and sustained assistance, coordination, and outreach to prepare for and protect from cyber and physical threats.
• Training and Career Development, including CISA’s election security trainings, and National Initiative for Cybersecurity Careers and Studies Catalog.

Join the EI-ISAC 

The Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), is a voluntary, collaborative partnership between the Center for Internet Security (CIS), CISA, and the Election Infrastructure Subsector Government Coordinating Council (GCC). The EI-ISAC is funded through DHS grants and offers state and local election officials a suite of elections-focused cyber defense tools, including threat intelligence products, incident response and forensics, threat and vulnerability monitoring, cybersecurity awareness and training products.

Membership in the EI-ISAC is open to all state, local, tribal, and territorial organizations that support election officials of the United States of America. Membership is voluntary and no-cost for participants.

• Sign up for the EI-ISAC’s services

Election Security is a Partnership

Securing election infrastructure is a partnership. CISA collaborates with federal departments and agencies, state and local government, election officials, and other valued partners such as the National Association of Secretaries of State, National Association of State Election Directors, International Association of Government Officials, and the National Association of Election Officials. Through both new and existing engagements, CISA and this community of election infrastructure stakeholders are enhancing efforts to secure election systems.

America’s election processes are governed and administered by state and local election officials in thousands of jurisdictions across the country who:

• Manage and secure election infrastructure on a day-to-day basis
• Reduce risks and ensure the integrity of elections at the state and local level
• Administer statewide voter registration databases
• Provide training courses or materials for election workers on running elections in the state
• Provide a process for testing and certifying voting equipment for use in the state
• Disburse funds for the procurement of updated voting equipment and improvement of election administration procedures

• Share timely, actionable threat information
• Provide no-cost cybersecurity and physical security assistance, by request
• Develop and help deploy sensors to detect malicious activity, by request
• Foster robust processes for coordination between the election community and CISA and Federal partners

CISA also coordinates with various federal partners to develop and provide resources and assistance to help secure America’s election infrastructure from new and evolving threats. These federal agencies include

• Centers for Disease Control and Prevention (CDC): Health and safety for election workers and voters at election infrastructure Locations
• Federal Bureau of Investigation (FBI): Election Crimes and Security
• Federal Emergency Management Agency (FEMA): Homeland Security Grant Program
• Federal Voting Assistance Program (FVAP): military and overseas voting
• National Institute of Standards and Technology (NIST): election infrastructure security best practices
• Office of the Director of National Intelligence (ODNI): Election Security threat intelligence
• U.S. Cyber Command (USCYBERCOM)
• U.S. Department of Defense (DOD)
• U.S. Election Assistance Commission (EAC): election administration
• U.S. National Guard
• U.S. National Security Agency (NSA)
• United States Postal Service (USPS): Election Mail

Election Infrastructure Subsector GCC and SCC

Government Coordinating Council

The Election Infrastructure Subsector Government Coordinating Council (GCC) enables local, state, and federal governments to share information and collaborate on best practices to mitigate and counter threats to election infrastructure.

Specifically, the GCC provides interagency, intergovernmental, and cross-jurisdictional coordination within the Election Infrastructure Subsector and between this subsector and other sectors identified in Presidential Policy Directive/PPD-21 on “Critical Infrastructure Security and Resilience.” This GCC is composed of primarily state and local election officials, as well as appropriate federal partners, to represent the operating landscape of the Election Infrastructure Subsector.

• Learn more: Election Infrastructure Subsector Government Coordinating Council Charter - 2021.

Sector Coordinating Council

The mission of the Election Infrastructure Subsector Coordinating Council (SCC) is to advance the physical security, cyber security, and emergency preparedness of the nation’s election infrastructure, in accordance with existing U.S. law. This mission will be accomplished through voluntary actions of the infrastructure owners and operators represented in the Council, as set forth in Presidential Policy Directive/PPD-21 and related authorities.

The SCC will serve as the principal asset owner interface with other private critical infrastructure sectors, as well as with DHS, , the U.S. Election Assistance Commission (EAC), the state, local and tribal (SLTT) governments, and the Election Infrastructure Subsector GCC.

• Learn more: Election Infrastructure Subsector Sector Coordinating Council Charter - 2020.

Election Security GCC and SCC Resources

• Supply Chain Risks to Election Infrastructure Subsector Infographic: Developed in partnership with the Election Infrastructure SCC Supply Chain Risk Management Working Group offers key considerations and recommendations for election jurisdictions and election system providers to keep in mind as they mitigate risks and maintain a strong supply chain security posture. Supply Chains serving election infrastructure are comprised of four categories: Hardware, Software, Services, and Paper Supplies.

The below resources were developed by the Election Infrastructure Subsector’s GCC and SCC Mis/Disinformation Working Group to provide voluntary tools for state and local election officials to prepare for and respond to risks of mis-, dis-, and malinformation.

• Rumor Control Page Start-Up Guide: Learn how and when to develop a rumor control webpage to dispel specific MDM narratives through transparent and authoritative information.
• Mis-, Dis-, Malinformation Planning and Incident Response Guide for Election Officials: Overview of how to recognize, prepare for, and respond to MDM threats that may impact the ability to conduct elections.