Securing election infrastructure from new and evolving threats is a vital national interest that requires a whole-of-society approach. This library provides state and local governments, election officials, campaigns, the vendor community, and voters with voluntary tools to secure election-related assets, facilities, networks and systems from cyber and physical risks.
In addition, COVID-19 resources were developed by the Election Infrastructure Subsector’s Government Coordinating Council (GCC) and Sector Coordinating Council (SCC) Joint COVID-19 Working Group to provide voluntary tools for state and local election officials to assess risk, secure their systems, and respond to any cyber-related incidents involving their elections systems.
Beyond these resources, CISA provides voluntary and free cybersecurity assessments, training programs, and other infrastructure security assistance.
Campaign Checklist for Securing Your Cyber Infrastructure: A cybersecurity checklist to support political campaigns in protecting against malicious actors.
CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure: This CISA Insights provides critical infrastructure owners and operators with guidance on how identity and mitigate the risks of influence operations using mis-, dis-, and malinformation (MDM) narratives from steering public opinion and impacting National Critical Functions and critical infrastructure.
- CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure
Cyber Incident Detection and Notification Planning Guide and Templates for Election Security: A planning guide with templates to help jurisdictions effectively recognize and respond to potential cyber incidents. Election offices can use this information as a basic cyber incident response plan or integrate it into a broader plan based on their specific needs. The templates, which can be tailored to fit the exact needs of each jurisdiction, include:
- Key stakeholders and contact information worksheets for incident notification and response;
- Incident notification plans providing standardized procedures for notifying appropriate stakeholders of a potential cyber incident based on observed symptoms and level of criticality; and,
- Incident indicators (“symptoms”) system users can reference to detect potential cyber incidents and initiate the appropriate notification plan for escalation and reporting.
- Cyber Incident Detection and Notification Planning Guide for Election Security
- Cyber Incident Detection and Notification Planning Guide for Election Security Templates
Election Infrastructure Cyber Risk Assessment and Infographic: Voluntary resources intended to assist the election community and federal partners in understanding and managing risk to critical election systems. The assessment evaluates risks to key points of preparation (e.g., ballot preparation, voting system programming and preparation), which enable the operational administration of elections.
- Election Infrastructure Cyber Risk Assessment
- Election Infrastructure Cyber Risk Assessment (Spanish-version)
- Election Infrastructure Cyber Risk Infographic
- Election Infrastructure Cyber Risk Infographic (Spanish-version)
Election Infrastructure Insider Threat Mitigation Guide: This guide offers election stakeholders guidance on understanding and mitigating the risk of insider threats to elections. This guide defines insider threats, highlights the risks relevant to elections, and offers guidance for establishing an insider threat mitigation program that includes both proactive and reactive measures against potential threats.
Election Infrastructure Security Resource Guide: A catalog of CISA’s wide range services and products (cybersecurity assessments, on-site and virtual trainings and exercises, and other resources) available to support State and local election officials.
Guide to Vulnerability Reporting for America’s Election Administrators: Provides election administrators with a step-by-step guide, list of resources, and a template for establishing a successful vulnerability disclosure program to address possible vulnerabilities in their election systems. The six steps include:
- Identify Systems Where You Would Accept Security Testing, and those Off-Limits
- Draft an Easy-to-Read Vulnerability Disclosure Policy (See Appendix III)
- Establish a Way to Receive Reports/Conduct Follow-On Communication
- Assign Someone to Thank and Communicate with Researchers
- Assign Someone to Vet and Fix the Vulnerabilities
- Consider Sharing Information with Other Affected Parties
Incident Handling Overview for Election Officials: A summary of CISA’s cyber incident response team services that includes best practices for incident response planning, a checklist for requesting assistance, overview of the incident response process, and common mistakes to avoid.
Mail-in Voting in 2020 Infrastructure Risk Assessment and Infographic: Voluntary resources intended to assist the election community and federal partners in understanding and managing risk to critical election systems. The risk assessment evaluates specific risks to election infrastructure and operations associated with mail-in-voting.
- Mail-in Voting in 2020 Infrastructure Risk Assessment
- Mail-in Voting in 2020 Infrastructure Risk Infographic
Physical Security of Voting Locations and Election Facilities: A general guide with resources and actionable steps—to Connect, Plan, Train, and Report—that election officials should consider to improve the physical security posture and enhance resilience of election operations in their jurisdiction.
- Physical Security of Voting Locations and Election Facilities
- Physical Security of Voting Locations and Election Facilities (Spanish-version)
Protecting Your Networks from Ransomware: An interagency guide of federal government and private industry best practices and mitigation strategies focused on the prevention and response actions to ransomware (malicious software designed to deny access to a computer system or data until a ransom is paid).
Security Resources for the Election Infrastructure Subsector: Developed in partnership with the FBI, this document offers a summary of resources available across the federal government to assist SLTT election officials and their private sector partners in responding to threats to personnel, and guidance on assessing and mitigating risks to their physical assets.
Securing Voter Registration Data: An overview of threats to voter registration websites and databases along with recommendations on how election officials and network administrators can protect against these threats.
CISA Insights: Chain of Custody and Critical Infrastructure Systems: This CISA Insights provides an overview of what chain of custody is, highlights the potential impacts and risks resulting from a broken chain of custody, and offers critical infrastructure owners and operators an initial framework with five actionable steps for securing chain of custody for their physical and digital assets. It also includes examples of physical and digital chain of custody for the election infrastructure subsector, chemical sector, and more.
Domain-Based Message Authentication, Reporting and Conformance (DMARC): A fact sheet on the importance of DMARC (an email authentication policy that protects against fake emails disguised to look like legitimate emails from trusted sources), instructions for handling a fraudulent email, and how to adopt DMARC.
Election Security Training and Exercise Offerings: CISA offers no-cost trainings and exercise services to enhance security and resilience of election infrastructure. The trainings typically run 30-90 minutes each and available both in-person and virtually on topics such as election security best practices to build trust, insider threats, ransomware, and phishing.
Hyper Text Transfer Protocol Secure (HTTPS): A fact sheet on HTTPS—used to encrypt and secure information transmitted between a user's web browser and a website. Encryption is especially important on webpages that collect information through forms or requires a user to login, such as online voter registration.
Multi-Factor Authentication (MFA): A fact sheet on using MFA—a layered approach to securing data and applications where a system requires a user to present two or more credentials at login to verify a user's identify. MFA reduces the risk of adversaries gaining access to the targeted physical space, computing device, network, or database.
Ransomware: A fact sheet that includes best practices to protect your systems and data against ransomware, planning for a ransomware incident, recovering from a ransomware attack, and CISA services and support.
Sign Up for a .gov Domain: Information for Election Officials: This fact sheet explains the importance for election officials to sign up for a .gov domain. Election officials continue to combat false and misleading election information, making it increasingly difficult to identify trusted sources of information. As the Agency that oversees the .gov top-level domain, CISA provides .gov domains for election offices to help the public quickly identify accurate election information.
- Sign Up for a .gov Domain: Information for Election Officials
- Sign Up for a .gov Domain: Information for Election Officials (Spanish-version)
These joint flyers were co-produced by U.S. Election Assistance Commission (EAC), the National Association of Secretaries of State (NASS), the National Association of State Election Directors (NASED), and/or DHS as voluntary outreach materials.
Before You Vote – National: A flyer to educate voters on actions they should take before Election Day.
Before You Vote - State and Local: A flyer that can be customized with a state or local election information website to educate voters on actions they should take before Election Day.
State & Local Official Results: A flyer to remind voters that only state and local election officials provide official results.
Vote with Confidence: A flyer to help voters cast their ballots with confidence.
Cybersecurity Toolkit to Protect Elections: CISA—through the Joint Cyber Defense Collaborative (JCDC)—has compiled a toolkit to help state and local government officials, election officials, and vendors enhance the cybersecurity and cyber resilience of U.S. election infrastructure. The toolkit provides both an election security risk profile tool to assess risk as well as tools and services focused on protecting the election infrastructure assets most commonly targeted by phishing, ransomware, and distributed denial-of-service (DDoS) attacks.
Election Disinformation Toolkit: A toolkit for election officials to emphasize their role as “trusted voices” for election information, and to spread the importance of “we’re all in this together” in reducing the impacts of disinformation campaigns on elections.
Election Infographic Products: A set of five products designed to combat disinformation by equipping election officials, stakeholders, and voters with information on the mail-in voting, postelection, and election result processes (which vary by state and/or jurisdictions). The products include:
- Mail-in Voting Processing Factors Map (Updated October 29, 2020): A weekly-updated map that offers a visual of the movement in each state’s mail-in ballot processing.
- Mail-in Voting 2020 Policy Changes Map (Updated October 29, 2020): A map that offers a visual of changes established to each state as a result of COVID-19.
- Mail-in Voting Election Integrity Safeguards Infographic: A product that provides the description and in-person equivalent for procedural and physical ballot safeguards.
- Post Election Process Mapping Infographic: A product that provides a timeline of post-election processes for the Presidential election from close of polls on Election Day, November 3, 2020, to Inauguration Day on January 20, 2021.
- Election Results Reporting Risk and Mitigations Infographic: A product that provides an overview of the risks associated with results reporting systems and how they are managed through mitigating measures.
[Note: CISA is committed to providing access to our webpages and documents for individuals with disabilities, both members of the public and federal employees. If the format of any elements or content within these documents interfere with your ability to access the information, as defined in the Rehabilitation Act, please email firstname.lastname@example.org. To enable us to respond in a manner most helpful to you, please indicate the nature of your inaccessibility and the preferred format in which to receive the material.]
Ensuring and Securing Your Vote - National Audience: An infographic outlining best practices for voters to consider pre-election, election day, and post-election. This infographic was co-produced by the U.S. Election Assistance Commission (EAC), the National Association of Secretaries of State (NASS), the National Association of State Election Directors (NASED), and DHS.
Ensuring and Securing Your Vote – State & Local Audience: An infographic outlining best practices for voters that can be customized to include a State or local website. This infographic was co-produced by the EAC, NASS, and the NASED.
Foreign Interference Taxonomy: An infographic that explains malign actions taken by foreign governments or foreign actors for the purpose of undermining the interests of the U.S. and its allies.
Supply Chain Risks to Election Infrastructure Subsector Infographic: Developed in partnership with the Election Infrastructure Subsector Coordinating Council Supply Chain Risk Management Working Group, this infographic offers key considerations and recommendations for election jurisdictions and election system providers to keep in mind as they mitigate risks and maintain a strong supply chain security posture. Supply Chains serving election infrastructure are comprised of four categories: Hardware, Software, Services, and Paper Supplies.
Three P’s of Voting: An infographic to help voters understand the importance of being prepared ahead of elections to cast their vote, participating to help during local elections, and being patient as increased usage of mail-in and absentee ballots may lead to slower than usual results reporting in some states.
U.S. Electoral Process Infographic: An infographic that outlines pre-election, election day, and post-election activities that rely on election infrastructure.
Last Mile Products
Thousands of local jurisdictions, vendors, and political campaigns make up the majority of the U.S. elections stakeholder community, and together present the biggest opportunities and vulnerabilities for election security. The independence and resource disparity among these entities creates significant challenges to information sharing and implementation of best practices.
CISA’s Last Mile products are scalable, customizable tools that local stakeholders can use immediately to improve security and awareness of additional services available. These products (such as Election Security Planning Snapshot, Election Emergency Response Guides, Election Safeguards, and other templates) aim to strengthen the relationships among national, state, and local partners, which are essential for effective information sharing and continual engagement on critical election security issues.
For more information and to request a customized Last Mile product, please contact: email@example.com.
Plans and Reports
Best Practices for Continuity of Operations (Handling Destructive Malware): A report providing organizations recommended guidance and considerations as part of their network architecture, security baseline, continuous monitoring, and Incident Response practices in order to actively prepare for and respond to a disruptive event.
DHS Election Infrastructure Security Funding Consideration: A report providing the election community possible considerations, both short- and long-term, for the use of 2018 Congressionally-appropriated election funding, as well as support for procurement decisions regarding use of the funding.
Election Infrastructure Subsector-Specific Plan - 2022 Status Update: Developed by the Election Infrastructure Government Coordinating Council and Subsector Coordinating Council, this plan provides joint interim guidance for the Election Infrastructure Subsector to address current security priorities. The efforts included aim to boost collective capabilities for responding to national or large-scale incidents and build resilience across the elections ecosystem.
The Non-Confrontational Techniques for Election Workers Training empowers poll workers and election officials to safely navigate potentially escalating situations at election facilities and polling locations. This is a 15-minute abbreviated version of the full training that election workers can conveniently utilize. To request the full training, email firstname.lastname@example.org or contact your regional CISA office.
The CISA Election Security Overview details the election security risk landscape and CISA’s role in assisting election stakeholders to manage risk and strengthen resilience in elections infrastructure.
The Election Security: Building Trust Through Secure Practices training helps stakeholders identify election security best practices that can help build public trust in elections and combat mis-, dis-, and malinformation.
The Risk in Focus: Ransomware training provides an overview on ransomware, insight into how attack vectors impact election infrastructure, and related risks and available resources.
The Risk in Focus: Phishing training includes an overview of types, detection, and impacts of phishing with an emphasis on election infrastructure related risks and available resources.
For questions or comments, email EISSA@cisa.dhs.gov.