Better Together: Election Officials Join Hackers at DEFCON Conference
[Image via TNW]
After years of an adversarial relationship between election officials and information security experts, the two sides are seeing the value in working together in the face of outside threats and internal challenges – including a growing number of election officials who are traveling to this week’s DEFCON hacking conference in Las Vegas. The Las Vegas Sun has more:
Ahead of the annual hacker and cybersecurity conference Def Con in Las Vegas this weekend, organizers anticipate that the part of the event devoted to election security will entice more local, state and federal election officials than ever before.
Drawing tens of thousands of hackers, researchers, lawyers and others interested in cybersecurity every year to Las Vegas, Def Con has included a so-called “Voting Village” in its weekend-long programming for the past three years to address election security and how to protect elections from hacking.
This is the first time that Def Con explicitly invited local and state election officials to attend, and many seem to be taking advantage of the opportunity, said Harri Hursti, co-founder of the Voting Village and founder of computer and network security company Nordic Innovation Labs.
“We never intended this to be a main or big thing. It became a big thing because of popular demand,” Hursti said.
In addition to addressing the immediate threat of outside interference, the conference will also assist election officials in finding the help they need to make their systems more secure:
One focus of this year’s Voting Village will be to help election officials obtain election security resources and meet experienced hackers, cybersecurity experts and IT workers who want to volunteer their time to secure elections and preserve democracy. From 10 a.m. to noon Saturday, the Voting Village will host an “open-house style event” for government officials to meet with experts and discuss ways they might collaborate.
The goal of this new program is to address the “cybersecurity workforce gap,” or the lack of cybersecurity experts employed where needed, such as in election offices.
“A lot of the election offices and officials are at the mercy of their vendors. They don’t have the people or the skillset to evaluate and value what they’re paying to the vendors and if what the vendors have sold them is doing the job it’s supposed to do,” Hursti said.
That’s partly because many election jurisdictions lack full-time IT or cybersecurity experts, he said. Poll workers also, on the whole, tend to have limited knowledge about election security.
“In the U.S., elections are starved from all resources, and one resource is money. The second resource from which they are starved of is poll workers,” Hursti said.
[The Center for Democracy and Technology recently re-shared two 2018 resources for security professionals and election officials seeking to work together. They’re worth a look. – DMCj]
These growing efforts to reach across what had become a fairly forbidding (and often hostile) divide are a hopeful sign for security professionals and election officials alike. More than ever, the two groups are realizing that each has something to share – knowledge about information security, deeper understanding of the nuts and bolts of election administration – that can be used to protect American voters and the election system as a whole. Kudos to the conference organizers for opening their doors to the election community – and good for those officials who will take the time to meet and talk with their counterparts in the security community. Safe travels to everyone headed to Vegas – and stay tuned!