Election security increasingly at risk of insider threats

Insider threats have been a growing concern in election security amid the continued dangers posed by ransomware attacks and other nation-state operations, StateScoop reports. The entire threat landscape should be in the purview of election officials, according to Cybersecurity and Infrastructure Security Agency Director Jen Easterly at the National Association of Secretaries of State conference. "If we focus too intently on one set of threats, we are very likely to miss those coming from another direction. Insider threats can do malicious things. They can also pose malicious physical threats," Easterly said. CISA Senior Election Security Lead Kim Wyman noted that election systems breaches caused by election office workers or leaders leaking proprietary information as observed in Colorado's Mesa County and Michigan are new occurrences and urged election officials to be more responsible in maintaining controls. "Be aware of your chain of custody and internal controls. Much like a bank protects money, you never want to have a situation where staff gets in proximity of ballots by themselves," Wyman added.