Assume an imminent breach of integrity and develop a meaningful response plan. As data people, we’re good at being thrust into situations with few facts and expected to tell C-level folks both what could happen and how to respond to minimize impact.
Start a long-term plan to build a secure election stack. Security wonks are good at that sort of thing, too. That doesn’t mean eliminating any possibility of compromise, but we can make it far more expensive for the perpetrators to penetrate. Simply bolting on blockchain won’t work – we have to think more comprehensively.
Develop better training for the thousands of poll locations staffed with energized volunteers. Materials published in an easy-to-digest tips format can help workers spot and stop suspicious activity.
Work closely with the voting equipment manufacturers. While some organizations have started to lean into the process, there’s been a palpable fear among researchers when attempting to alert manufacturers about security. This continues to change, including new penetration testing and vulnerability disclosure programs.
Engage with voters. We still have to speak directly to voters and get them up-to-speed on the potential defenses each polling location plans to roll out. In an environment where fake security warnings are the norm, we have to put citizens on high alert to verify the authenticity of new security measures.
This week’s breach roundup is led by network outage at Central Indiana Orthopedics brought on by a ransomware attack and a dental vendor data breach affecting multiple dentist offices and 174,000 patients.