Critical Infrastructure Security, Critical Infrastructure Security, Network Security

State of security: Iowa

Who's in charge: Secretary of State Paul Pate, Director of Elections Dawn Williams

Iowa uses nothing but paper ballots for all forms of voting, and then tabulates the votes with ballot marking technology or optical scanners.

The auditing process has come under some criticism for a variety of perceived flaws, including its scope, which is limited to a fixed number of counties and precincts, and a lack of binding results. Further complicating matters is Iowa’s policy allowing voters stationed or living overseas to return voted ballots electronically, a practice that some regard as insecure.

In 2018 Iowa was granted about $4.6 million in federal funds, to be applied toward various new and ongoing election security initiatives. This includes replacing the old version of I-VOTERS, the Hawkeye State’s voter registration system, and bolstering its cyber protections with the addition of firewall upgrades, two-factor authentication and user training. The RFP process for I-VOTERS is expected to begin in 2019, according to documentation recently provided to the U.S. Election Assistance Commission.

Additionally, Secretary of State Paul Pate said that nearly 60 percent of funds acquired under the Help Americans Vote Act (HAVA) would go directly to supporting Iowa’s 99 local counties. However, Pate said, they would not use the funds toward the purchase of new equipment because most of these counties already renewed their technology over the last three years.

And back in August, Pate’s office also said they would be adding an information security officer and cyber navigator position to the staff.

Iowa was one of the 21 states known to be targeted by Russian hackers in the run-up to the 2016 elections. In the course of its own research, the Center for American Progress attempted to assess what protections would be in place for 2018, but the organization reported that state officials would not provide it with the information it was seeking. However the group said the state’s voter registration system does benefit from intrusion detection technology and vulnerability testing, and that all voting machines must be tested to EAC Voluntary Voting System Guidelines.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.