Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

6/26/2019
04:00 PM
Dark Reading
Dark Reading
Products and Releases
100%
0%

Global Cyber Alliance And Center For Internet Security Launch Free Cybersecurity Toolkit for States And Local Election Offices

Developed with Funding from Craig Newmark Philanthropies, Toolkit Focuses on Mitigating Most Common and Addressable Cyber Risks

EW YORK, June 25, 2019 – Today, the Global Cyber Alliance (GCA), in partnership with Craig Newmark Philanthropies and the Center for Internet Security,® Inc. (CIS®), announces a FREE toolkit aimed at providing election authorities with additional easy-to-use solutions that will help mitigate the most common risks to free and fair elections. This toolkit will help government entities responsible for securing local, state and national elections handle daunting security challenges posed by today’s digital world.  Election offices are already working overtime against increasing threats, and the toolkit provides more resources for them to consider. Earlier this year, Craig Newmark Philanthropies contributed a $1.068 million gift to help GCA provide critical cybersecurity protections for media, journalists, election offices and community organizations, and this toolkit is a step in that effort.

“Election infrastructure is critical infrastructure – as vital to daily lives as nuclear power plants or water-filtration facilities,” said Philip Reitinger, President and CEO of GCA. “Election security must be a national and global priority, especially as securing elections is one of the most difficult tasks for a democracy, and the shortage of resources available to many election offices exacerbates the challenge.”

The toolkit is intended to help election offices add to their security program with free operational tools and guidance and has been assembled to help implement the recommendations in A Handbook for Elections Infrastructure Security. In this document, the Center for Internet Security, Inc., working with election offices, election associations and vendors, as well as academia, has established a set of best practices for securing the systems that comprise our election infrastructure. 

“The fabric of American democratic society relies on citizen trust in a fair, equitable and secure elections process,” said Craig Newmark. “The GCA Cybersecurity Toolkit offers election officials with proven cybersecurity policies and protections to help prevent elections from being hijacked by those who want to inflict damage on free and open societies.”

Elections are local, but the threats to their integrity are global. More than 99 percent of votes in the U.S. are cast or counted by computer, and the U.S. Department of Homeland Security has designated election systems as critical infrastructure.

Today’s cyber risks to elections are multiple and alarming. These risks include the compromise of voter registration data, election infrastructure hacking to alter vote counts, denial-of-service attacks against election offices, phishing campaigns directed at election officials, impersonation of emails from election offices and others, and the viral spread of false information through websites and social media.

“GCA has compiled a number of valuable free resources that will help election officials implement the security best practices outlined in A Handbook for Elections Infrastructure Security,” said John Gilligan, CIS President and CEO. “CIS appreciated the opportunity to collaborate with GCA on the Cybersecurity Toolkit for Elections.”

Election officials now confront an onslaught of cyber threats that inflict serious risks to the integrity of elections and the democratic process. Although these officials work hard to secure election infrastructure, there are thousands of election offices across the country with disparate security resources that will benefit from the GCA Cybersecurity Toolkit.

For more information and to access the toolkit, visit https://gcatoolkit.org/elections.

 

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect.  Learn more at www.globalcyberalliance.org.

 

About Craig Newmark Philanthropies

Craig Newmark Philanthropies was created by craigslist founder Craig Newmark to support and connect people and drive broad civic engagement. The organization works to advance people and grassroots organizations that are getting stuff done in areas that include trustworthy journalism, voter protection, gender diversity in technology, and veterans and military families. For more information, please visit: CraigNewmarkPhilanthropies.org.

 

About CIS

CIS (Center for Internet Security, Inc.) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. The CIS Controls™ and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. Our CIS Hardened Images™ are virtual machine emulations preconfigured to provide secure, on-demand, and scalable computing environments in the cloud. CIS is home to both the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center ® (EI-ISAC®), which supports the cybersecurity needs of U.S. State, Local and Territorial elections offices. To learn more, visit www.cisecurity.org or follow us on Twitter: @CISecurity.

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24368
PUBLISHED: 2021-06-20
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin WordPress plugin before 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, leading to a reflected Cross-Site Scripting issue. This c...
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-33185
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33186
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31272
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.