CISA’s New Toolkit Addresses Election Cyber Risks

The Cybersecurity and Infrastructure Security Agency has provided state and local election officials with a new set of resources to protect their voting systems from cyber threats, including phishing, ransomware and distributed denial-of-service attacks.

CISA released the Protecting U.S. Elections: A CISA Cybersecurity Toolkit in preparation for the upcoming U.S. midterm elections. It was launched on the same day the Black Hat cybersecurity conference began in Las Vegas, where CISA Director Chris Krebs highlighted the importance of mitigating cyber risks, Netgov reported Thursday.

The toolkit includes the Election Security Risk Profile Tool built by CISA and the U.S. Election Assistance Commission to help the officials advance their knowledge about the threats that aim to compromise election infrastructure assets. Other resources in the toolset focus on detecting and combating cyber risks based on the National Institute of Standards and Technology’s Cybersecurity Framework.

“Each day, state and local election officials confront threats to their infrastructure from foreign interference, nefarious actors, insider threats and others,” CISA Director Jen Easterly said. According to the official, the kit supports the ongoing efforts of election officials to ensure the security and resilience of the American voting system.

CISA developed the tools in partnership with the Joint Cyber Defense Collaborative, a public-private collaboration established in 2021 amid the rising cyber incidents impacting critical infrastructures, including the Colonial Pipeline ransomware attack in May 2021, which resulted in fuel supply shortages across the East Coast.