The need to protect our nation’s election infrastructure from the dangers and impacts of physical, cyber, and insider threats has long been recognized by public and private partners in election administration.
The Cybersecurity and Infrastructure Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI), U.S. Department of Homeland Security, and the U.S. Election Assistance Commission (EAC), has released an overview of insider threats and election security as the 2024 election cycle unfolds. 2024 U.S. Federal Elections: The Insider Threat, offers recent examples of election security insider threats and considers the possibility of insider threat activity during this election cycle, highlighting the potential for foreign adversaries to exploit such domestic weaknesses.
The document includes a section that offers specific practices for election workers and private sector organizations to include when implementing mitigation programs against insider threat risks. One such mitigation practice emphasizes the importance of reporting all incidents that are suspicious for insider threat activity to be investigated and, as necessary, proper action can be taken to correct or prevent harm to the election infrastructure. The final section includes a user guide with reporting and investigative form templates that can be used with any insider threat mitigation program.
“Establishing and maintaining necessary standard operating procedures, access controls, zero trust security, and chain of custody procedures are necessary facets of election administration. Further, they must be reviewed, tested, and audited before, during, and after elections. Altogether, these measures support the integrity, reliability, and security of an election, providing the evidence to build public confidence in the process.“
2024 U.S. Federal Elections: The Insider Threat
For more information, check out HSDL‘s In Focus on Election Security.