I worked in cybersecurity at a state. The various agencies usually don't share information (they can't figure out cost sharing) and even within a single agency, they tend to keep things in separate systems.
Voter Registration Systems are often outsourced, and the vendors must submit to annual onsite third party audits. The normal issues are finding the money to fix the audit findings, and dealing with public perception.
Voting Systems are different than Voter Registration Systems. The information flow between them is strictly controlled. Having access to a VRS doesn't necessarily mean you have access to add, modify, or delete data within it. There are integrity checks and backups.
Of all the information, the source of the attacks is the one I most trust. The FBI cannot reveal all its sources, but its cyber intelligence units are very good at identifying who is behind the hacks. For the states, they don't need to know who is hacking. They need information on how and how to defend against those methods. That is what the FBI is offering the states.
State Computers
Voter Registration Systems are often outsourced, and the vendors must submit to annual onsite third party audits. The normal issues are finding the money to fix the audit findings, and dealing with public perception.
Voting Systems are different than Voter Registration Systems. The information flow between them is strictly controlled. Having access to a VRS doesn't necessarily mean you have access to add, modify, or delete data within it. There are integrity checks and backups.
Of all the information, the source of the attacks is the one I most trust. The FBI cannot reveal all its sources, but its cyber intelligence units are very good at identifying who is behind the hacks. For the states, they don't need to know who is hacking. They need information on how and how to defend against those methods. That is what the FBI is offering the states.
SOS Kemp
Techdirt has not posted any stories submitted by Security_Geek.
Submit a story now.