CISA Director Jen Easterly shared during a panel at Black Hat USA 2024 that U.S. election infrastructure is more secure than ever. The panel, moderated by Associated Press reporter Christina Cassidy, featured cybersecurity leaders from around the world discussing election security risks in a year where many countries are holding national elections.
Easterly, along with European cybersecurity experts Hans de Vries and Felicity Oswald, discussed their respective countries’ approaches to securing elections. Oswald shared that the U.K. government had detected attempted attacks from Chinese nation-state actors ahead of recent elections. Despite these threats, the U.K. was able to conduct smooth and secure elections.
De Vries also highlighted the importance of preparation in securing elections. He mentioned that collaboration between partners and stakeholders played a crucial role in ensuring the security of European and Dutch elections. The close relationships between international cybersecurity agencies, including CISA, ENISA, and the NCSC, have facilitated knowledge sharing and learning from each other’s experiences.
Easterly emphasized the importance of continuous learning and collaboration in the face of evolving threats. She noted the complexity of the current threat environment, which includes nation-state hacking efforts and misinformation strategies involving commercial organizations. Despite the challenges, she expressed confidence in the security of election infrastructure and the strength of the election stakeholder community.
One significant aspect of Easterly’s remarks was the acknowledgment of the diversity and complexity of voting technology across states in the U.S. She highlighted the need for a defense-in-depth approach to election security, which includes physical, cybersecurity, and operational measures. Since the start of the election cycle, CISA has conducted numerous assessments, tabletop exercises, and training sessions to enhance the security of the electoral process.
In response to the evolving threat landscape, Easterly stressed the importance of amplifying the voices of state and local election officials as authoritative sources on election matters. She also addressed the potential threat of DDoS attacks on election systems, emphasizing that such attacks would not compromise the integrity of elections or voting results.
Overall, the panel discussion at Black Hat USA 2024 underscored the collaborative efforts and ongoing initiatives to secure election infrastructure globally. By sharing best practices, enhancing preparedness, and fostering partnerships, cybersecurity leaders are working to ensure the integrity and security of elections in an increasingly complex threat landscape.