Enhancing U.S. Election Technology Security: The Secure IT Act
Congress is taking significant steps towards bolstering the cybersecurity of U.S. election technology with the introduction of the Secure Information Technology (Secure IT) Act. This legislation is part of the Intelligence Authorization Act, which funds intelligence agencies like the CIA.
The Need for Stricter Cybersecurity Measures
The Secure IT Act mandates federal certification of voting machines and ballot scanners through penetration testing. This testing aims to uncover vulnerabilities in election systems and improve the overall security of critical election technologies. The bill, originally spearheaded by U.S. Senators Mark Warner and Susan Collins, emphasizes the importance of staying ahead of potential threats and adversaries.
Addressing Vulnerabilities in Election Systems
With the spotlight on election security following Russian interference in the 2016 election, experts have been advocating for stricter federal standards and independent safety audits. The Secure IT Act responds to these calls by enhancing the certification process for election technology, including penetration testing to simulate real-world attacks and identify critical software flaws.
Piloting a Vulnerability Disclosure Program
In addition to penetration testing, the bill requires the Election Assistance Commission to pilot a vulnerability disclosure program for election technology. This program invites cybersecurity experts to identify and report vulnerabilities in various electoral systems, even those not subject to federal testing. By engaging a diverse panel of experts, the program seeks to fortify the resilience of American democracy against potential cyber threats.
