Webinar Recap: Protecting the 2024 Elections, Be Prepared for Anything
In mid-March, our CIO Ryan Mulhall participated in FedInsider’s panel discussion with representatives from Arizona’s Maricopa County and Fortinet. Together, they explained the steps officials can take now to prepare for the 2024 election.
During the session, Ryan highlighted ways that organizations can detect, mitigate, and protect themselves. He emphasized that organizations need to obtain endpoint network security tools, and they must be operational immediately. The more organizations see now, the more they can use machine learning to pick up on those anomalies later. Ryan also added, "It is best to seek out and acquire a single unified vendor solution and integrate all the tools together to maximize the monitoring capabilities. Before considering any new tools, make sure you use what you already have."
It should not be unexpected that the typical culprits for cyber threats targeting any organization are phishing emails, ransomware attacks, and DDoS attacks. Ryan described how organizations can be more proactive with these types of threats.
- Phishing. People are your best sensors and an important first line of defense. Implementing agency-wide security awareness training and phishing exercises are key.
- Ransomware. Businesses need to have good endpoint detection and response (EDR) solutions. With the EDR tool and platform, it is important to make sure you are monitoring the threats and also monitor the ‘checkins’ of your tools. If the tools have not ‘checked in’ for a week, then the tool you have may not be running and protecting your systems.
- DDoS attacks. If you are protecting your own network, a firewall is typically the place to start. However, be sure to look into having your upstream provider (Internet service provider) take some of that traffic load and help manage and mitigate those bigger DDoS threats too.
The panelist talked about how misinformation is a new type of attack where information may not always be true or accurate. A message can spread widely enough to make people doubt the integrity of the entire process. This is something very unique and not all cyber teams are equipped to deal with it.
Arizona’s Lester Godsey, from Maricopa County, described that it is important for organizations to get their message straight. He encouraged organizations to treat cybersecurity like a ‘team sport’. Cyber professionals need to be involved, but also include your internal communications department and your executive management. It requires a greater response by the enterprise as a whole.
Fortinet’s Jim Richberg added that by definition cybersecurity is a team sport, no one plays all the positions, and in some cases you have to outsource to the private sector.
The State of Iowa takes on a collaborative approach, and the ICN is one part of a larger cyber team. Ryan explained, “On high-profile occasions like an election, ICN does increase our personnel, so we can have more eyes looking in more places, usually until the election results are posted. Iowa’s Secretary of State has made cybersecurity a focus. The State of Iowa’s Department of Management, Division of IT, provides solutions to Iowa counties. We all use resources such as: CISA, MS-ISAC, cybersecurity advisors, election security advisors.” The State of Iowa also brings in private sector companies as well. There is a lot of expertise available when all teams come together and bring their resources to the table.
Concluding the webinar, all panelists unanimously agreed that cybersecurity is a collaborative effort, and no two states’ responses are the same. A key takeaway is that cybersecurity incidents can happen anywhere and affect a wide range of individuals. By taking a proactive approach and gaining insights from different states’ and practice scenarios, all organizations can be ready and prepared to take on any cyber event.