Druva: Election Cybersecurity Should Be Addressed with Cloud Voting
Election cybersecurity has become a hot topic amid problems with primary voting and security flaws in online voting.
And election cybersecurity concerns are expected to intensify as we get closer to the 2020 presidential election.
Russia’s attempts to infiltrate vulnerable voter systems, and rising public health concerns about in-person voting highlight the need for a different model that is modernized and secure to address election cybersecurity.
W. Curtis Preston is chief technical evangelist at Druva. He believes an authenticated cloud-based approach may be the best election cybersecurity solution. It would ensure a fair and accurate election without the inevitable election cybersecurity issues like voting malfunction or national security threat, he said.
Voting through the cloud also serves as a way to protect public health and can help citizens dodge the threat of COVID-19 come November, he said.
We spoke with Preston to find out more about election cybersecurity.
Channel Futures: Based on problems that already have occurred, and if any changes aren’t made, is the 2020 election set to be even more problematic? If so, why?
W. Curtis Preston: The big concern is that due to COVID-19, some people might not be able to vote. Democrats are suggesting more mail-in voting and Republicans have security concerns about this. But the reality is that without some major change, voting on election day will be very difficult.
CF: What isn’t being done that should be done to secure the voter process?
WCP: The current status of our election systems do not make use of advancements in other technological fields from the past decade, and still rely on outdated voting machines that are highly susceptible to sophisticated attacks, cyberthreats, and foreign interference. Just a few years ago, the United States became exposed to Russian threats where hackers targeted election systems and voting databases in all 50 state,s and were in a position to delete, tamper with or change voter data. In efforts to combat this, Congress provided states with $425 million in funding for upgrading voting equipment, cybersecurity training and other steps to secure elections. However, cybersecurity experts and officials close to the cause know that this funding is only a just band-aid to a much more complex problem, and won’t be enough to ensure widespread election security in the future. In order to guarantee elections remain cyber resilient from internal and foreign threats, it’s imperative to rethink the way systems are designed and implemented. It is time for officials at the federal and state levels to take action and look towards a different model that embraces modern technology.
CF: How can an authenticated cloud-based approach better secure the voter process?
WCP: Cloud technology is a strong and dependable backbone, upon which any type of trusted system can be built on. The world’s largest enterprises and most security-focused organizations use a public cloud infrastructure to accomplish their computing goals. Major cloud providers even have specific versions of their products that are tailored to the government (e.g. AWS GovCloud). The security practices of these major cloud vendors have been vetted and certified by multiple organizations, leaving little doubt that the back end of these systems are extremely vigilant and secure.
CF: How is voting through the cloud safer?
WCP: In terms of the pandemic, utilizing an error-proof, cloud-based voting system would allow individuals to vote without having to leave their home, which would likely resonate well with many civilians trying to maintain their health and safety during COVID-19. Voting through the cloud offers the utmost security posture and several layers of multifactor authentication. Cloud technology permits voters to authenticate and validate identities by logging into a secure site with a unique username and password combination. Users can then enter a personalized PIN number that is shared prior to the election itself. These added security measures will only make voting through the cloud safer than the traditional forms of voting that are available today.
CF: Does an authenticated cloud-based approach present challenges/opportunities for MSSPs and other cybersecurity providers? If so, can you give some examples?
WCP: It shouldn’t present any more challenges than any of the thousands of other systems they secure on a daily basis. Cloud technology is used…