Modern field guide to security and privacy

Opinion: The real cost of election insecurity

Voter trust is on the line unless the US increases cybersecurity at the polls.

Jim Young/Reuters
A polling station in Chicago offering early voting REUTERS/Jim Young

As Election Day approaches, security concerns at the polls have reached an all-time high: Donald Trump is warning about a "rigged" election, the FBI has already cautioned state voting officials about digital intrusions, and the White House is now preparing to respond to suspected Russian hacks against US political organizations.

But the bigger risk isn't to actual vote counting technology, it's to democracy itself. Democracy depends on voter trust – trust that each vote will be tabulated correctly, and that those votes will be counted and reported accurately. Without this trust, we risk voter disengagement and the potential for social unrest.

While there's certainly potential for hackers to tamper with the vote, it's critical that we talk about the issue reasonably and avoid exaggerating the damage of certain types of digital intrusions. 

For instance, while it seems certain that Russia had a hand in the Democratic National Committee hack, it's dangerous to assume Moscow or Beijing is responsible for every hack that surfaces in the news. Wild and unfounded speculation about which nation-state is behind the recent breaches feeds hype and fear about cyberattacks.

When people believe that security problems are insurmountable, they often stop caring and no longer take basic actions necessary for security. Our democracy can't afford additional sources of voter disengagement. While we need to avoid making baseless claims and overblowing the problem, the US must still take basic precautions to protect the vote.

First, we should establish national standards for election hardware and software. Complexity is rarely good for security. Voting equipment varies by state – not just the version of the hardware and software, but also the method of voting. Keeping systems secure – pushing updates and patching vulnerabilities – is nearly impossible in such an unnecessarily complex system. Building a comprehensive national structure, with mandatory patching and upgrade requirements, would substantially increase the security of our election infrastructure.

We have to upgrade our technology. At least 43 states will use voting technology that's at least 10 years old in November’s election. Election officials are stockpiling old parts, buying them from eBay because they aren’t available from the manufacturer any more. We upgrade our personal computers every few years – we should do the same with voting tech. Voting technology should be purchased from a company that can continually support upgrades, from the hardware to the operating system to security features and user interface. 

None of these upgrades should be done on the cheap, either. Securing our country's voting systems is a huge job. A 2015 report by the Brennan Center estimates the price tag of a national voting system overhaul at more than $1 billion – although the report also mentions that this cost could be offset by "lower operating costs and better contracts."

We must pick our security partners wisely when it comes to protecting the vote. The level of trust in government, especially when it comes to our individual rights, was badly damaged by Edward Snowden's revelations about National Security Agency surveillance practices. The FBI’s push to unlock the iPhone didn’t help. Why not bring on Apple as technical partner for securing voting systems? They aren’t perfect, but they've proven to be effective when it comes to prioritizing encryption and standing up for their users’ privacy.

Ensuring the security of our election systems will be costly. It will require election officials at all levels to understand both technical and social elements. But it's something we absolutely must do – and we must do it soon. Our democracy, and the people who participate in it, are too important to leave unsecured.

Jamie Winterton is the director of strategy for Arizona State University's Global Security Initiative. Follow her on Twitter @j_winterton.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.