California’s Office of Election Cybersecurity already has a few elections under its belt, including the Sept. 14 Gubernatorial Recall.
But, it’s back to the drawing board. That’s because potential cybersecurity threats and disinformation around the state’s elections are always a moving target.
“We’re back in planning mode, back in research mode,” Jenna Dresner, a senior spokeswoman for the office, said. “I think this is an issue that is not going away, and it’s evolving and changing; therefore, our tactics need to evolve and change.”
The Office of Election Cybersecurity started in 2018 after credible attacks to the country’s election systems.
For Dresner, knowing what potential threat or piece of disinformation to address is a balancing act. She said the office has an internal threshold. Because of the information stream, voters could be wedged into a conspiracy theory they weren’t aware of.
Disinformation runs rampant, too.
“It’s naturally designed to go viral,” she said.
To combat this, the office inoculates voters with accurate information. That means year round communication strategies, including funding for advertisements.
“Once we’re in the election, we’re just constantly reacting,” Dresner said.
As for the cybersecurity piece, the office treats election security with the anticipation that someone — a bad actor — can try and interfere. But, that’s kind of the point.
According to Dresner, these threats are the “new normal.” That means penetration testing and using paper ballots, among other safeguards.
Outside of a few technical issues in the recall election, Dresner said there was no evidence that it’s linked to an outside person.
“It’s sort of challenging. I think cybersecurity has so many components, within that regard, California’s elections are secure,” she said.
Anthony Cave is the Craig Newmark Journalist Scholar with the Global Cyber Alliance. GCA’s Cybersecurity Toolkit for Elections can help you assess your risk profile and beef up your election cybersecurity.