Four years into its existence, a cybersecurity and intelligence-sharing operation built for state and local election officials now numbers more than 3,400 members, has added several new products and has become a mainstay of a once-skeptical community of election administrators scattered across the country.
Amid that growth, though, and rising staff turnover at individual election offices, the Election Infrastructure Information Sharing and Analysis Center, or EI-ISAC, is “reintroducing” itself, the operation’s director, Marci Andino, told StateScoop this week.
“We’ve got a lot of people out there conducting elections who weren’t there in 2018,” Andino, a former statewide election director in South Carolina, said in a phone interview ahead of the National Association of Secretaries of State conference taking place in Baton Rouge, Louisiana.
Andino was hired last year to lead the EI-ISAC, which is funded by the U.S. Department of Homeland Security and operated by the Center for Internet Security, the Upstate New York nonprofit group that also runs the Multi-State ISAC providing state and local governments with cybersecurity information and services.
Election offices, Andino said, rely on new and seasonal workers, particularly in the run-up to a general election. With one coming in four months, the EI-ISAC this month started promoting a campaign called “Cyber STRONG,” an acronym whose parts refer to employee education, communications, device and network security and public awareness.
The program stresses employee trainings, including tabletop drills that simulate election disasters and anti-phishing exercises that test people’s ability to not click on a malicious link or attachment.
“Users are the weakest link in any system,” Andino said. “Officials are extremely busy and they bring on lots of seasonal workers. This is reminding them of phishing, threats out there.”
Andino said she’s also trying to pitch more election offices to sign up for the Center for Internet Security’s technical products, like vulnerability assessments or the organization’s malicious domain blocking and endpoint detection services, which are offered free to EI-ISAC members.
There are also monthly publications focused on specific threats, with July covering insider threats, the risk of which she said rises naturally as new people are brought in.
“[Officials] can’t conduct elections without bringing in lots of new employees or seasonal workers, so it increases that insider threat,” Andino said.