‘Build a coalition’ for election security, says New Jersey’s CISO

A single vote can change the outcome of a local election, making the job of security officials a complex one that requires coordination across the various levels of government and the private sector, New Jersey Chief Information Security Officer Michael Geraghty told Scoop News Group during a recent virtual conference.

“When we talk about local elections, even the minutest threat vector, one vote being flipped because of voter fraud or some other issue, we also have an issue,” Geraghty, who’s also the director of the New Jersey Cybersecurity and Communications Integration Cell, told CyberScoop’s Greg Otto. “So the way we approach it and the way I suggest everyone approach it is to build a coalition, not just at the state level, but local, federal officials, private sector partners, so that you can attack all these threat vectors.”

But it’s not only security threats officials should watch for, he said. A 2017 Virginia statehouse race that required a tiebreaker only for it later to be revealed that 26 voters had been apportioned to the wrong district illustrates the importance of organizational rigor in election administration. Threats to elections come in many forms, Geraghty said.

“It’s not just cyber,” he said. “It could be a protest or civil unrest outside a polling location. It could be a bomb threat, it could mail fraud, It could be any of those things and so being able to make sure you do some threat modeling and address it that way would be the best rather than just focusing the major effort on one area or another.”

And for cybersecurity in general, whether it’s bolstering election security or protecting state government networks, Geraghty said the COVID-19 pandemic has created additional worries.

“Plans that you may have had to protect endpoints more securely that were five years out, well, they became five minutes out instead,” he said.

This video was recorded as part of CrowdStrike’s 2020 Fal.Con for Public Sector Virtual Cybersecurity Conference, produced by FedScoop & CyberScoop.