It’s a pivotal moment in US history. We’re coming together on long-overdue civil reforms, battling injustice and a deadly pandemic, while restarting our economy. Soon we’ll come together to decide our nation’s future leaders. At a time when truth is called into question, it’s vital to secure our election so we trust its outcomes. Cyberattacks on election systems could undermine confidence just when we need it the most.
The voter registration database (VRDB) is the heart of most election systems, and MITRE recently published the most important security steps to protect them.
Join our lively discussion to learn:
The nature of election systems and why they’re difficult to secure
MITRE’s focus on VRDBs and five key cyber recommendations
How Cisco Security can help you take action on MITRE’s advice today
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
#Protect2020: Securing the Heart of Our Election Systems
1. Steve Caimi, Cisco Security
July 2020
Securing the Heart of our
Election Systems
#Protect2020
2. Abstract
It’s a pivotal moment in US history.
We’re coming together on long-overdue civil reforms,
battling injustice and a deadly pandemic, while restarting
our economy. Soon we’ll come together to decide our
nation’s future leaders. At a time when truth is called into
question, it’s vital to secure our election so we trust its
outcomes.
Cyberattacks on election systems could undermine
confidence just when we need it the most.
The voter registration database (VRDB) is the heart of most
election systems, and MITRE recently published the most
important security steps to protect them.
Today we’ll explore:
‣ The nature of election systems and why they’re difficult to
secure
‣ MITRE’s focus on VRDBs and five key cybersecurity
recommendations
‣ How Cisco Security can help you take action on MITRE’s
advice today
3. Poll 1Your time is valuable. Why did you join our webinar today?
1. I am responsible for election security in my role
2. I am not responsible for election security, but interested in the topic
4. Agenda
1. The most important things
2. The system and the pieces
3. What makes security so hard
4. MITRE’s recommendations
5. Solutions to start using now
5. Agenda
1. The most important things
2. The system and the pieces
3. What makes securing it so hard
4. MITRE’s recommendations
5. Solutions to start using now
8. Many things can undermine our elections
Foreign
Interference
Unproven
Allegations
Voter
Fraud
Conspiracy
Theories
Information
Operations
Cyber
Breaches
9. Which brings us to
cisa.gov/protect2020
• Cybersecurity & Infrastructure Security Agency (CISA)
• Lead federal agency for election security
• National call to action to bolster election security
• Resources and outreach to state & local government
10. Example: Understanding foreign interference
From random cyberspace to the real world
https://www.cisa.gov/sites/default/files/publications/19_1008_cisa_the-war-on-pineapple-understanding-foreign-interference-in-5-steps.pdf
11. Step 1: Start with a divisive issue
https://www.cisa.gov/sites/default/files/publications/19_1008_cisa_the-war-on-pineapple-understanding-foreign-interference-in-5-steps.pdf
12. Step 2: Mobilize social media
https://www.cisa.gov/sites/default/files/publications/19_1008_cisa_the-war-on-pineapple-understanding-foreign-interference-in-5-steps.pdf
13. Step 3: Begin the misinformation operation
https://www.cisa.gov/sites/default/files/publications/19_1008_cisa_the-war-on-pineapple-understanding-foreign-interference-in-5-steps.pdf
14. Step 4: Get noticed by mainstream media
https://www.cisa.gov/sites/default/files/publications/19_1008_cisa_the-war-on-pineapple-understanding-foreign-interference-in-5-steps.pdf
16. As cyber defenders, let’s control what we can
Foreign
Interference
Unproven
Allegations
Voter
Fraud
Conspiracy
Theories
Information
Operations
Cyber
Breaches
18. And let’s start now
with the things we
can do today
At MITRE, we solve problems for a safer world.
Through our federally funded R&D centers and
public-private partnerships, we work across
government to tackle challenges to the safety,
stability, and well-being of our nation.
19. Poll 2Which cybersecurity best practice do you use the most?
1. NIST Cybersecurity Framework
2. CIS Controls
3. ISO 27000 Series
4. MITRE ATT&CK
5. None of the above
20. Agenda
1. The most important things
2. The system and the pieces
3. What makes securing it so hard
4. MITRE’s recommendations
5. Solutions to start using now
26. Agenda
1. The most important things
2. The system and the pieces
3. What makes securing it so hard
4. MITRE’s recommendations
5. Solutions to start using now
34. Matthew Olney, Cisco Talos
Director, Threat Intelligenceand Interdiction
Election security can not be solved
just by looking at individual
components of the system.
35. Agenda
1. The most important things
2. The system and the pieces
3. What makes securing it so hard
4. MITRE’s recommendations
5. Solutions to start using now
43. Patterns of Communication
Protecting Connections
Authenticating Endpoints
Verifying Data
Network Segmentation
Firewalls
Intrusion Detection Systems
Device Access Control
Email, Web Content Filtering
Role-Based Access
Multifactor Authentication
Identity Management
Supply Chain Risk
Logging and Analysis
Vulnerability Scanning
Asset Management
Patch Management
Audits
Endpoint Security Services
Recovery Strategy
Backups
Continuity of Operations
1
2
2
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
20
21
22
19
1 Secure External Connections
2
Strengthen External and Internal Network
Defenses
3 Enhance Access Management
4 ImproveSystem Management and Monitoring
5
Facilitate Recovery and Ensure Continuity of
Operations
44. Patterns of Communication
Protecting Connections
Authenticating Endpoints
Verifying Data
Network Segmentation
Firewalls
Intrusion Detection Systems
Device Access Control
Email, Web Content Filtering
Role-Based Access
Multifactor Authentication
Identity Management
Supply Chain Risk
Logging and Analysis
Vulnerability Scanning
Asset Management
Patch Management
Audits
Endpoint Security Services
Recovery Strategy
Backups
Continuity of Operations
1
2
2
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
20
21
22
19
Actually
there’s 22
things...
45. Stephen R. Covey
“Most of us spend too much time on
what is urgent... and not enough time
on what is important.”
46. Poll 3Which of these is most vital for election integrity?
1. Secure External Connections
2. Strengthen Network Defenses
3. Enhance Access Management
4. Improve System Management and Monitoring
5. Facilitate Recovery and Ensure Continuity of Operations
53. Agenda
1. The most important things
2. The system and the pieces
3. What makes securing it so hard
4. MITRE’s recommendations
5. Solutions to start using now
54. 1 Secure External Connections
Patterns of Communication
Stealthwatch Cloud
Network Traffic Analysis
Comprehensive
visibility and analytics
Agentless deployment
with automated tuning
Network detection
and response
55. 2 Strengthen External and Internal Network Defenses
Email, Web, and Content Filtering
Umbrella and Email Security
Content Filtering
Protect users
everywhere with
DNS-layer security
Multiple security
services delivered
from the cloud
Layered email
defenses for
complete protection
56. 3 Enhance Access Management
Multifactor Authentication
Duo Security
Zero Trust Access
Modern, effective
multifactor
authentication
Protect any
application
on any device
Deploy easily
in any
environment
57. 4 Improve System Management and Monitoring
Privileged Endpoint Security Services
Advanced Malware Protection
Endpoint Security
Block Threats
Before Compromise
Continuous Detection
and Response
Secure and
Trusted Access
58. 5 Facilitate Recovery and Ensure Continuity of Operations
Recovery Strategy
Talos Incident Response
Proactive and Reactive IR Services
IR Readiness
Assessments
IR Plans and
Playbooks
Emergency Incident
Response