Election Cybersecurity

Cyber Security

 

Investing in New Systems

Cyber threats to our elections are the new normal. In 2016, federal intelligence officials were unanimous in their conclusion that foreign actors interfered in the U.S. Presidential Election. While there is zero evidence of any hack or breach of any type in California during the 2016 elections, our state has taken critical steps to implement additional safeguards to further secure our elections. In addition, the California Secretary of State is actively collaborating with multiple federal and state law enforcement agencies to ensure that Californians can register to vote, and vote, with confidence. Here’s how we’re safeguarding our elections:

  • The 2018-2019 state budget includes $134.3 million for counties to replace aging voting systems. Fully leveraged by a dollar-for-dollar match from counties, this will result in $268.6 million toward improvements for election equipment.
  • This is the first significant funding towards voting systems in California in 15 years.
  • California received $34 million from the Elections Assistance Commission as the final disbursement of money from the Help America Vote Act. This money is being spent starting this year.

Protecting Election Infrastructure:

  • Since 2016, we’ve conducted agency-wide security assessments and upgraded firewalls, servers, and rolled out additional 24/7 security monitoring tools.
  • California has one of the most strenuous voting system testing and certification programs in the country. Any new voting systems in California must receive certification and undergo months of testing, including functional testing, source code review, red team security testing that involves experts trying to “break into” the voting system, and accessibility and volume testing.
  • California has required that every ballot must either be paper or have a voter-verifiable paper audit trail.
  • Elections officials conduct a manual audit of a random 1% of ballots to ensure vote count machines are accurate.

Office of Elections Cybersecurity and Enterprise Risk Management:

  • The California Legislature appropriated an unprecedented $3 million to combat misinformation and strengthen cybersecurity by establishing The Offices of Elections Cybersecurity and Enterprise Risk Management within the Secretary of State.
  • Our Communications Department will add additional staff, social media monitoring software and a first-ever public education campaign to urge voters to be vigilant about misinformation on social media.
  • Enterprise Risk Management Office will coordinate efforts between the Secretary of State and local elections officials to enhance cyber attack prevention capabilities and establish improved cyber incident response.

Partnering with Federal and Local Partners:

  • We continually work with federal, state, and local partners—including The Department of Homeland Security, The Federal Bureau of Investigation, The California Department of Technology, California Office of Emergency Services, California Highway Patrol, and county elections officials—to share information and best practices.
  • Our office has hosted cybersecurity trainings and security drills for county elections officials.
  • We’ve visited fusion centers to better coordinate in the event of a cyber threat or emergency incident.

How voters can help

  • Vote. The best response to attempts at disruption or misinformation campaigns that discourage voting is participation.
  • Be vigilant about the election information you consume and share on social media. Make sure that you receive your elections information from local county elections officials and the California Secretary of State’s office.