DHS-funded EI-ISAC provides elections-focused cyberdefense help to the nation’s election offices, including counties'
In March, the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) opened for business to provide an elections-focused cyber defense suite to the nation’s election offices and the partners that support them.
Since 2016, election security has been at the forefront of the national discussion. In January 2017, the U.S. Department of Homeland Security (DHS) designated election infrastructure as a critical infrastructure subsector. This led to the formation of a subsector Government Coordinating Council (GCC) in partnership with the U.S. Election Assistance Commission, the National Association of Secretaries of State and state and local election officials.
The GCC worked with the Multi-State ISAC (MS-ISAC) to conduct a four-month pilot program with election offices in seven states, aimed at identifying products and tools for improving communications and protecting against cybersecurity threats affecting the election community. The pilot has now expanded into a nationwide effort including nearly all 50 states and over 450 local election offices.
Funded by DHS and part of CIS, an independent 501(c)3 non-profit organization, the EI-ISAC builds on the MS-ISAC’s model serving the cybersecurity needs of state, local, tribal and territorial governments. The EI-ISAC brings together state and local election officials in a collaborative effort to prevent, protect, respond and recover from cyber security incidents.
As a federally funded organization, the EI-ISAC provides:
- 24x7x365 security operations center
- incident response and remediation
- threat and vulnerability monitoring
- election-specific threat intelligence
- training sessions and webinars, with discounts on training and other products
- security best practice recommendations and tools
The Security Operations Center, SOC, a centralized and coordinated command center with well-trained analysts, is available to respond to cyber threats and questions surrounding security situations. Using a collection of tools, the SOC identifies threats and notifies election offices of cybersecurity threats affecting their jurisdiction.
Election officials and their staff have access to a range of focused products that address ongoing threats affecting the elections community and provide an understanding of the key cybersecurity issues and risks in the world today. Through a secure portal on the Homeland Security Information Sharing Network, EI-ISAC members can access documents and have an encrypted communication platform for discussing security issues.
CIS’ A Handbook for Elections Infrastructure Security (available at https://www.cisecurity.org/elections-resources) allows election officials to directly address risks and challenges with actionable guidance to improve the security of state and local election infrastructure. Through the CIS Secure Suite membership offered to all state, local, tribal, and territorial government agencies, EI-ISAC members have the tools available to begin implementing these key risk mitigations.
By forging relationships with the DHS Election Task Force, other federal partners, and election organizations, the EI-ISAC is the premier clearinghouse for election-related cyber threat intelligence. It provides insights to inform election officials’ security decisions.
As a membership organization, EI-ISAC’s partners have always said, its strongest part is the people. The ISAC’s philosophy is, “We can achieve more collectively, than we can individually.” To join the EI-ISAC, simply complete the registration form at https://learn.cisecurity.org/ei-isac-registration.