IT professionals concerned about election data integrity
ISACA survey shows majority of IT professionals are concerned about secure, reliable election processes
The vast majority of information professionals are concerned about the ability of public sector officials to protect the data integrity of election processes, according to ISACA.
Only 4% of global respondents to an ISACA survey, and 2% of respondents in the US, were not concerned about the ability of the public sector to conduct secure, reliable and accurate elections.
Eighty-five percent of global respondents, and eighty-six percent of US respondents, said they were concerned about electoral processes and their data integrity.
The data, taken from ISACA's 2018 Smart Cities Survey, highlights the need for information security practitioners to be involved in the supporting government in electoral processes, says Rob Clyde, the ISACA board chair.
Writing in an ISACA blog post, Clyde said: "While audit, governance, risk and information security professionals are charged with many important responsibilities, helping to solidify the data integrity of elections is among the most vital. In the US and around the world, fair and trustworthy elections are an indispensable component of free societies. Losing trust in the outcomes of elections would lead to a level of discord that would have a profoundly destabilizing impact."
Clyde said that the US should ensure that the government dedicates enough resources to ensure the appropriate people, processes and technology are in place to ensure the integrity of electoral processes. He also notes that the US Task Force on Election Security, which included cybersecurity and election infrastructure experts, recommended that election results are audited fully to limit future vulnerabilities and strengthen public trust in the process in future.
He also suggests that blockchain technology may be an answer to election security.
"Blockchain has the ability to secure a permanent record that is timestamped and signed, and can therefore not be altered in any way," Clyde wrote. "Developing this cyberattack-resilient database could prove to be a critical step toward mitigating any potential manipulation or voting fraud."