At the Federal Level
Physical and cyber security at the national level is largely provided through the Department of Homeland Security (DHS), with information gathered through the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA) and other resources.
To better understand and protect the nation against cyber threats, the Department of Homeland Security formed the Cybersecurity and Infrastructure Security Agency (CISA), acting as a “risk advisor” and collaborating with industry and government partners to defend against today’s threats and build a more secure infrastructure. Anyone can visit the Department of Homeland Security’s CISA to find out what’s happening at the national level and how to be cyber smart.
The Center for Internet Security (CIS) is a non-profit entity that works with the global IT community to safeguard both private and public sector organizations against cyber threats. CIS is home to both the Multi-State Information Sharing and Analysis Center (MS-ISAC), the go-to resource for government entities for cyber threat prevention, protection, response, and recovery, and the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), which supports the cybersecurity needs of for state and local government election agencies.
The Multi-State Information Sharing and Analysis Center (MS-ISAC) is the main hub for collaboration and information sharing about cyber threats to improve the overall cybersecurity of state and local governments. Their mission is to identify, protect, detect, respond and recover from attacks on critical public and private systems. The MS-ISAC has a 24-hour watch and warning center that monitors and disseminates key information about threats in real time, shares how to identify and reduce vulnerabilities, and offers outreach and education to help enhance the nation’s security.
The Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) supports the cybersecurity needs of the elections subsector. Here, election agencies gain access to an elections-focused cyber defense suite, including sector-specific threat intelligence and cybersecurity awareness and training products, access to the 24-hour Security Operations Center for ongoing incident response and remediation, threat and vulnerability monitoring, and tools for implementing security best practices. The EI-ISAC is supported by the MS-ISAC and builds on its success.
At the State Level
Physical and cyber security at the state level is largely provided through the California Secretary of State, with information gathered from the federal government along with the California Office of Emergency Services, California Highway Patrol and other resources. In 2018, California’s State Legislature established the Office of Elections Cybersecurity and the Office of Enterprise Risk Management, setting aside millions of dollars to increase efforts to combat misinformation and improve cybersecurity in California.
The Elections Cybersecurity Communications Department develops election information-correction campaigns, improves outreach to communities in rural and urban areas, and assists county elections officials and voters with up-to-date information about potential threats. The Enterprise Risk Management Office coordinates efforts between the Secretary of State and local elections officials to expand cyber-attack prevention capabilities and establish improved cyber incident response.
Visit the Secretary of State’s website for more information about their Election Cybersecurity programs and to watch videos about election security in California.
The California Association of Clerks and Elections Officials (CACEO) is a professional, non-partisan organization of local election administrators charged with conducing elections in the 58 counties in the State of California. CACEO’s goal is to provide a voice for election officials at the state and national level and to foster relationships and share information to sustain and improve upon California’s elections infrastructure. Annual conferences and certification programs offer ongoing education and training, including sharing of ideas, local programs and “best practices” and inviting guest subject-matter experts that can expand knowledge, provide guidance and improve how election officials manage physical and cyber security, among other election administration concepts.