Client background
This client is a state government division working to develop a cybersecurity program to maintain the integrity of their election infrastructure.
The business challenge
The HAVA Election Security Fund appropriations, authorized under Title I Section 101 of the Help America Vote Act (HAVA) of 2002, marked the first new appropriations for HAVA grants since 2010. This funding provided states with additional resources to secure and improve their election systems. The appropriations of these funds provided the client the opportunity to implement cybersecurity projects to enhance the state and counties election infrastructure.
The client needed to design and implement a cybersecurity program that would enhance the state and counties’ cyber posture while addressing the challenge of ransomware attacks at county voter registration and election offices. This cybersecurity program also needed to identify key themes regarding cybersecurity risk at the county level.
Strategy and solution
The client selected Baker Tilly to help survey local election officials and election vendors to identify challenges and opportunities, develop a cybersecurity program road map and project manage the initiatives that were prioritized on the road map.
Baker Tilly, in concert with Baker Tilly’s cybersecurity practice, first conducted a Statewide Health Check that was based on questions and themes from the National Institute of Standards and Technology (NIST), Cybersecurity Framework (CSF), Department of Homeland Security Self-Assessment Security Tool and Election Center Security Checklist while leveraging industry and election best practices and procedures. The Statewide Health Check identified a major challenge that most counties did not have an intrusion detection and prevention system in place. Working with the selected cybersecurity solution provider, Baker Tilly project managed the deployment of threat detection and prevention tools that were installed in county networks.
Through this deployment, counties are now able to:
- Identify and detect signature-based ransomware to stop possible incidents
- Actively monitor and track bad actors within their environments
- Leverage this information to share with other election and security intelligence officials and information technology vendors, should action need to be taken
The implemented early detection systems now provide major benefits to counties targeted by malware that can save them downtime, network and data recovery costs and help mitigate bad actors from holding county systems and data hostage.