DES MOINES, IOWA (October 16, 2020) — Secretary of State Paul Pate has extended Iowa’s election cybersecurity partnerships to include private industry leaders such as Cisco, FireEye, and Microsoft. These companies bolster Iowa’s election infrastructure to ensure the integrity of the system remains strong. These private sector collaborations supplement the Secretary of State’s partnerships with local, state, and federal agencies, such as the Iowa National Guard, the Department of Homeland Security, and the FBI, giving Iowa’s elections robust cybersecurity protections at every level.
“We have doubled down on our cybersecurity efforts this year with leaders in the cybersecurity industry,” Sec Pate said. “Protecting the integrity and security of state’s elections requires a massive team effort, and we’re working with public and private entities to build the strongest team possible. I am confident, and the public should be reassured, that we are taking all of the necessary steps to protect their vote in all 99 counties.”
Filtering e-mail, detecting malware, threat-hunting, and incident-response are all core components of any mature cybersecurity program. By partnering with FireEye, the Office of the Iowa Secretary of State is more prepared now than it has ever been to detect, prevent and respond to a cybersecurity incident.
“We applaud Sec Pate and the Iowa Secretary of State’s Office for the proactive measures they’ve been taking to bolster election security,” said Ron Bushar, Senior Vice President of Government Solutions at FireEye. “By establishing a flexible-yet-robust incident-response capability with our Mandiant experts, Iowa is better prepared to respond quickly to election security cyber-threats should they arise — before, during, and after the election. Building in this system integrity and resiliency is critical as states prepare for the fast-approaching 2020 presidential election and beyond.”
Assessing and understanding cybersecurity risks is a crucial endeavor for every organization. The Secretary of State’s Office was pleased to partner with the CISCO Talos team to perform a thorough assessment of the Iowa’s elections system in advance of the 2020 elections. Cisco’s holistic review added valuable and objective insight into adversary threats and tactics, as well as methods to ensure protection of crucial components.
"We appreciate the opportunity to work with Sec Pate's staff, county auditors, and others who are working together to provide a secure and fair election for Iowans,” said Matt Olney, Director of Threat Intelligence and Interdiction at Cisco Talos. “We share the goal of securing the Iowa voting system. We learned a great deal from our time in Iowa and are grateful for the opportunity to have shared our expertise on the tactics of foreign adversaries, growing role of disinformation, and best practices we’ve observed in election security.”
Communication and collaboration are critical when coordinating with all 99 counties in advance of an election. The Secretary of State’s Office leveraged Microsoft SharePoint, Teams, and Teams Meetings accounts to improve planning efforts, as well as collect and disseminate information to all 99 county auditors. Video-conferencing, chat-messaging, information-sharing, and surveying contribute to a complete platform for remote communications.
Earlier this year, Sec Pate hired Jeff Franklin to serve as the Chief Cybersecurity Officer for the Secretary of State’s Office. Franklin served as Iowa’s Chief Information Security Officer for the previous 10 years and has been recognized on the state and national level for his leadership and initiatives in the cybersecurity field.
“The Iowa Secretary of State’s Office has a mature cybersecurity program and we continue to build on that foundation every day,” Franklin said. “By partnering with industry leaders like Microsoft, Cisco, and FireEye, we continue to commit to protecting our elections and the integrity of the public’s vote.”
Sec Pate’s Office received the IDEAS Award from the National Association of Secretaries of State in 2019 for its “Roadmap to Election Cybersecurity” initiative. Election cybersecurity is a race without a finish line, and Sec Pate continues to find innovative ways to strengthen Iowa’s cybersecurity. Earlier this month, Iowa became the second state in the nation to launch a Vulnerability Disclosure Program, inviting independent security-researchers to test Iowa’s election system.