For Immediate Release
September 2, 2020
SILVER SPRING, MD – Today, the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Election Assistance Commission (EAC), released the Election Risk Profile Tool, a user-friendly assessment tool to equip election officials and federal agencies in prioritizing and managing cybersecurity risks to the Election Infrastructure Subsector.
The new tool is designed to help state and local election officials understand the range of risks they face and how to prioritize mitigation efforts. It also addresses areas of greatest risk, ensures technical cybersecurity assessments and services are meeting critical needs, and provides a sound analytic foundation for managing election security risk with partners at the federal, state and local level.
“There is no question the security of our election systems has vastly improved, thanks in large part to our election officials’ capability to understand where the risks lie in their systems and determine the most effective way to manage those risks,” said CISA Director Christopher Krebs. “Together with our partners at the EAC, we are constantly looking for ways to make the process of mapping out these risks easier and widely available for all of our partners. This is yet another tool to help support election officials to protect the 2020 elections and beyond.”
“The EAC has worked to expand our cybersecurity resources for election officials and the Risk Profile Tool serves as an important security enhancement for network protection,” said EAC Chairman Ben Hovland. “As federal partners, CISA and the EAC are committed to providing useful tools to assist election officials as they run secure, accessible and accurate elections.”
The Election Risk Profile Tool:
- Is a user-friendly assessment tool for state and local election officials to develop a high-level risk profile across a jurisdiction’s specific infrastructure components;
- Provides election officials a method to gain insights into their cybersecurity risk and prioritize mitigations;
- Accepts inputs of a jurisdiction’s specific election infrastructure configuration; and
- Outputs a tailored risk profile for jurisdictions, which identifies specific areas of highest risk and recommends associated mitigation measures that the jurisdiction could implement to address the risk areas.
This tool is funded through CISA’s National Risk Management Center’s Tech Transfer, which allows Federal investments to be used by partners to implement risk management programs. The tool is available on the EAC website. CISA’s election security tools and resources can be found on at www.cisa.gov/protect2020. The EAC’s resources including Election Security Preparedness resources can be found at www.eac.gov/election-officials/election-security-preparedness.
###
The U.S. Election Assistance Commission (EAC) was established by the Help America Vote Act of 2002 (HAVA). It is an independent, bipartisan commission charged with ensuring secure, accurate and accessible elections by developing guidance to meet HAVA requirements, adopting voluntary voting system guidelines, and serving as a national clearinghouse of information on election administration. EAC also accredits testing laboratories and certifies voting systems, as well as administers the use of HAVA funds. For more information, visit www.eac.gov.
Contact: Kristen Muthig