Let’s get tough on cybersecurity for elections now

I don’t believe in asking for permission when the Iowa Legislature has already given me the power and/or the duty to get the job done.  That’s why I’m questioning why Iowa Secretary of State Paul Pate @IowaSOS is slow to push for cybersecurity relating to Iowa’s elections infrastructure.  Please recall Iowa was targeted, but not hacked in 2016 – close to 2 years ago.

The Iowa Official Register states:  Secretary Pate is the Chief Elections Officer for Iowa.  Secretary Pate is also the chairman of the bipartisan Voters Registration Commission. The commission oversees policies and procedures related to Iowa’s voter registration system.

The 2013-2014 edition of the Register indicates the Secretary of State “… prescribes uniform election practices and procedures.”  This is accomplished via Chapter 721 of the Iowa Administrative Code, which gives the Secretary the authority to mandate requirements or fill in the gaps when the Legislature has not been specific enough to ensure uniformity among, e.g., Iowa’s 99 county commissioners of elections.

In a face-to-face meeting on 5/4/2018, I asked Secretary Pate to mandate two things:

1> Require all counties accessing the statewide voter registration system to meet minimum cybersecurity standards; and

2>  Require all users of the statewide voter registration system to complete Securing the Human training which is offered for free by the State.

It’s not enough for the Secretary and his staff to talk about “best practices” related to elections infrastructure.  It’s time to start mandating minimum requirements for the devices and people accessing Iowa elections infrastructure.

The June primary election is less than 30 days away.  The general election is less than 6 months away.  “Secretary Pate!  Let’s get tough on cybersecurity for elections now!”  – Joel D. Miller – Linn County Auditor

%d bloggers like this: