The role of cybersecurity in this year’s US presidential election

Disclaimer: The views and opinions expressed in this blog are those of the author(s) and may not reflect the official policy or position of Excelsior College. Excelsior makes no claim regarding the suitability of the content for all audiences.

There's no shortage of concerns people have regarding the 2016 U.S. presidential election – namely, with the candidates themselves. The campaign trail has been riddled with controversy, aggressively opposing views and sensitive topics – and it seems the stakes have never been higher. Of the many hot-button issues being discussed – other than immigration laws and health care policies, just to name a few – are cybersecurity and national threat intelligence. Over the past year or so, there has been an influx of security breaches and cyberattacks across organizations at every level – from hospitals and financial institutions to Fortune 500 companies and government agencies. 

In a recent article for The Hill, Blackberry Security Director Alex Manea offered just some examples of these incidents, such as the Office of Personnel Management breach, which exposed the confidential information over more than 21 million people, and also when both Presidential Nominee Hillary Clinton and the Democratic National Committee email archives were leaked.

"The threat of cybercriminals can't be over stated – and certainly shouldn't be overlooked."

Voting system security vulnerabilities
Cybersecurity comes into play during this election on multiple fronts. And as CSO magazine pointed out, one of the most notable examples is with the voting process. Earlier this year, hackers breached voter registration systems in both Arizona and Illinois. Malcolm Harkins, chief security and trust officer at Cylance, a network security company, explained to the source that it is not too far-fetched to be worried about the information security risks that that could cause serious disruptions to the voting process – or election outcome. 

The problem is many electronic voting systems are outdated – worlds away from the advanced capabilities of today's advanced hackers. As CSO noted, a report published by the Institute for Critical Infrastructure Technology revealed electronic voting systems used today, for the most part, "are nothing but bare-bone, decade-old computer systems that lack even rudimentary endpoint security."

The fact that state election systems have been breached indicates a more serious problem with our nation's cybersecurity and the critical role it plays in the future of America. Without end-to-end protection and stronger safeguarding strategy, it is going to be difficult for voters this year to feel confident their information is safe and that the outcome of the election will be true and fair. RedSeal CEO Ray Rothrock told CSO this issue won't be corrected if organizations keep using the same tired approach to security – using a patchwork system for updating outdated models. Instead, he explained, new solutions require taking a strategic approach. 

On the other hand, Harkins added the primary concern shouldn't be so much about hackers changing votes (though this is certainly a possibility) as it should be about them halting the ability to cast one altogether. For example, areas that rely primarily on electronic systems could find themselves suddenly shutdown by hackers, making it difficult for residents to vote – or simply delay it long enough that they become so frustrated they decide not to at all. 

Cybersecurity has become a national threat.Cybersecurity has become a national threat.

Presidential candidates: Stance on cybersecurity
The risk of cyberattacks will remain long after a new president takes office. Cyber incidents pose severe threats – not only to our economic stability and health, but to our personal privacy as safety as well. According to Forbes data Manea cited, the estimated annual costs of cyberattacks on the U.S. economy has jumped from $100 billion to a whopping $2.1 trillion between 2013 and 2019.

The threat of cybercriminals cannot be overstated – and it certainly should not be overlooked. As Manea said, cyberattacks are likely going to be the future vector of warfare. Already, the Internet of Things and rapid proliferation of digital devices have radically transformed the world in which we live and how we live in it. We no longer have to leave our homes to go grocery shopping, pay bills or attend meetings. And now criminals don't have to leave their homes to commit a crime, nor do terrorists to wage war.

Given the significant risk cyberthreats pose, it's important for people to consider the role these issues play in this upcoming election – and more specifically, the stance the candidates have on it. Manea offered some insight on this matter: Simply put, it seems that, although both presidential nominees have focused their attention toward establishing stronger lines of security with China, neither have expressed particularly detailed plans for how they plan to ensure national threat intelligence and cybersecurity. 

"One area professionals can control is cybersecurity awareness and training at their organization."

Continuing IT and cybersecurity education
At The National Cybersecurity Institute, our mission is to help people, businesses and organizations achieve the greatest level of information security and computer protection possible. Although there are still many uncertainties when it comes to this year's presidential election and the future of cybersecurity, the one thing that professionals can exercise some control over is the safeguarding of their own critical operations.

However, to position an organization in a way that best prepares its staff for incident response and risk mitigation, it is imperative that business executives make cybersecurity education a priority. Take a look through our wide range of IT certification preparation courses, such as the EC-Council Certified Chief Information Security Officer (C|CISO), and cybersecurity specialty training that offer the kind of in-depth and up-to-date information and best practices needed to prevent breaches.