As those of us who work in the elections space know, reviewing your security posture periodically is not only best practice, it is crucial for keeping the data entrusted to us safe. The NIST 800-53 publications offer a comprehensive set of standards and questions for your review. Yes, over 400 questions is certainly a lot. But they dive into very specific topics which have been proven to be helpful as you set up your “fence” around your environment. If you don’t compare yourselves to the NIST 800-53 standards, be sure you have SOME sort of robust check on your entire elections environment.
“NIST 800-53 is a security compliance standard created by the U.S. Department of Commerce and the National Institute of Standards in Technology in response to the rapidly developing technological capabilities of national adversaries. It compiles controls recommended by the Information Technology Laboratory (ITL).” (from the NIST 800-53: A Guide to Compliance)
Have you ever been to an escape room? This entertainment destination started popping up a few years ago. In this place, you and your friends are locked inside a themed room and must search for clues to learn how to get out. It takes teamwork, flexibility and creativity to win.
Have you ever thought of your election precincts as a “flipped version” of an escape room? In this scenario, it’s your job to keep the “bad guys” out. There are clues all around, if you know how to read them. These clues can be used with teamwork, creativity and flexibility, to create havoc.
It’s not just the practice of answering the questions which will prove valuable. Yes, you will probe areas deeper than you may have in the past. But you will also need to bring your team together, so you will MALL own the security of your election space and process.
“The standards from NIST are a critical part of safeguarding your election ecocycle,” says Soch Customer Service Manager Scott Whitlock. “While rigorous, they ensure that vital security checkpoints are being met.”
If you are looking for a tool to help you complete a healthy self-assessment, Integra’s Election Ecocycle has a strong Security and Compliance module. After completing your self-assessment, you will see your security posture displayed via a heat map. We know that all standards are important, but not all standards have equal impact. This helps you identify areas which need your highest attention, so that you can have the safest election environment possible.