About this series: NCSL hosted legislators and legislative staff in December 2023 to answer common questions surrounding election processes and options, with an eye toward bill drafting in 2024 and beyond. Experts delved into topics ranging from absentee and mail voting and the role of poll watchers to technology and maintaining clean voter rolls. State Legislatures News broke down the questions and answers to help inform lawmakers on the intricacies of elections. Check Elections Q&As for Lawmakers often for more information.
The Expert: Ben Hovland, commissioner, U.S. Election Assistance Commission
In the ever-evolving landscape of U.S. elections, cybersecurity is a critical concern for officials nationwide. With high-profile incidents and the spread of misinformation, the integrity of the election process has never been more scrutinized.
“The challenge of cybersecurity is a daily concern for election officials,” Hovland says. “Thankfully, resources from federal partners like the Election Assistance Commission and the Cybersecurity and Infrastructure Security Agency provide a strong foundation for best practices and training to strengthen our defenses.”
Top Two Takeaways
- Federal agencies like the U.S. Election Assistance Commission can provide resources, best practices and training to help election officials enhance cybersecurity.
- Innovative state programs demonstrate the importance of adapting cybersecurity measures to meet the diverse needs of jurisdictions.
The EAC, a bipartisan agency created in the aftermath of the controversial 2000 presidential election, plays a pivotal role in distributing grants, setting voting system guidelines, and serving as a knowledge hub for election administrators.
"Election administration is a complex task with many moving parts, of which security is just one—albeit a critical one," Hovland says. "Cybersecurity, in particular, has become a focal point, with the EAC providing tools and guidelines to protect against threats."
One such innovative approach to election cybersecurity is Illinois’ Cyber Navigator Program, which Hovland highlights as a pioneering solution that acknowledges the unique needs of jurisdictions, regardless of size. “This program allows states to extend cybersecurity expertise to counties by offering regional support, which is especially vital for locations that cannot afford their own dedicated cyber professionals,” he says.
In discussing the advances in election administration, Hovland emphasizes the importance of resources in implementing cybersecurity measures. “Best practices are invaluable, but without the necessary funding, they cannot be effectively put into place,” he says.
The EAC’s initiatives include a series of quick-reference security checklists that address more than just cyber threats. “Physical security measures are part of the cybersecurity puzzle,” Hovland says. “For instance, it is a best practice to ensure voting systems are not internet-connected, but safeguarding the physical access to these machines is also essential.”
Reflecting on the rapid pace of technological change, Hovland notes the recent comprehensive update to the EAC’s election management guidelines, the first in 15 years. “Technology’s role in elections has expanded so significantly that it can’t be confined to a single chapter—it’s an integral part of the entire election process,” he says.
Hovland also acknowledges the role of AI in the future of election security, predicting that it will become increasingly relevant in combating cybersecurity challenges.
“Investing in our election cybersecurity is crucial,” he says. “If election officials are unable to replace antiquated or unsupported systems in a timely fashion, additional vulnerabilities and risks to the system are created. If election administrators are unable to hire sufficient technical support staff or provide sufficient training to existing staff, this too has real consequences.”
Lesley Kennedy is NCSL’s director of publishing and digital content.