Clark State Community College will partner with the Clark County Board of Elections (BOE) to assess the technology equipment, policies and procedures prior to the upcoming Ohio general elections on November 6 this year.
“County BOEs were mandated to seek outside consultants to assist in a formal, structured IT security assessment process,” said Dan Heighton, professor of CyberSecurity/ Information Assurance and Computer Networking at Clark State.
The National Security Agency (NSA) and the Department of Homeland Security (DHS) have jointly sponsored the National Centers of Academic Excellence in Cyber Defense (CAE-CD) program. The program is focused on reducing vulnerability in our national information infrastructure by promoting higher education and research in cyber defense, while also producing professionals with cyber defense expertise.
“Several community colleges in Ohio were identified as resources that could provide these ‘Pathfinder’ services. Clark State was included on the list since we are a CAE2Y (DHS/NSA) designated institution, and the Clark County Board of Elections selected us to provide this service.”
In order to ensure county boards of elections have the support needed to meet recently released election security standards, Ohio Secretary of State Jon Husted announced the collaboration between his office and the state’s community colleges. This public partnership gives local election officials access to knowledgeable information technology (IT) professionals who will be able to help guide and assist them in complying with the cybersecurity requirements
“To maintain the integrity of our elections, we must constantly be working at both the state and local levels to innovate and improve our elections security measures,” Secretary Husted said. “While this can sometimes be a daunting task, Ohio’s two-year colleges are well-positioned and have the expertise to help us achieve these goals.”
On August 6, the Clark County Board of Elections met in public session to discuss and vote on a vendor for the Cyber Security Pathfinder mandated by the Secretary of State in the directive. The Board unanimously voted for Clark State Community College. This partnership will be funded by a grant received by the State for up to $30,000.
In the directive issued last month, the Secretary of State’s Office instructed county boards of elections to utilize the Center for Internet Security’s Elections Infrastructure Playbook to identify areas that IT and security improvements can be made. The directive also calls on boards to consult the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC) and the DHS for phishing campaign assessment and vulnerability scanning. Clark State and the Clark County Board of Elections together will develop and implement an Elections Infrastructure Security Assessment (EISA).
Heighton said all IT equipment, policies, procedures and processes will be assessed to ensure compliance with standard security operating guidelines. The assessment will be completed by October 15, 2018.
Heighton and Greg Teets, associate professor of CyberSecurity/Information Assurance and Computer Networking at Clark State, along with one adjunct instructor and a former Clark State student will comprise the assessment team. All tasks necessary to complete the assessment are shared amongst the team members.
“All assessed items will be determined to be compliant, non-compliant or in-process,” said Heighton. “Recommendations for mitigation will be made for areas that are found to be non-compliant. Once the assessment is complete, there is no ongoing involvement by Clark State.”