Part 4: IT Product & Service LifecyclePoor IT procurement can undermine other positive efforts to manage cybersecurity risk. Cybersecurity outcomes are driven by the details of IT systems and their implementation at each stage of the IT product’s or service’s life. The normal lifecycle for IT products involves hardware and software development, integration, patching, service and maintenance, and end-of-life transition. Security vulnerabilities can emerge at any point in the IT lifecycle and may be difficult to detect and eliminate later. When planning a procurement, you must think about this full lifecycle that begins before the procurement and ends well after it. Each of these items has implications for the IT procurement process. Only through quality hardware, software, and services procurements can you expect to have success managing cybersecurity risk throughout the election process. Any deficiencies in design, implementation, integration, or configuration can lead to vulnerabilities that can be identified and exploited by malicious actors.
Information Hub : Elections Resources
Media mention • 15 Nov 2019
Media mention • 13 Nov 2019
Blog post • 12 Nov 2019
Advisory • 12 Nov 2019