Center for Internet Security Issues Guide for Election Tech Suppliers, Identifying Threats and Mitigation Options
February 11, 2021
A new guide for providers of election-system technology “identifies the most common attack types on supply chains and provides an analysis of each election infrastructure component, the supply chain threats impacting them, and mitigation approaches,” according to the Center for Internet Security, which crafted the guidance including a five-step process for identifying and managing supply risk.
“The guide is intended to assist election technology providers in identifying the most significant cybersecurity supply chain risks for their products and choosing appropriate risk mitigation approaches for those risks. It also aids in the development and implementation of a meaningful supply chain risk management program,” according to a Wednesday release from CIS, which is home to the Multi-State ISAC and the CIS Controls and CIS Benchmarks.