The National Institute of Standards and Technology (NIST) has issued draft guidelines meant to help election officials protect election systems from cyber attacks. The Draft Cybersecurity Framework Election Infrastructure Profile applies the NIST Cybersecurity Framework’s principles to election platforms, including voting machines, voter registration databases and related networks, NIST said Monday.
Gema Howell, one of the guide’s authors from NIST, said the draft publication is structured in a way that can help with any election system.
“We start by helping you think about the election objectives you want to accomplish,” Howell said. “Then we help you think through how to prioritize your cybersecurity needs based on those objectives. Once you’re there, we provide informative resources to mitigate your cybersecurity risks.”
NIST worked with industry and government experts to develop the guide, including the Election Assistance Commission (EAC), voting system manufacturers and the Cybersecurity and Infrastructure Security Agency (CISA).
Comments on the draft guidelines are due May 14.