Election Security in the 21st Century

For Americans, voting is a source of great pride. It is a vital constitutional right that ensures every citizen’s voice is heard. As a result, it is of upmost importance that voting is protected, fortified and secured for every individual.

What is Election Security?

Voting is a multi-step process. Beforehand, applicable voters will register to vote in person, by mail or online. On election day, registered voters will cast their votes via in-person ballot or absentee voting. As this happens, officials will record and count each vote to determine who the upcoming elected representative will be. Much of this process in the twenty-first century takes place through integrated technology, rather than by paper ballots.

Election IT infrastructure is varied and expansive. However, it typically includes:

  • Voter registration databases
  • IT infrastructure used to count, audit and display election results
  • Voting systems and associated IT systems
  • Polling locations[1]

Election Security in the 21st Century Blog Preview Image 2022State and local governments’ role in elections is to manage and secure election infrastructure, reduce risks and ensure the integrity of elections, provide a process for certifying voting equipment and disbursing funds for upkeep of voting equipment.[1] This ensures that votes will be counted and reported to determine the correct candidate. However, one vital and often overlooked component of election security is voter confidence. If voters are distrustful of voting infrastructure, then the government is not properly fulfilling its duty to the public.

How to Secure Voting

Because of the recent Russian hacking of voting databases, the publics’ anxiety surrounding voting security has been at an all-time high. While there was no evidence of voting alteration, bad actors did target vulnerabilities in every US state.[2] Additionally, since there was no verified paper trail of votes, there was no way to ensure that no alterations took place in the systems.

For most of the early 2000s, Direct Recording Electronic voting machines (DREs) were utilized by 28% of voters in state and local governments.[2] With the Help America Vote Act of 2002, most antiquated machines were replaced with this newer technology. At the time, DREs helped voting officials count ballots immediately and unambiguously. However, recent safety concerns call these systems into question. Due to the absence of a backup, if the electronic memory is hacked and tampered with, there is no direct way to go back and see that. As a result, companies shifted to using record verified technology.

One such technology is Secure Transparent Auditable Reliable (STAR) voting. These open-source software machines produce both an electronic and paper trail, which helps with verification and audit of votes. The simplicity and affordability of STAR technology make it straightforward and cost-effective for taxpayers. By combining both the technological benefits of DREs and the security benefits of paper voting, the machines can allow voters and election officials certainty in upcoming elections.

Cybersecurity Infrastructure Spearheading the Charge

On October 18, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) published a series of tactics and defenses agencies can use to combat misinformation and bad actors. CISA, which is responsible for strengthening US cybersecurity and infrastructure protection, recommends these to state, local and other government officials, as well as its private sector partners, to prevent against election disinformation. With the help of technology from specialized agencies, elections can remain secure and reliable.

Carahsoft and our partners can help state governments, local government officials and private sector election infrastructure partners combat these threats by facilitating the acquisition of new voting technology and other vital cybersecurity resources.

  1. Cybersecurity assessments are a great way to evaluate operational resilience in IT systems. This can include cyber hygiene scanning, risk and vulnerability assessment, phishing assessment tools, penetration testing tools and cyber resilience.
  2. Tools are employed that continuously monitor and prevent against cyberattacks are critical to a detection and prevention strategy. Continuous Diagnostics and Mitigation (CDM) tools enable organizations to continuously analyze data, as well as to flag any suspicious activity for moderator attention. A 24/7 incident response analysis can accelerate the handling of threats.
  3. Tools that allow stakeholders to examine best plans and procedures help officials identify areas for improvement, share best practices and enhance preparedness against security threats.
  4. Organizations must strive for awareness of the latest tactics used by bad actors and therefore should connect with regional directors, cybersecurity advisors and protective security advisors for information sharing and support. Agencies such as the National Cyber Awareness System (NCAS) or Department of Homeland Security provide alerts and programs on election security health and are accessible to election officials.
  5. Agencies should consider education and career development in cybersecurity and infrastructure protection.[3] Through training in end user security, analyst breaches, and vendor certification, employees can be knowledgeable about potential threats.

A More Perfect System

With the increase of skepticism in election cybersecurity, STAR voting technology and government agencies double down to ensure that voters feel confident and secure. With a definitive paper trail, as well as aid to cyber hygiene, the upcoming elections can renew trust in voting in every county and at every level.

For more information on election security and IT fortification visit Carahsoft’s Cybersecurity Solutions.


[1] “Election Security,” U.S. Department of Homeland Security,

[2] “This U.S. Election Could Be the Most Secure Yet. Here’s Why. | 2020 Elections,” The New York Times,

[3] “Election Infrastructure Security,” Cybersecurity & Infrastructure Security Agency,

Related Articles