IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Rhode Island Lawmakers Push Election Cybersecurity Assessment

With the cybersecurity mishaps of the 2016 presidential election in mind, Rhode Island lawmakers have proposed a bill to do a cybersecurity assessment of its election systems to prevent future cyber attacks.

The Rhode Island capitol building.
Conducting a cybersecurity assessment of Rhode Island’s election systems could soon fall to the secretary of state, if Gov. Daniel McKee signs a recently proposed bill by state lawmakers.

According to Rep. Deborah Ruggiero, D-74, the bill aims to create a proactive plan to prevent future ransomware and cyber attacks against the state’s election systems and provide training to canvassers to deal with cyber incidents.

“This bill is timely and relevant as it allows the secretary of state and the board of elections to take actions to enhance our election security,” Ruggiero said. “We saw firsthand in the 2016 election how the democratic process came under attack — through social media and technology.”

During the 2016 presidential election, issues such as bots posing as social media users to spread false information and the U.S. Senate Intelligence Committee finding that Russia employed over 1,000 people to create fake accounts to spread anti-Hillary Clinton rhetoric raised cybersecurity concerns.

Because of incidents like these, she said, cybersecurity has become an adversary that’s everywhere, impacting various industries throughout the country, including businesses, education and government.

However, in Rhode Island’s case, no cyber incidents have been reported.

“Although there has not been an incident in Rhode Island,” Ruggiero said, “the purpose is to avoid any cybersecurity threats and mitigate any risks.”

To achieve this, the cybersecurity assessment laid out in the bill will focus on evaluating the state’s voter registration system, voting equipment, mechanisms to transmit election results, electronic poll books and security of facilities.

It will also create an election systems cybersecurity review board to oversee the assessment process. The board will include the secretary of state, the executive director of the board of elections, the executive director of the Rhode Island League of Cities and Towns, a representative of the Rhode Island National Guard, a representative from the Rhode Island State Police and a representative from the Division of Information Technology.

Once assembled, the review board would be required to issue a report with recommendations to improve the cybersecurity of the election systems no later than two months before a statewide primary election.

To implement the recommendations found in the report, a cybersecurity incident response group will be created to establish communication protocols in the event of a cybersecurity breach.

According to the bill, these protocols include creating a list of potential cybersecurity breaches that would require reporting; state and local entities covered within the communication plan; mechanisms to communicate a cybersecurity breach; and a primary contact at each agency or public body.

“As secretary of state, one of the most interesting parts of the job is upping my skill and understanding of cybersecurity issues,” Secretary of State Nellie Gorbea said. “Up to now, the state has been working on the good faith of people, but at some point, we need to codify some of these relationships to prevent and mitigate risks.”

In addition to mitigating risks, Gorbea said, the bill would also help state and local governments stay vigilant and prepared.

“We are on the cusp of really having to rethink the key structure of local and state government from a cybersecurity perspective,” she said. “I think what this is going to do is secure state and local government’s information technology systems and protect the state’s election systems.”
Katya Diaz is a staff writer for Government Technology. She has a bachelor’s degree in journalism and a master’s degree in global strategic communications from Florida International University.