• Skip to main content

ITSecurity.org

Technology Security Controls

  • Main
  • Products
  • Services
    • Compliance-Services
      • ISO27001 Compliance
      • ISO22301 Compliance
      • ISO27002 Compliance
      • Data-Protection
      • GDPR
      • PCI-DSS Services
    • Identity and Access Management Services
      • IAM Design
      • IAM Policies & Standards
    • Incident Management Services
      • Emergency Incident Response
      • Forensic Support
      • Incident Response
    • Information Security Services
      • Information Security Consultancies
      • Information Security Governance Services
      • Information Security Policies & Standards
    • IT Risk Management Services
      • Risk Management Framework
      • Auditing
    • IT Security Consulting Services
      • IT Security Governance Services
      • IT Security Policies and Standards
    • Additional Security Services
      • Managed Security Services
      • Mobile Security
      • Network Security Services
    • Physical Security Services
      • Physical Security Reviews
    • Policies and Standards Services
    • Programme and Project Services
    • Risk Management Services
      • Risk Management – Framework
      • Risk Management Acceptance & Waivers
    • Security Awareness Services
      • Security Awareness – Phishing Responses
      • Phishing Responses
      • Security Awareness Training – Rebranded Security Training
      • Security Awareness Training – Generic
    • Security Design Services
      • All Security Design and Architectural Services
      • Cloud Security Review
      • Security Appliance Design and Configuration
    • Security Metrics Services
    • Technical Security Assessment Services
      • Penetration Testing – Our Penetration Test Services
      • Database Security – Databases and Repositories
      • Application Security Code Testing
      • Application Security Services
    • Third-Party and Supplier Assurance Services
      • Third and Supplier Party Assurance Methodology
      • Third and Supplier Party Assurance Review
      • Joint Venture Due Diligence
  • Security Digest
  • FAQ
  • Contact Us

election security

Can we safeguard the election infrastructure from cyber attacks?

June 15, 2020 by ITSecurity.Org Ltd

Filed Under: CyberAttack, cybersecurity, election security, Featured news, IT Security, News, survey, threats, Venafi

Arlo: An open source post-election auditing tool

November 22, 2019 by admin

The Cybersecurity and Infrastructure Security Agency (CISA) is teaming up with election officials and their private sector partners to develop and pilot an open source post-election auditing tool ahead of the 2020 elections.

The tool, known as Arlo, is being created by VotingWorks, a non-partisan, non-profit organization dedicated to building secure election technology.

About Arlo

Arlo is open source software provided free for state and local election officials and their private sector partners to use.

The tool supports numerous types of post-election audits across various types of voting systems including all major vendors.

Arlo provides an easy way to perform the calculations needed for the audit: determining how many ballots to audit, randomly selecting which ballots will be audited, comparing audited votes to tabulated votes, and knowing when the audit is complete.

The first version of Arlo is already supporting pilot post-election audits across the country, including several from this month’s elections.

Some partners of this pilot program include election officials in Pennsylvania, Michigan, Missouri, Virginia, Ohio, and Georgia. Additional partners will be announced in the coming weeks.

Improving post-election auditing

CISA’s investment is designed to support election officials and their private sector partners who are working to improve post-election auditing in the 2020 election and beyond.

“Heading into 2020, we’re exploring all possible ways that we can support state and local election officials while also ensuring that Americans across the country can confidently cast their votes,” said CISA Director Christopher Krebs.

“At a time when we know foreign actors are attempting to interfere and cast doubt on our democratic processes, it’s incredibly important elections are secure, resilient, and transparent. For years, we have promoted the value of auditability in election security, it was a natural extension to support this open source auditing tool for use by election officials and vendors, alike.”

“We’re very excited to partner with CISA to develop Arlo, a critical tool supporting the implementation of more efficient and effective post-election audits. Because Arlo is open-source, anyone can take it and use it and anyone can verify that it implements audits correctly,” said Ben Adida, Executive Director of VotingWorks.

Filed Under: auditing, CISA, Don't miss, election security, Featured news, IT Security, News, Open Source, Usa