Election Security Insights From Former Federal CISORetired Brigadier General Greg Touhill on Taking a Multifaceted Approach
Retired Brigadier General Gregory Touhill, who was appointed by President Obama as the first CISO of the federal government, spells out what he sees as the essential steps for fighting against Russian meddling in this year's midterm elections.
For example, for voter registration, he says, "you want to make sure we have integrity in the process so only those who are eligible to vote can. ... We need to make sure that we have very strong authentication not only of the folks who are registering to vote but also for [those who access] the database that has the enrollment records.
Voting machines need to be protected with physical security, but, just as important, the entire software supply chain for the devices needs to be guarded, he stresses in an interview with Information Security Media Group.
Touhill argues, however, that perhaps the safest approach to voter tabulation is to rely on paper ballots. "I'm not a big fan of electronic voting because frankly I have not found a means of securing that vote that meets my satisfaction," he says.
Regarding Russia's use of social media campaigns to influence U.S. politics, the retired military officer notes that such propaganda campaigns have been "part of their doctrine for decades."
So what's Touhill's advice for addressing Russia's covert election interference?
"The best way to combat that is a free and open press," he stresses. "A free and open press is one of the best defenses against influence operations because the press is exceptionally good at ferreting out falsehoods."
In this interview (see audio link below photo), Touhill also discusses:
- Implementing the "zero trust" approach to cybersecurity;
- Securing the election process;
- Thwarting Russia's efforts to influence U.S. elections.
Touhill was selected by President Obama as the U.S. government's first CISO. His other civilian government service includes serving as the deputy assistant secretary for cybersecurity and communications in the U.S. Department of Homeland Security and as director of the National Cybersecurity and Communications Integration Center, where he led national programs to protect the United States and its critical infrastructure. Touhill, a retired Air Force brigadier general, now serves as president of Cyxtera Federal Group, an IT consultancy serving federal agencies.