To help tighten the security of Indiana’s voting process and shore up voter confidence, state legislators have awarded Indiana University $301,958 to partner with the Indiana Secretary of State’s Office to review and improve the state’s election cybersecurity incident response plan. These funds are part of a one-time $10 million appropriation for election security that had been budgeted by the Indiana General Assembly during the legislative session.
Led by the IU Center for Applied Cybersecurity Research, or CACR, the team of IU experts will help prepare election officials in all 92 Indiana counties for cybersecurity incidents related to the 2020 general election and beyond. IU’s election security team is formidable, with nearly two decades of cybersecurity experience and significant experience with incident response planning internally and consulting nationally.
“IU is honored to offer to the Secretary of State’s office expertise in securing the 2020 elections,” said Von Welch, CACR director and IU executive director for cybersecurity innovation. “Our team includes folks who are not only used to dealing with computer incidents but also public safety incidents—situations that might happen at a football game, for instance. We’re bringing all of this experience to bear to help Indiana’s counties form their own plans for responding to computing incidents, both leading up to Election Day, right after, and beyond.”
The project will have three parts:
creation and delivery of a suite of materials and table-top training events prior to the 2020 elections, including a series of regional “boot camps” with county clerk offices to train election officials about how to respond to different forms of cyberattacks, such as phishing, phone scams and impersonation calls.
ongoing consulting with Indiana’s Secretary of State and county clerks during the 2020 election season
post-election documentation of lessons learned and recommendations for the future
IU has significant experience in training a variety of audiences in cybersecurity issues. For example, in September 2018, IU hosted a workshop at the IU Washington D.C. Advancement Center. The event, titled “Making Democracy Harder to Hack,” brought together a variety of academics, government officials, NGO leaders, and business people from the US and Australia.
In addition to CACR, the IU contingent includes experts from across the university: the Research and Education Networks Information Sharing and Analysis Center (REN-ISAC), Cybersecurity Clinic, and the Office of the Vice President for IT.
About cybersecurity at IU
IU has unique cybersecurity operational, academic, and research programs that make it a quiet powerhouse.
IU’s first-of-its-kind OmniSOC provides around-the-clock cybersecurity operations to reduce the time from first awareness of a cybersecurity threat anywhere to mitigation everywhere for members. The Research and Education Networks Information Sharing and Analysis Center (REN-ISAC) serves over 620 member institutions within the higher education and research community. REN-ISAC promotes cybersecurity operational protections and response. IU’s Cybersecurity Clinic provides cybersecurity training to government, businesses, individuals, and not-for-profits.
Three top-ranked IU schools—the Luddy School of Informatics, Computing, and Engineering, the Kelley School of Business, and the Maurer School of Law—offer cybersecurity graduate and undergraduate degrees and certificates. IU also offers a new interdisciplinary online master’s degree in cybersecurity risk management.
About IU Center for Applied Cybersecurity Research
The Center for Applied Cybersecurity Research is a Pervasive Technology Institute research center based at Indiana University. CACR has been working since 2003 to provide the nation with leadership in applied cybersecurity technology, education, and policy. CACR leads operational programs, such as Trusted CI, the National Science Foundation Cybersecurity Center of Excellence, and the ResearchSOC, which help protect more than $7 billion in national research.
CACR’s applied research, funded by the National Science Foundation, the Department of Homeland Security, the Department of Defense, and others, identifies and addresses difficult cybersecurity problems facing public and private communities, while inviting continued collaboration to foster greater innovation and creativity.