Market Overview

Denim Group Works with Election Officials to Improve Security Infrastructure Ahead of Mid-Terms


Cyber Security Company Supports State and Local Agencies to Assure
Confidence in Election Systems

Denim Group today announced their role in assisting state and local
election officials in improving their security infrastructure ahead of
the 2018 mid-term elections. States throughout the country are facing
the prospect of nation-state interference in the mid-term elections and
while the federal government can influence, train and provide financial
support, the burden to vet and implement strategies for defense falls to
administrators at the state and local levels in their exclusive
governance over elections. Against limited time and resources, these
administrators are now responsible for closing the gap between
historically ample security and the present day need to defend against
highly capable nation-state attacks that seek to undermine confidence in
the United States' election infrastructure.

In order to support this new requirement, the 2018 Omnibus Spending Bill
included a $380 million infusion from Congress intended for use by
States to improve their election processes and technologies. Although
$380 million sounds like a large number, once divided by 50 states the
number becomes far more modest. Additionally, election officials realize
that they have a limited amount of time to put these Federal dollars to
work. They are left to prioritize their needs and to choose the
technology that they believe will be beneficial in protecting them
against some of the most capable threat actors in the world.

Nation-state attacks are the means to an end in a broader campaign of
disinformation and deception that attempt to undermine confidence in the
entire election. Denim Group can provide resources and recommendations
for state and local agencies looking to improve election security
infrastructure for 2018 and beyond. The company understands the gravity
of implications that any kind of nation-state attack could have on
election infrastructure and their goal is to help states transform the
administrative function of an election and prepare for the potential
that each state could be on the receiving end of a nation-state cyber

"Election night is the most fragile component of the voting
infrastructure," said John Dickson, Principal of Denim Group.
"Nation-state attackers do not need to tip the scale in order to
compromise the results. A simple DDoS attack on an election reporting
website is enough to create the perception of disruption and undermine
the confidence of the entire election. We encourage election
administrators to openly communicate with state and local press before
election night in order to avoid the misconception of a critical attack."

Given the high potential for disruption, Denim Group is working with
election officials to identify serious election system vulnerabilities
so that they can focus their efforts. In order to make states as
resilient as possible, part of Denim Group's services involve
implementing technologies and practices that put states on a path to
positive, long-term security posture. By providing security assessments
of voter registration databases and other fixed voter infrastructure,
states and counties will be better prepared to identify the largest
holes that could be exploited in the mid-term elections. Denim Group is
also working with secretaries of state and local administrators to shore
up election night reporting infrastructure to ensure resistance against
denial of services and social engineering attacks.

For more information on what Denim Group is doing to help state
officials secure their voting systems and databases, visit Denim Group's Election
Security Center

About Denim Group

Denim Group is the leading independent application security firm,
serving as a trusted advisor to customers on matters of application risk
and security. The company helps organizations assess and mitigate
application security risk. Denim Group's flagship ThreadFix platform
accelerates the process of application vulnerability remediation,
reflecting the company's rich understanding of what it takes to fix
application vulnerabilities faster.

View Comments and Join the Discussion!