Denim Group has been acquired by Coalfire. Learn More>>

Denim Group Works with Election Officials to Improve Security Infrastructure Ahead of Mid-Terms

SAN ANTONIO–(BUSINESS WIRE)–Denim Group today announced their role in assisting state and local election officials in improving their security infrastructure ahead of the 2018 mid-term elections. States throughout the country are facing the prospect of nation-state interference in the mid-term elections and while the federal government can influence, train and provide financial support, the burden to vet and implement strategies for defense falls to administrators at the state and local levels in their exclusive governance over elections. Against limited time and resources, these administrators are now responsible for closing the gap between historically ample security and the present day need to defend against highly capable nation-state attacks that seek to undermine confidence in the United States’ election infrastructure.

In order to support this new requirement, the 2018 Omnibus Spending Bill included a $380 million infusion from Congress intended for use by States to improve their election processes and technologies. Although $380 million sounds like a large number, once divided by 50 states the number becomes far more modest. Additionally, election officials realize that they have a limited amount of time to put these Federal dollars to work. They are left to prioritize their needs and to choose the technology that they believe will be beneficial in protecting them against some of the most capable threat actors in the world.

Nation-state attacks are the means to an end in a broader campaign of disinformation and deception that attempt to undermine confidence in the entire election. Denim Group can provide resources and recommendations for state and local agencies looking to improve election security infrastructure for 2018 and beyond. The company understands the gravity of implications that any kind of nation-state attack could have on election infrastructure and their goal is to help states transform the administrative function of an election and prepare for the potential that each state could be on the receiving end of a nation-state cyber attack.

“Election night is the most fragile component of the voting infrastructure,” said John Dickson, Principal of Denim Group. “Nation-state attackers do not need to tip the scale in order to compromise the results. A simple DDoS attack on an election reporting website is enough to create the perception of disruption and undermine the confidence of the entire election. We encourage election administrators to openly communicate with state and local press before election night in order to avoid the misconception of a critical attack.”

Given the high potential for disruption, Denim Group is working with election officials to identify serious election system vulnerabilities so that they can focus their efforts. In order to make states as resilient as possible, part of Denim Group’s services involve implementing technologies and practices that put states on a path to positive, long-term security posture. By providing security assessments of voter registration databases and other fixed voter infrastructure, states and counties will be better prepared to identify the largest holes that could be exploited in the mid-term elections. Denim Group is also working with secretaries of state and local administrators to shore up election night reporting infrastructure to ensure resistance against denial of services and social engineering attacks.

For more information on what Denim Group is doing to help state officials secure their voting systems and databases, visit Denim Group’s Election Security Center.

About Denim Group

Denim Group is the leading independent application security firm, serving as a trusted advisor to customers on matters of application risk and security. The company helps organizations assess and mitigate application security risk. Denim Group’s flagship ThreadFix platform accelerates the process of application vulnerability remediation, reflecting the company’s rich understanding of what it takes to fix application vulnerabilities faster.