In a move to shore up cybersecurity for election systems across the state, Washington's OSOS has taken matters into its own hands. On Tuesday, Steve Hobbs, the Washington Secretary of State Office, announced that the state will cover the MS-ISAC membership fees for all 39 county auditors and election offices. This initiative promises enhanced sharing of threat intel and boosts incident response capabilities.
The MS-ISAC, which serves a network of over 18,000 government entities, is now the cybersecurity ally for Washington's local elections. Hobbs highlighted the crucial task of protecting elections at the local level, where they're actually run. “Protecting election security at the local level where our elections are conducted is one of our top priorities as an office. By providing MS-ISAC membership for all of our county partners, we ensure they have continued access to cybersecurity services,” he said. Despite federal cutbacks, the state is stepping up to back its counties, particularly those underserved in terms of cyber resources, aid that's, become increasingly vital as digital threats evolve, as stated by the Washington Secretary of State Office.
Previously, these counties had resources via the EI-ISAC, but with those funds curtailed by DHS in April, it's the MS-ISAC stepping into the breach. There are 15 out of 39 counties in Washington previously identified as lacking in cybersecurity, and this switch aims to not leave them in the digital dust without low-cost options, as per the Washington Secretary of State Office.
To top off these security enhancements, the OSOS is also updating critical hardware — the state will upgrade Albert sensors, crucial devices in detecting and alerting against adverse cyber activities, with a service-level agreement ensuring quick maintenance and replacements. According to the Washington Secretary of State Office, "These devices will be leased by the OSOS, which ensures timely replacement under a service-level agreement; far faster than what could be achieved through the state procurement process." It's a strategic move designed to enhance the state's monitoring and defensive capabilities, in an era where cybersecurity isn't optional, it's obligatory.
