Posts

U.S. Not Ready for Online Voting, Stick to Mail-In Ballots

American democracy is resilient. From its rebuilding after our civil war to recovering from the Great Depression, America has been able to overcome the largest of obstacles. However, 2020 gives us unprecedented challenges that will test this resilience. Central to our country’s recovery from this pandemic will be ensuring the foundation of our democracy remains intact: free and fair elections.

Despite the current news cycle, our election system is very resilient because of our forefathers’ design. State and local governments distribute and implement elections individually, leading to different procedures and regulations within each jurisdiction, which creates independent – or segmented — operations.

In the cyber world, segmentation is central to digital resilience. A segmented network can help organizations minimize damage from some of the most advanced forms of cyberattacks by preventing them from overtaking the entire network. The independent orchestration of our elections is very similar. However, COVID-19 presents a conundrum: keeping people physically distant is profoundly challenging with in-person voting.

So, how do we combat this issue?

A few states are beginning to explore online voting to help citizens maintain social distance and ensure their franchise. The CARES Act even allows states to use some of the funds to pursue online voting systems. However, while online voting holds promise, there is simply not enough time to roll out a secure, vetted system before November’s elections. Plus we still haven’t repaired the issues that our 2016 elections revealed about the vulnerabilities of our existing online systems. America’s election process remains extremely vulnerable to cyberattacks. In fact, last December Valimail confirmed only 5% of the country’s largest voting counties are protected against email impersonation and phishing scams. Specifically, this vulnerability was found in Arizona, Florida, North Carolina, Pennsylvania, Michigan and Wisconsin, six key swing states in this upcoming election cycle. This vulnerability opens a door to bad actors that could allow voting data to be stolen, manipulated or deleted in 95 percent of the highest populated counties in the nation.

Luckily, we have a solution that’s already in place, accessible nationwide, resilient and in a sense, “un-hackable”: absentee voting by mail.

For decades, absentee ballots have been the bridge connecting those who are unable to make it to the polls on election day. Now, it can be the cornerstone for everyone. While filing for an absentee ballot can be an arduous process, states are now making it more accessible. For example, Michigan is automatically sending absentee ballot applications to every resident to both encourage social distancing and support democratic participation. This supports secure, offline elections with segmentation still in-play. Additionally, an overwhelming majority of Americans support expanding access to voting by mail. Recognizing that any change is difficult, 16 states delayed their primaries, which illustrates the urgency to act now so we can move onto the general election by November.

In these unprecedented times, we must support all efforts to ensure our elections remain fair, free and guaranteeing each citizen’s franchise. While we have the technology and the ideas necessary to move to completely online elections, that can and should only happen when it’s secure and tested accordingly. In these pressing times, there is no bandwidth to do so. However, the $2 trillion stimulus package  included $400 million for states to prevent, prepare and plan for COVID-19’s impact on the 2020 elections. This amount is a significant step in the right direction, but a full roll-out of voting by mail, let alone ensuring secure online voting would require a much larger investment. I urge lawmakers at both the state and federal level to embrace mail-in ballots. We need to ensure this year’s elections are available to every citizen, whether they are practicing social distancing or fully quarantined and without fear that exercising their franchise will expose them to a deadly illness. We can maintain the resiliency of our country and our elections and our health with mail-in ballot elections. We just need the will to do so.

The new cybersecurity resilience

SC Magazine | May 1, 2020

Is your cybersecurity posture resilient enough to survive a pandemic? You’re about to find out.

The quick spread of COVID-19 has lent urgency to that mission and underscored the importance of building resilience. “Cyber, or digital resilience should be considered essential – like water, gas, and telephone/internet. Maintaining essential services that keep the lights on, keep people operating in their roles, and keep the digital world safe from attack is critical,” says RedSeal CEO Ray Rothrock, who penned the book Digital Resilience: Is Your Company Ready for the Next Cyber Threat?

Podcast: US Election Interference Happening Right Now, Virus Plans and more from RedSeal

The Top | April 8, 2020

Ray Rothrock joins Nathan Latka on the latest episode of “The Top.” Prior to RedSeal he was a general partner at Venrock, one of RedSeal’s founding investors. At Venrock he invested in 53 companies including over a dozen in cybersecurity including Vontu, PGP, P-Cube, Imperva, Cloudflare, CTERA, and Shape Security. He is on the board of Check Point Software Technology, Ltd. an original Venrock investment, and Team8, both Tel Aviv–based companies.

Cybersecurity Canon Book Review: “Digital Resilience”

Palo Alto Networks Blog | February 27, 2020

I got into cybersecurity because I read books like Winn Schwartau’s “Information Warfare,” William Gibson’s “Neuromancer” and Cliff Stoll’s “Cuckoo’s Egg.” These books gave me a very balanced view of what cybersecurity could be, even though no one called them cyber in the 90s. Until I got Ray Rothrock’s book, “Digital Resilience,” I didn’t have a book I was comfortable with suggesting as a great first read to the next generation of cyber professionals.

If you’ve recently been put in charge of IT or IT operations and didn’t grow up in cyber over the past 20 years, “Digital Resilience” is for you. This book is also equally useful for new CEOs, CFOs or board members who need to understand cyber risk without getting overwhelmed with IT technology or the defeatism of “hackers and nation-states will always get in, so why bother.”

Book Review: Digital Resilience, by Ray Rothrock

Tag Cyber | November 1, 2019

By Edward Amoroso

There was a time in America, decades ago, when one would feel obliged to possess a good working knowledge of science and technology to be considered a well-rounded adult. This is how physicists like Einstein became mainstream celebrities, attending film openings with Charlie Chaplin, and being hailed for scientific contributions. Years later, NASA engineers were treated accordingly, especially by young people hoping to someday design rockets.

Cyber Attacks Are Inevitable. How Do We Protect Ourselves?

Supply Chain Brain | November 1, 2019

RedSeal CEO Ray Rothrock joins Bob Bowman, managing editor of SupplyChainBrain, to discuss cybersecurity and protecting ourselves with resilience.

The SupplyChainBrain Podcast features in-depth conversations with industry practitioners, academics, consultants and other experts on every aspect of supply-chain management and international trade.

7 Technology Books Every Entrepreneur Should Read

Forbes | October 8, 2019

Malware, ransomeware, phishing attacks, viruses…are just some of the cyberthreats facing society. And they are getting more destructive.

What to do? Well, Ray Rothrock–who is a venture capitalist and is on the board of Check Point Software–has some solid answers. In his book, he goes over key areas like assessing networks, identifying threats and how to spruce up defenses. He also stresses that security can never be 100% but there are still actions to take that will greatly increase the odds of avoiding a hack.

Are You Ready for a Digital Doomsday?

Kotecki On Tech | September 16, 2019

“How do you recover from an attack and not go down?”

His answer: apply a resilience mindset from the physical world to deal with digital danger. 

Cybersecurity is Failing—Time for a Reset?

Blog InfoSec | August 26, 2019

Digital Resilience: What You Can Do – Now

Tau Beta Pi – The Bent | June 18, 2019 (Page 14)