This weekend, DEF CON, the oldest continuously running hacker convention, convenes in Las Vegas, NV. The convention includes the Voting Village, which for the third year in a row, explores voting machines, systems, and databases, and aims to raise awareness about voting vulnerabilities and promote a more secure democracy. The following statement about DEF CON and the Voting Village can be attributed to Colorado Secretary of State Jena Griswold:
“Election cybersecurity has never been so crucial. Events like DEF CON serve an important role and remind us that as a nation, we must recognize and confront national security vulnerabilities. I am proud that Colorado is one of the most secure states to cast a vote in today – our voting machines are not connected to the internet, each vote has a voter-verified paper record, and we were the first state to implement risk-limiting audits. As a nation, we must remain vigilant to ensure that every American’s vote can be cast, counted, and audited without fear of interference.”
Colorado regularly does penetration testing by engaging with white hat hackers to test and improve the security of our systems. We include security controls and reporting requirements into our contracts with third-party companies and service providers. We require annual cybersecurity awareness training of every user, state and county, of the state’s election systems, and we were the first state to require multifactor authentication in addition to username and password login for every user.