Analyzing Security Threats to Mail-Based Systems for Electoral Processes

Wed. 5 October 2022 11:00 am

Join us on Wednesday, October 5 at 11 am EST for the SRA Webinar, “Analyzing Security Threats to Mail-Based Systems for Electoral Processes” with Dr. Natalie M. Scala.

Despite significant research on security of elections equipment, little is known regarding
internal and external threats to voting processes and the relative likelihood or strength
of those threats. This talk provides an overview of ongoing work related to securing the
integrity of votes cast by mail. We discuss impacts to elections security related to
COVID-19, including definition of new threats to mail-based voting and updating an
established attack tree (EAC 2009) for mail-based voting. We develop a process map
and identify cyber, physical, and insider threats to the mail-based voting process. We
then develop a methodology for assessing threat and calculate relative likelihood for
threat scenarios based on a scoring rubric and approach developed by Du and Zhu
(2013). Nodes on the process map are evaluated for threat, and we illustrate the model
using the State of Maryland as a case study. The goal of this research is to better
understand how voting system vulnerabilities develop and how the dramatic shift to
mail-based voting can impact threat so that mitigations can be designed to secure the
integrity of votes cast. This webinar focuses on a forthcoming article in Risk Analysis
and is joint work with Dr. Josh Dehlinger, Dr. Paul Goethals, Isabella Bloomquist,
Betelhem Jilcha, and Yeabsira Mezgebe.

Dr. Natalie M. Scala is an associate professor and director of the graduate programs in supply
chain management in the College of Business and Economics at Towson University. She earned
Ph.D. and M.S. degrees in industrial engineering from the University of Pittsburgh. Her primary
research is in decision analysis, with specialization in military and security issues, including risk
in voting systems, attack trees and strength of threat in mail voting, integrity of votes throughout
the supply chain, poll worker education, and cybersecurity metrics and best practices. She co-
directs the Empowering Secure Elections research lab, which defines threats to voting as
systemic and an interplay between cyber, physical, and insider sources. Her work in elections
security earned a University System of Maryland Board of Regents Award for Excellence in
Public Service, the system’s highest faculty honor. In conjunction with Anne Arundel County,
Maryland, her work in cybersecurity and threat training for poll workers received a U.S.
Elections Assistance Commission Clearinghouse Award for Outstanding Innovation in Election
Cybersecurity and Technology. Dr. Scala frequently consults to government clients and has
extensive professional experience, to include positions with Innovative Decisions, Inc. / ITA
International, the United States Department of Defense, and the RAND Corporation. She co-
edited the Handbook of Military and Defense Operations Research and Mathematics in Cyber
Research, both released by CRC Press in 2020 and 2022, respectively. She is an associate editor
for Military Operations Research and is a Past President of the Military and Security Society of