Analyzing Security Threats to Mail-Based Systems for Electoral Processes

Wed. 5 October 2022 11:00 am

Join us on Wednesday, October 5 at 11 am EST for the SRA Webinar, “Analyzing Security Threats to Mail-Based Systems for Electoral Processes” with Dr. Natalie M. Scala.

Despite significant research on security of elections equipment, little is known regarding internal and external threats to voting processes and the relative likelihood or strength of those threats. This talk provides an overview of ongoing work related to securing the integrity of votes cast by mail. We discuss impacts to elections security related to COVID-19, including definition of new threats to mail-based voting and updating an established attack tree (EAC 2009) for mail-based voting. We develop a process map and identify cyber, physical, and insider threats to the mail-based voting process. We then develop a methodology for assessing threat and calculate relative likelihood for threat scenarios based on a scoring rubric and approach developed by Du and Zhu (2013). Nodes on the process map are evaluated for threat, and we illustrate the model using the State of Maryland as a case study. The goal of this research is to better understand how voting system vulnerabilities develop and how the dramatic shift to
mail-based voting can impact threat so that mitigations can be designed to secure the
integrity of votes cast. This webinar focuses on a forthcoming article in Risk Analysis and is joint work with Dr. Josh Dehlinger, Dr. Paul Goethals, Isabella Bloomquist, Betelhem Jilcha, and Yeabsira Mezgebe.

Dr. Natalie M. Scala is an associate professor and director of the graduate programs in supply chain management in the College of Business and Economics at Towson University. She earned Ph.D. and M.S. degrees in industrial engineering from the University of Pittsburgh. Her primary research is in decision analysis, with specialization in military and security issues, including risk in voting systems, attack trees and strength of threat in mail voting, integrity of votes throughout the supply chain, poll worker education, and cybersecurity metrics and best practices. She co-directs the Empowering Secure Elections research lab, which defines threats to voting as systemic and an interplay between cyber, physical, and insider sources. Her work in elections security earned a University System of Maryland Board of Regents Award for Excellence in Public Service, the system’s highest faculty honor. In conjunction with Anne Arundel County, Maryland, her work in cybersecurity and threat training for poll workers received a U.S.
Elections Assistance Commission Clearinghouse Award for Outstanding Innovation in Election Cybersecurity and Technology. Dr. Scala frequently consults to government clients and has extensive professional experience, to include positions with Innovative Decisions, Inc. / ITA International, the United States Department of Defense, and the RAND Corporation. She co-edited the Handbook of Military and Defense Operations Research and Mathematics in Cyber Research, both released by CRC Press in 2020 and 2022, respectively. She is an associate editor for Military Operations Research and is a Past President of the Military and Security Society of INFORMS.