“We support the EAC receiving the financial and administrative support needed from Congress to enhance the federal testing and certification program by conducting additional and more rigorous penetration testing of voting.” – Tom Burt, ES&S CEO and president
ES&S Supports Federal Requirements for Independent Security and Penetration Testing of U.S. Voting Systems
ES&S CEO states: “Programmatic testing performed by independent security experts helps ensure equipment stays ahead of threats, and it helps increase voter confidence.”
OMAHA, Nebr. – May 16, 2023 –Election Systems and Software (ES&S) strongly supports fortifying the nation’s election infrastructure cybersecurity and improving voter confidence by requiring security and penetration testing as part of voting machine certification. Bipartisan legislation recently introduced in the U.S. Senate would bolster this type of testing, allowing researchers to simulate cyberattacks and search for vulnerabilities.
The Strengthening Election Cybersecurity to Uphold Respect for Elections through Independent Testing—or SECURE IT—Act was introduced by Sens. Mark Warner, D-Va., and Susan Collins, R-Maine. It requires the U.S. Election Assistance Commission (EAC) to mandate that systems applying for certification undergo penetration testing.
For years, ES&S has articulated its support of and has voluntarily taken part in testing by independent researchers.
“In 2019, we asked Congress to introduce mandated programmatic security testing. We support the EAC receiving the financial and administrative support needed from Congress to enhance the federal testing and certification program by conducting additional and more rigorous penetration testing of voting systems,” ES&S President and CEO Tom Burt said in Congressional testimony in January 2020. “This testing must become mandatory for elections providers and must be managed at the federal level with standards and testing methods that are applied evenly and diligently to equipment from all providers.”
Burt’s June 2019 op-ed called for a more robust testing program that requires all voting machine suppliers submit their systems for independent programmatic security testing conducted by vetted and approved researchers. It also called for mandating a paper record of each voter’s selections, as physical paper records allow jurisdictions to perform statistically valid post-election audits.
“ES&S has long supported and taken part in independent testing of its elections equipment,” said Burt. “Programmatic testing performed by independent security experts helps ensure equipment stays ahead of threats, and it helps increase voter confidence in the overall security of elections. I appreciate Senator Warner’s and Senator Collins’ work to further secure our nation’s elections.”
A copy of the press release from Sen. Mark Warner’s office is available here, the bill is available here and a one-page summary is available here.