This CISA resource provides a critical set of questions to help election personnel and their IT teams assess and strengthen their cybersecurity posture against common threats, including phishing, ransomware, and Distributed Denial of Service (DDoS) attacks. It emphasizes core security measures, including the mandatory use of Multi-Factor Authentication (MFA), implementation of Malicious Domain Blocking and Reporting (MDBR), and the maintenance of encrypted offline backups. The checklist serves as a decision-making guide to identify security gaps and implement low- or no-cost resilience measures—such as network segmentation and patch management plans—to protect infrastructure such as voter registration databases and election night reporting websites.
View Resource