Iowa secretary of state announces new election cybersecurity initiative

Iowa Secretary of State Paul Pate is launching a new cybersecurity initiative ahead of the 2020 general election, inviting security researchers to test Iowa's election systems for vulnerabilities.

Pate announced the creation of a Vulnerability Disclosure Program in a news release on Thursday. Iowa is partnering with Bugcrowd, a San Francisco-based company that provides crowdsourced cybersecurity.

“We already have a strong infrastructure in place, but election cybersecurity is a race without a finish line,” Pate said in the release. “We are bolstering our cyber maturity by allowing responsible testing and reporting of our systems to the private sector.”

Kevin Hall, a spokesperson for the secretary of state's office, said the program's $60,000 annual cost will be paid through federal Help America Vote Act Election Security Funds.

Pate said that more than 50 researchers have already partnered with his office on the initiative. The secretary of state's office has created a new web form that allows researchers to provide information about vulnerabilities present in potential targets, such as the secretary of state's website. The program also includes penetration testing, Hall said.

“Our latest partnership with Bugcrowd is yet another proactive measure we are taking to ensure our elections are cyber secure,” Jeff Franklin, chief cybersecurity officer for the secretary of state’s office, said in the release. “We look forward to actively engaging the private security researcher community so we can strengthen our systems and ensure Iowa continues to be a leader in elections and cybersecurity.”  

Stephen Gruber-Miller covers the Iowa Statehouse and politics for the Register. He can be reached by email at sgrubermil@registermedia.com or by phone at 515-284-8169. Follow him on Twitter at @sgrubermiller.

Your subscription makes our journalism possible. Subscribe today at DesMoinesRegister.com/Deal.