United States elections security has been particularly scrutinized over the past few years. While most media attention has been paid to foreign interference, attention must also be paid to the processes and equipment at polling places on Election Day. This ongoing research project aims to enhance election security by developing and deploying election educational modules that will increase security of the State of Maryland’s election process. This project was supported by BTU—Partnerships at Work for Greater Baltimore as well as the School of Emerging Technologies. Our team includes Towson University professors Dr. Natalie Scala and Dr. Joshua Dehlinger; students Lorraine Black, Aikaterini Ieromonahos, Yeabsira Mezgebe, and Vincent Schiavone; and recent alumnae Saraubi Harrison, Katerine Delgado Licona, and Megan Price.
Empowering Election Judges through Training
Through this research, we aim to increase cybersecurity awareness by training Election Judges on cyber, insider, and physical threats and mitigations that pertain to their specific role within the elections process. In partnership with the Harford County Board of Elections, we developed training modules for Check-In, Provisional, and Scanning Unit Judges and both piloted and assessed them via Towson University’s Cyber4All website. As a research graduate assistant, I was given the opportunity to be a part of this research project from its beginning. This included creating the training modules, meeting with involved parties, gathering data, performing analyses on gathered data, and aiding in the synthesis of results. The contribution in knowledge that I have helped create will empower Election Judges to be the strongest first line of defense in elections security.
We empower Election Judges to take an active, visible role in election security and encourage adoption of the developed training modules across the entire state. The more aware Election Judges are to threats that pertain to their specific role(s) on Election Day and the more knowledgeable they are to properly handle these threats, the more secure our elections can be.
Developing Cybersecurity Election Training Modules
The creation of the cybersecurity election training modules began with a thorough analysis of the Election Judge Manual, which details current rules and processes that Election Judges must follow. The manual was then cross-referenced with previous research on threats to elections performed by our team (Price, et al., 2019; Locraft, et al., 2019). This research identified specific cyber, insider, and physical threats that are present in Maryland’s election processes. Of the threats identified, a review was conducted to determine whether the Election Judge Manual provided mitigations and/or solutions. Surprisingly, we found that there were a number of issues and threats that were not addressed by the manual. To this extent, the need to educate Election Judges on security information they cannot access via the Election Judge Manual, or during Election Judge training, is imperative.
The need to further educate Election Judges of potential role-specific cyber-security threats provides the benefit that follows the phrase, “the more you know”. If an Election Judge is aware of a threat, the more likely they will be able to identify and mitigate it, thus enhancing election security. However, if one is unaware, the more opportune the potential cyber-security threat is to be realized.
To ensure Election Judges learn from the training modules, each module was supplemented with intermittent assessments, including multiple-choice questions that an Election Judge must answer correctly in order to complete the module. However, to measure if participants learned from the modules, we created a pretest and posttest during the piloting and assessment period. The pretests and posttests were identical and covered potential threats and mitigations presented in the training module. The goal was for participants to receive a higher score in the posttest than the pretest, indicating the effectiveness of the module. After the modules and questionnaires were created, we proceeded to collect data. Our analysis shows, with statistical significance, that posttest scores for the Election Judges increased, providing support that they do indeed learn about cyber, physical, and insider threats by interacting with our training modules.
As a research graduate assistant, the opportunity to have a leading role in a research project from start was invaluable. I grew immensely as a student and as a researcher. During the creation of the educational election modules and gathering data, I used previously learned hard and soft skills such as cross referencing and effective communication. However, it was while performing data analysis that I learned a multitude of approaches to analyze multiple-choice questions.
The data analysis techniques and research processes I learned during this research project have begun to prepare me for the next step in my academic career: a quantitative PhD program in Operations, Process Management, or Humanitarian Supply Chains. Having been a part of this research project since its start has given me a front row seat as to how research is done. The research process has also allowed me to see how research requires overcoming various challenges while strategically collaborating. While research can be hectic, and analyses can prove frustrating at times, no creation of knowledge is too small. Our contribution will improve cyber-security within Maryland’s election process; I am grateful to have contributed to the creation of knowledge on how to do so. Our hope is that this work reinforces citizen trust in the election process.
Locraft, H., Gajendiran, P., Price, M., Scala, N. M., & Goethals, P. L. (2019a). Sources of risk in elections security. Proceedings of the 2019 IISE Annual Conference, tinyurl.com/LocraftEtAl2019
Price, M., Scala, N. M., and Goethals, P. L. (2019). Protecting Maryland’s Voting Processes. Baltimore Business Review: A Maryland Journal, 36-39, tinyurl.com/PriceEtAl2019