Efforts underway to mitigate cyber risks facing US elections

  • Share:
September 04, 2019
McDonald Hopkins attorneys Hussein Jaward, CIPP/US and Michael Wise are providing this blog post to notify you about cybersecurity measures to be proposed and implemented during the next election.
With a little over a year until the next major U.S. election, states and the federal government are scrambling to prepare for cyber threats facing election systems. 

One proposed federal measure, the State and Local Government Cybersecurity Act of 2019, would authorize the U.S. Department of Homeland Security (DHS) to work with state and local chief information officers and election officials to coordinate the implementation of tools, products, resources, policies, guidelines, controls, and procedures to safeguard election systems.  The law would also allow DHS to conduct cybersecurity exercises with state and local authorities, and to provide those authorities with cybersecurity training and notifications concerning specific cyber threats.

A second proposed federal measure, the Protecting American Votes and Elections Act of 2019, would mandate paper ballots in federal elections and post-election “risk-limiting” audits, which have been described as being nearly as accurate as hand recounts.

Despite the urgency, it is unclear whether these and similar federal bills will gain the traction needed to be enacted. Nevertheless, in the face of stagnation on the federal level, some states have taken steps to address their election cybersecurity vulnerabilities on their own.  In June, for example, the state of Ohio issued an order directing its boards of elections to, among other things, undergo risk and vulnerability assessments in cooperation with DHS, and to provide staff with annual training on cybersecurity issues. Ohio has also made grant funding available to boards of elections to defray the cost of implementing high priority action items identified in a recent statewide election infrastructure cybersecurity assessment.

Importantly, all of this comes against the larger backdrop of major cybersecurity incidents that have rocked cities nationwide. In 2018, for example, the city of Atlanta experienced a ransomware attack that brought many of the city’s services, including the city’s municipal court system and online bill payment tool, to a stand still. 

As Election Day draws near, we expect similar and more robust cybersecurity measures to be proposed and implemented.

McDonald Hopkins’ national Data Privacy and Cybersecurity Practice Group will continue to monitor and report developments concerning these initiatives.
Visit the McDonald Hopkins Business Advocate blog regularly for more posts and learn how McDonald Hopkins’ attorneys can provide legal and business insight and collaboration.
About McDonald Hopkins
Founded in 1930, McDonald Hopkins is a business advisory and advocacy law firm with locations in Chicago, Cleveland, Columbus, Detroit, Miami, and West Palm Beach. With more than 50 service and industry teams, the firm has the expertise and knowledge to meet the growing number of legal and business challenges our clients face. For more information about McDonald Hopkins, visit
David Carducci, Communications Specialist
(216) 348-5814


Automation Alley
Company Awards/Honors
Company Milestone
Event Announcement
General News Article
New Office/Location
New Partnerships
New Product or Service Offering
Personnel Hires/Achievements/

Recent Automation Alley Press Releases


Stay in Touch

Subscribe to Automation Alley's emails and stay up to date on all things Industry 4.0!

Submit your online membership application and begin growing your business.