Elections Industry-Special Interest Group Coordinated Vulnerability Disclosure Program White Paper
By IT-ISACBack to Training & Resources
This paper highlights the election systems manufacturer’s voluntary efforts to establish an industry framework that identifies, assesses, and mitigates potential vulnerabilities in election systems. This joint industry initiative will serve as the evolutionary basis for a Coordinated Vulnerability Disclosure (CVD) program, assuming that its goals can be adapted and synchronized with state and federal testing and certification programs. This paper considers and explores:
● How a coordinated vulnerability disclosure program can help ensure the security of voting systems.
● How voting system testing and certification processes can support the voluntary adoption of CVD.
● Steps the industry will take to ensure the quality and effectiveness of the program.