Is it possible to ensure the privacy of electronic voting?

Public administrations have their work cut out. For years, they have been working to shore up the cybersecurity of their infrastructures and sensitive information. Any kind of cyberattack on these assets could seriously endanger both the general population and political leaders. And these kinds of targets are becoming increasingly popular for cybercriminals.

This need for protection has become more pressing due to the increased technology use in this ambit. Though there is scope for further technology to be introduced in public administration, before this can happen, more agile work needs to be done on threat identification strategies, machine learning, and blacklisting techniques that could, for example, making electronic voting a real possibility.

Along with municipal, regional, and general elections in Spain, and the European Parliament elections, over 80 countries will take part in electoral processes in 2019. Implementing electronic voting could increase voter turnout, and would be a great advantage to citizens with reduced mobility or who reside in a different town to where they have to vote. It would also reduce costs, and lower the number of people who would have to be present at polling stations. To give some idea, €128 million was invested in the Spanish general elections in 2015, a figure set to rise to €138M this year.

However, e-voting has some security-related drawbacks. One example is the possibility of a person casting several votes from the same IP, or by simulating a new IP. Total privacy cannot be guaranteed either, since the servers of those administrating the vote can decrypt the original information, revealing voter details.

And public administrations are also liable to fall victim to cyberattacks. This is why the two main concerns that need to be addressed before elections can be carried out electronically are privacy and cybersecurity. Both of these concepts need to be underpinned with external auditing to guarantee that none of the various steps involved in the e-voting process is susceptible to error, tampering, or attack.

One of the objectives of the second edition of #PASS2019 will be to propose possible action frameworks to guarantee data protection for every citizen and for public administrations. And not just against hackers, but also against insiders (people who attack from within the organization itself: employees, former employees with active credentials…) or even agents who could access public data without technically breaking any laws, such as political parties.

Throughout five conferences and five workshops, at #PASS2019 independent analysts from Gartner, European politicians, members of SOCs and cyberthreat analysts from international companies such as Telefónica, will offer their vision of threat and attack trends, national cybersecurity strategies, and protection needs, both at a normative and corporate level. Attendees will be able to discover cutting edge procedures that are being implemented across Europe, and how they can apply them in their companies and environments. José Sancho, president of Panda Security, Juan Santamaría, CEO of Panda Security, and María Campos, KA and Telecoms of Panda Security will present this edition.

#PASS2019 will bring together almost 1000 attendees from leading European companies and institutions, including CISOs, CIOs, heads of cybersecurity, and CEOs. What’s more, there will also be five workshops in which the subjects discussed in the conferences will be dealt with in depth.

More information about the agenda of #PASS2019 here.

More information about the speakers and their conferences here.

More information about the workshops here.

If you want to get press accreditation, you can do so here.

Summary of #PASS2018 in this video.

The post Is it possible to ensure the privacy of electronic voting? appeared first on Panda Security Mediacenter.

Article Link: https://www.pandasecurity.com/mediacenter/pass/security-privacy-electronic-voting/