MITRE National Election Security Lab logo

Together, we can help mitigate risks to election systems.

A strong election ecosystem is fundamental to our nation’s identity. Every component of the election system must be secure— from voter registration rolls, to safe ways to vote, and ultimately, reporting an accurate and trusted count.

For 60 years, MITRE has helped government organizations mitigate risk through objective insight free from commercial interest. Using our cutting-edge research and technology capabilities, we tackle the biggest challenges to solve problems for a safer world.

Now, we’re committing our resources to help the election community.

About the Lab

In MITRE’s National Election Security Laboratory (NESL), we analyze the complex network of software, hardware, and processes to improve election security and integrity. Elections have national consequences, but the work happens at the state and local levels, where each jurisdiction maintains and manages its own voter database, polling technology, tabulation, and reporting processes. Sometimes, a single component may have been tested and evaluated for security risks, only to have vulnerabilities arise when it becomes part of a larger system.

Now, in addition to all this responsibility, elections officials must also defend against cyber attacks. It’s a significant challenge.

MITRE can help. Our lab offers a comprehensive systems environment where stakeholders can test the technology that supports their election ecosystems, evaluate them for risk, and emerge with solutions.

MITRE’s National Election Security Laboratory gives state, local, and federal officials a means to maintain public trust and confidence in their election systems.

Where We Focus

To ensure a fair and accurate election, officials must focus on three key areas:

  • Assessing Policies and Procedures
  • Fortifying Security
  • Addressing Misinformation

Our team of experts not only help officials and vendors assess vulnerabilities in each area, but also comprehensively analyze election systems.

Our Services

Leveraging MITRE’s cybersecurity and analysis expertise, NESL has the capability to conduct comprehensive security testing and vulnerability analysis on the entire election ecosystem, subsets of the ecosystem, or individual components.

NESL works with partners to provide objective analysis of the security of products and related services. NESL provides election officials, vendors, the Department of Homeland Security, the U.S. Election Assistance Commission, and other key stakeholders, a trustworthy, secure, representative, reconfigurable environment in which to place their actual IT and election equipment and software to safely develop risk management options.

Stakeholders can:

  • Define and conduct security experiments
  • Problem-solve and brainstorm together
  • Identify and evaluate potential mitigations
  • Determine messaging and timing as a community
  • Gain an overall understanding of end-to-end system risks

NESL produces a customized report for the evaluated system that may include elements of people, processes, technologies, and organizational risks, and analyzes data (technical documentation, policies, processes) for overarching trends and guidance for best practices.

State and Local Election Officials

Service

Benefit

Test before buying or deploying

Identification of gaps/holes in election security system

Better decisions on what to buy and how to connect and operate election equipment with greater security

Insight to resolve gaps before fielding equipment

Greater peace of mind

Ability to efficiently field equipment that is consistently configured for a risk-managed environment

Replicate the particular election security ecosystem to test equipment in its natural environment

Red-teaming IT environment based on the existing and/or desired components

Emulate adversary behavior in context

Simple, straightforward and consistent expert guidance to configure systems more rapidly and more security

Configuration that’s consistent with risk management

Prevent compromises before they start

Thwart bad actors

Save time and money

Risk analysis in a confidential setting

Election officials receive real world recommendations and options tailored to their specific environment

Recommendations and options tailored to the specific environment – real world actions that election officials can take to strengthen the security of their systems

Forensic analysis

Independent view and technical advice on what happened and how to prevent it in the future

Avoidance of prospective breaches — Greater public confidence

Vendors

Service

Benefit

Collaborate with customers (States) in an environment that mirrors their own Ability to optimize your product’s managed risk profile

Test products pre-launch

Identify and remediate vulnerabilities in a safe and secure place

Expert, independent advice on the security profile of your offering before going to market

All activity is confidential and constructive

Testing performed by independent experts Increased confidence in brand’s security
Federal Partners

Service

Benefit

A go-to trusted test lab for exception requests for recertification Evidence-based decision-making to validate or deny de minimis claims
Digital forensics – evidence-based expert analysis of the forensics associated with a real or perceived incident (breach, claim of unauthorized change, etc.) Increased public confidence and trust in the integrity of elections and government decisions and actions
Standards and specification development Develop standards or specifications based on hands-on experience and real-world use cases

Work With Us

Want to see how our team of analysts, researchers, and election experts can help you ensure your next election is safe and secure? Contact us today to start a conversation.