We have discussed election security for many years, perhaps more so within the last ten years with the documented confirmation of interference by nation states (Russia, China and Iran). Until recently, however, domestic election interference that leverages the power of social networks wasn\u2019t recognized and, frankly, didn\u2019t exist. The power of social media to influence elections has now been thrust into the spotlight again with the whistleblower allegations of Twitter\u2019s former CISO.History of social media influence on U.S. electionsThe 2008 and 2012 election campaigns of President Barack Obama displayed the power of social networks in delivering platform points and energizing the electorate. Pundits and technical analysts at that time (including me) characterized the effort as Obama\u2019s campaign smoking their opponents on the social network landscape. This success was achieved through a better understanding of the social network medium the amplification provided through viral messaging.By 2015, we saw Russia up to its hips targeting state election infrastructure and shaping the narrative via misinformation and disinformation. This included using personnel operating in the United States at the direction of the Russian government to affect the outcome of the 2016 presidential election. The FBI warned both major political parties of the Russian cyber actions targeting the election infrastructure, including their candidates and party infrastructure in 2015. By October 2016 we were seeing the publication of information from purportedly independent entities that was shaded or full-on mistruths.In 2017 the terms \u201cmisinformation\u201d and \u201cdisinformation\u201d had barely entered the lexicon of the average voter in the United States. I wrote about them in D\u00e9j\u00e0 Vu All Over Again \u2013 Russian Active Measures\u00a0in December 2017 and then again in Election Interference: The Russians Are Back, or They Never Left in September 2020. Both pieces dissected and explained Russian intelligence\u2019s long history of covert action when it comes to elections in other countries.U.S. moves to counter election disinformationNow in 2022, these terms fly off our tongues and those of every pundit and media personality. To that end, the United States Department of State stood up the Global Engagement Center within the Bureau of Public Diplomacy and Public Affairs to direct the United States\u2019 efforts to \u201crecognize, understand, expose and counter foreign state and non-state propaganda and disinformation efforts aimed at undermining or influencing the policies, security, or stability of the United States, its allies, and partner nations.\u201dThe Bipartisan Policy organization produced a report, How Tech and Election Officials can Protect Elections Online on August 24, 2022. The report begins with a declaration that should be absorbed by all involved in evolving technology, be it infrastructure or that used to engage with the electorate, \u201cTech companies can be a force for good around elections.\u201dThe Department of Homeland Security\u2019s Operational Analysis Center, in conjunction with RAND, issued a 2022 report Securing U.S. Elections, A Method for Prioritizing Cybersecurity Risk in Election Infrastructure. As the title suggests, the 58-page document is focused largely on the technology securing elections and not the use of technology that informs and influences the electorate. The report does mention, however, how digital platforms \u201cplay an important role in disseminating information (or disinformation), shaping public opinion, and providing a means for candidates and campaigns to engage with the voting public. These platforms are also subject to potential cyber threats. They are, however, beyond an election official\u2019s control or influence to address potential vulnerabilities to cyber threats.\u201dSimilarly, the Cybersecurity and Infrastructure Security Agency (CISA) has created an election security resource library that highlights both \u201cnew and evolving threats that require a whole-of-society approach.\u201d CISA\u2019s toolbox, made in conjunction with the U.S. Election Assistance Commission, highlights areas of greatest risk, technical cybersecurity assessments and services meeting critical needs, and gaining a sound analytic foundation for managing election security risk with key partners (local, state, federal). CISOs whose entities are involved in securing election infrastructure may wish to avail themselves to the free training offered by CISA.Is Twitter a threat to election security?In late-August the former CSO of Twitter, Peiter \u201cMudge\u201d Zatko, filed a whistleblower complaint against Twitter, in which he discusses the security shortcomings of the social network among which was the observation that these shortcomings constituted, \u201cNegligence and even complicity with respect to efforts by foreign governments to infiltrate, control, exploit, surveil and\/or censor the \u2018company\u2019s platform, staff, and operations.\u201dThe 84-page whistleblower complaint, which provides the former executives perspective, is replete with a litany of shortcomings which, in his opinion, made Twitter vulnerable to manipulation during the 2020 presidential election cycle. Here we are in August 2022, heading into an election cycle in November 2022, this is not reassuring from the electorate\u2019s point of view, especially since the Bipartisan Policy organization has called on companies like Twitter to lean into protecting the public from disinformation, misinformation and exploitation.Twitter stated, \u201cMr. Zatko was fired from his senior executive role at Twitter in January 2022 for ineffective leadership and poor performance. What we\u2019ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context.\u201dA public post on LinkedIn by Edward Amoroso, CEO of Tag InfoSphere, which garnered over 250 comments, highlighted his disagreement with Zatko\u2019s approach. I agree. From my seat, CISOs have been tussling with CEO, CFO and CIOs on the distribution of resources, budget availability and strategic implementation for seemingly forever. The lack of transparency of cybersecurity issues within a company has launched the SEC proposed requirement to include attestations in filings, similarly, the ongoing prosecution of the former CSO of Uber has highlighted the need for errors and omissions insurance for all executives. What every CISO needs to focus on is identifying risks, addressing those risks, rinse and repeat.Election security needs to be \u201calways on\u201dYet, the use of information, disinformation and misinformation both domestic and foreign to influence voters on how to vote and to take action, which has often been deleterious to the wellbeing of election officials, is a very real concern. The Bipartisan Policy report highlights with clarity how \u201cfuture cycles will look different.\u201d The report cites the opportunity for tech companies to work with election officials.While not specifically mentioned, the opportunity for tech companies to ameliorate the flow of election disinformation and misinformation was clear as crystal during the 2020 election cycle. Highlighted was the \u201crampant false information and online and real-life harassment of election officials, as well as the never-ending questioning of the legitimacy of the results of the 2020 election, even today in August 2022.\u201dThe recommendations of the Bipartisan Policy organization are for tech companies and election officials to engage today, not only for the 2022 midterm elections but also for the 2024 presidential elections as well as the elections at the state and local level in 2023. They will need to have availed to them the latest\/greatest in cyber products and best practices in protecting the elections.That said, the report also offers a pragmatic observation. \u201cKnow the difference between bad actors\u2019 intentional spreading of false information and news stories that need corrections.\u201d While also emphasizing the need for transparent policies surrounding elections that address:ContentMDM (mis\/dis\/malinformation)VerificationAdvertisingSecurityLastly, the report urges the adoption of an \u201calways on\u201d perspective, not just in the run-up to election day.I agree.