Cybersecurity

Ohio governor signs into law measure to increase cybersecurity of elections

Ohio Gov. Mike DeWine (R) on Friday signed into law legislation that will increase cyber protections for election systems and enhance the overall cybersecurity posture of the state. 

The legislation, which had bipartisan support, requires post-election audits by county boards of elections to ensure the accuracy of the vote count, while also creating a “civilian cyber security reserve” that can be called into duty to protect state and local government entities against cyberattacks, including those involving elections and those against critical infrastructure 

The bill gives the Ohio secretary of state a seat on the Ohio Homeland Security Advisory Council and creates a chief information security officer position within the secretary of state’s office to increase attention on election security issues. 

{mosads}Ohio Secretary of State Frank LaRose (R), the top election official in the state, said in a statement on Friday that the legislation will give local officials “the support they need” to combat foreign cyber threats.

“Imagine looking out the window and seeing foreign paratroopers parachuting into your town,” LaRose said. “We wouldn’t tell a community, ‘you’re on your own – your sheriff department can fight off that threat.’ Well likewise, in the online world, we can now respond with Ohio’s best cyber warriors so these counties and cities have the support they need.”

LaRose originally sponsored the legislation when he was a member of the Ohio state Senate prior to being elected secretary of state in 2018. Ohio state Sen. Theresa Gavarone (R) was the primary sponsor of the legislation signed into law on Friday. 

The new law comes after LaRose issued a directive in June that required Ohio county boards of elections to take steps to increase the security of their election systems, including requiring counties to accept free cybersecurity assistance from the Department of Homeland Security and training all staff annually on cybersecurity.

Election security has been in the spotlight this year following the release of the report on Russian interference tactics in the 2016 election by former special counsel Robert Mueller, and the release of two out of an eventual five volumes on the bipartisan investigation by the Senate Intelligence Committee into the same issue.

Volume One of the committee’s investigation concluded that Russian actors “attempted to intrude” in the voting infrastructure of all 50 states in the run-up to the 2016 election, although were not successful in changing any votes.