Secretaries of State Gather for Winter
Meeting ... 3 of 5 > |
Feb. 16, 2018 - The NASS/NASED
Joint Session: "State and Local Incident Response Playbook Walk
Through" highlighted three playbooks recently issued by the Defending
Digital Democracy Project (D3P) at Harvard Kennedy School’s Belfer
Center for Science and International Affairs. |
David Becker, executive director
of Center for Election Innovation & Research, moderated a workshop
on "Good Audits Make for Better Security" with New Mexico Secretary of
State Maggie Toulouse Oliver and Colorado Secretary of State Wayne
Williams. Post-election audits allow officials to spot problems
in the results and can help strengthen confidence in our
democracy. One message out of this workshop is that "all audits
are not created equal." The workshop provided a very interesting
discussion on risk-based versus risk-limiting audits. New Mexico
has been doing post-election audits since 2008. These risk-based
audits are based on randomly selected precincts. Colorado has
over the past decade been working on risk-limiting audits, which it
first implemented in 2017. Based on a 20-digit random number,
individual ballots are pulled in each county and compared with the
inital reporting. The system requires that the ballots be kept in
order and uses an open source software tool. Williams compared
the risk-limiting audit to a soup tasting. Provided the soup is
well stirred one only need to taste a spoonful, regardless of whether
there is a small pot or a large vat of soup. The random number
accomplishes the stirring. See also: NCSL - Post-Election Audits |
Tom Vessely, Director of IT,
Indiana Secretary of State's Office, moderated a workshop on "Filling
the Gaps in State Cybersecurity Workforce." Participating were
Robin Carnahan, senior advisor and head of state and local practice at
18F Acquisition; Yejin Cooke, director of government affairs at NASCIO;
and David Forscey, policy analyst in the Homeland Security & Public
Safety Division at NGA. The discussion focused on how to attract
and retain qualified cybersecurity staff. Cooke noted, "There are
more jobs [job openings], than there are people." Carnahan said
the specialized nature of IT is such that agencies should have a
dedicated IT recruiter rather than just relying on HR. One of the
speakers warned of instances where an agency might be "pitched by the A
team, but get the C team." |
....next > |