Securing the election

Members of the TU community are helping to stave off Election Day interference.

By Jenna Harrity ’20 on November 4, 2019

scala

With some elections happening tomorrow and less than a year until the 2020 presidential election, voters and public officials are watching closely for a variety of reasons.

After the 2016 elections, many voters may not feel confident in election infrastructure, which designated as critical in early 2017. The department identified an ongoing potential cyber and physical risk involved in election systems and facilities.

In Maryland, there were no documented breaches of election security. Maryland uses a newer version of polling machines that provide a paper trail, which can be audited. Yet, it's the customer sentiment that remains shaky—and the risk for cyber-attack lingers.

Associate Professor of Business Analytics and Technology Management Natalie Scala, Ph.D., is spearheading a project aimed at educating poll workers about the potential for cyber, physical, and insider threats at election polling places. Reducing the potential risk involved in voting helps improve the general voter sentiment, she said.

"How I feel about Macy's, as a brand, is based on my experience in the store. If it's clean, nicely laid out, and the associates are helpful, I feel great about Macy's. If I go to the store and it's a mess, I'm not going to feel great about that brand," said Scala. "It's the same with voting. If I've had a positive experience with the polling place, I'm going to feel more confident and be motivated to go vote."

The project is a multi-year, interdisciplinary research endeavor built upon research conducted by Scala as well as several undergraduate and graduate TU students. It began with the work of project management student, Megan Price, '18, for her Honors College project. In fall of 2017, using data from Harford County, Maryland, Price looked at what potential vulnerabilities could arise at a polling place. Her work identified a need for additional training of poll workers, raising the question: how can you prevent an election judge from becoming an insider threat, themselves?

"Insider threat has a very negative connotation" Scala said, "as if someone wants to break something on purpose, but you can even be an insider threat unintentionally."

"For example," Scala continued, "if you have an email with a phishing link and you click it, you make a mistake. You don't mean to be a problem, but your mistake creates a threat, a potential issue."

This is where the need for training becomes evident.

"We're trying to prevent poll workers from making those type of mistakes," Scala said. "We want them to be empowered to take measures that help keep the election votes secure, so that the voting process maintains integrity."

Integrity. Every American wants to know that their vote matters - it's fundamental to democracy.

Creating the training modules poses a need for a technological tool. Josh Dehlinger, Ph.D., a Computer and Information Sciences professor in the Fisher College of Math and Sciences is assisting with developing the online modules for poll workers.

"Computer Information Sciences has an online learning system that's been used to teach security to entry level students," he said. "So, we're using that platform to develop our training modules."

Supply Chain Management Master of Science student, Lorraine Black, has since taken on Price's initial research. Black now collects and analyzes the data received from the study. The research team has already tested three modules with an array of trainees and is now working on developing three more modules.

The initial test was conducted with an assembly of TU students, previous election judges, and members of the Osher Lifelong Learning Institute (aged 50+). The latter age representation is, on average, the population most likely to volunteer as poll workers.

The test consisted of the users' demographics, the pretest, and the training, followed by the post test.

The results, Black concluded, were statistically significant. After taking the training module, knowledge of how to prevent potential threat increases considerably.

Scala emphasized how this training module can have importance not only in polling places, but also in any professional setting where confidentiality is essential.

In various workplaces, employees should be well trained in usable security to identify what could be going wrong as an insider. After completing the training module, users will be able to ask and answer two essential questions: "How do I fix the problem myself, or how do I call for more help?"

Additional contributors to the project include Towson University students: Saraubi Harrison '19, BS Computer Science; Vincent Schiavone, MS Supply Chain Management; Yeabsira Mezgebe, BS/MS Business Administration and Supply Chain Management; Katerine Delgado Licona '19, BS Political Science; Aikaterini Leromonahos, BS Law and the American Civilization;

This story is one of several related to President Kim Schatzel’s priorities for Towson University: TU Matters to Maryland, BTU-Partnerships at Work for Greater Baltimore and Diverse and Inclusive Campus.