How to safeguard election integrity in an age of cyber threats

Article 09-Oct-2024 Read time: 5 min

By Kris Lovejoy, Global Cybersecurity and Resiliency Leader at Kyndryl

By all accounts, 2024 will be the largest election year in world history, with national elections in more than 60 countries, including the highly contentious U.S. presidential race. At the same time, state-sponsored actors have been linked to numerous attempts to disrupt elections, such as AI-generated deepfake videos and widespread disinformation and misinformation campaigns. In fact, a Center for Security and Emerging Technology study found that the use of AI-manipulated media has increased threefold over the past two years. As a result, the criticality and public scrutiny of election integrity have greatly intensified. That is why it is imperative for global leaders to understand the issues surrounding election security and the measures necessary to help protect the world’s democratic processes.

Increased digital systems require increased security

As the world has moved to digital systems, exposure to cyber threats has grown exponentially. A recent survey of public- and private-sector IT decision-makers found 92% of their organizations have experienced adverse events that compromised their IT systems. Among the most alarming and growing risks is the susceptibility of critical infrastructure such as utilities and telecommunications to cyber disruption.

Digital voting systems are no exception. Elections are increasingly moving off mainframe systems and onto the cloud. While offering many benefits, the transition from mainframe systems to cloud-based platforms introduces new cybersecurity challenges to election security. Cloud-based election infrastructure exposes more potential points of failure that malicious actors could exploit. The combination of increased exposure and proliferating threats demands urgent action to address these risks.

~2 billion voters

Around 2 billion voters, about a quarter of the world's population, are expected to vote in 2024.¹

60+ countries

In 2024, national elections are taking place in over 60 countries around the world.¹

Disinformation and misinformation grow in volume and sophistication

While securing and modernizing the technical aspects of election systems is paramount, the threats posed by disinformation and misinformation can’t be overlooked. These propaganda campaigns — often amplified through social media, generative AI and state-sponsored actors using botnets — have proven their potential to manipulate public perception and undermine trust in the electoral process. The challenge lies in not only preventing these incidents but also effectively countering the disinformation that follows. 

Public-private collaboration is essential

Securing digital election systems requires a coordinated effort between the public and private sectors. To mitigate the impact of increasing cyber threats, governments around the world are implementing stringent cybersecurity regulations. These directives significantly strengthen cyber governance as the digital economy evolves.

Many emerging regulations place responsibility for cybersecurity on company leaders, their boards of directors and their major third-party services providers. For example, both the European Union (EU) and U.S. Securities and Exchange Commission (SEC) have tightened the requirements for business entities to disclose their cyber risks and incidents. These regulations potentially affect all participants in the globally interconnected digital economy.

4 million cybersecurity workers are needed

The talent gap is estimated to reach 85 million by 2030.²

$8.5 trillion unrealized annual revenue

This shortage of skilled professionals could result in an estimated $8.5 trillion in lost annual revenue.²

People are still the weakest link

Even with the increasing prevalence and sophistication of cyberattacks, human error remains the largest single risk in protecting digital information. This reality underscores the critical importance of culture and mindset in protecting against cyber disruption — specifically, the need for ongoing cybersecurity awareness and training initiatives. Business leaders must ensure that their entire organization, from the C-suite to the front lines, acquires the knowledge and skills necessary to identify and mitigate cyber threats.

The cybersecurity industry also faces a critical shortage of skilled professionals: the current gap of 4 million security professionals is estimated to reach 85 million by 2030. Addressing this gap is a strategic imperative because even with the increasing use of AI to enhance cybersecurity efforts, humans remain essential to making nuanced decisions and providing ethical oversight. This is particularly true in the context of critical elections.

Collaboration is the key to the future of election security

Safeguarding elections during this unprecedented year and beyond must be a collective responsibility. Addressing the multifaceted challenges of election security will require ongoing collaboration between the public and private sectors. Government agencies must work closely with technology providers, election officials and cybersecurity experts to develop and implement robust security measures.

Despite the daunting risks, there is cause for optimism. Governments and the private sector have been managing cyber incidents for years, gaining insights and refining skills in response to each new challenge. By continuing these collaborative efforts, implementing targeted regulatory measures and focusing on strengthening the human factor, we have a clear pathway to help protect the democratic process around the world. 

In recognition of Cybersecurity Awareness Month, this is the second installment of a series in October that highlights how organizations can go from risk to resilience.

^{¹ Statista, 2024: The Super Election Year

² World Economic Forum, The cybersecurity industry has an urgent talent shortage. Here’s how to plug the gap, 2024}