Using Tabletop Exercises to Identify Election Security Risks
Tabletop exercises, or TTXs, are a key tool in preparing for secure elections in 2024. A multi-agency, multi-disciplinary election security tabletop exercise can identify concrete, achievable actions that jurisdictions can take in the coming months to make elections more secure. Other options for identifying election security gaps include workshops, drills and exercises.
Dawn Thomas, co-director of CNA’s Center for Emergency Management Operations
What can a tabletop exercise do for election security?
A TTX can be a first step in setting priorities for jurisdictions to update plans, purchase equipment, or conduct additional training and exercises. In this role, the exercise can count toward the State Homeland Security Program (SHSP) and Urban Area Security Initiative (UASI) 3% funding allocation requirements. To suit the specific needs of state and local decision-makers, the exercise can be focused on any of a wide range of objectives:
- Test jurisdictional plans to share intelligence and information about election-day threats and incident response. The exercise can explore what information is essential, what trusted sources to designate, and who needs to receive what information — including election-specific partners like voting site operator and volunteers.
- Step through emergency response plans for addressing a wide range of threats and hazards at polling sites and vote-counting centers. Getting key first responders together with volunteers and voting site operators ahead of election day can lead to more detailed response planning.
- Establish operational coordination for responding to an election site incident. In the case of a civil disturbance, understanding the on-site incident command structure and supporting incident response locations will benefit non-traditional partners like elections officials and allow for a smoother response.
- Conduct a cybersecurity risk assessment for election systems, networks and processes. In a TTX, jurisdictions can engage with their providers of elections system cybersecurity to identify and mitigate risks.
- Prioritize and support the security and availability of infrastructure systems that elections depend upon, including electrical, communications and transportation infrastructure. Jurisdictions can exercise the loss of one or more systems, determining points of contact and identifying workarounds to maintain continuity.
- Define the roles of election service providers in planning for and responding to cyber or infrastructure security issues. Vendors must maintain the integrity of their systems — and public trust. Involving them in exercises allows for a better understanding of prevention and protection measures, as well as remaining system threats.
- Test specific continuity plans for severe weather, civil unrest, cyberattacks or other emergency response events concurrent with an election. Exercises can form the basis of detailed continuity of operations plans to keep voting facilities open or redistribute voters — maintaining public trust in elections.
- Identify site security measures election sites should take. Recent consolidation of voting sites creates new challenges and potential soft-target and transportation risks. Exercises can allow law enforcement and security partners to discuss these risks and review site risk mitigation plans.
- Formulate how the jurisdiction will deliver public information that is coordinated, prompt and reliable. Exercising a public information strategy will help jurisdictions better coordinate internally to combat mis-, dis-, and malinformation and maintain public trust.
- Verify expected roles and regulations for public safety entities. Voting sites regulations — including loitering, voter intimidation, exit polling and sound projection regulations — affect the appropriate response of law enforcement and other first responders. A TTX can bring together a wide array of participants to develop guidance on protecting elections from disruptive acts within expected bounds.
- Examine the jurisdiction’s ability to ensure data integrity through the election cycle. In a TTX, participants can spotlight protective best practices from stakeholder plans to secure electronic voter data, allowing a unified message to leadership and the public.
Questions to Ask
- Which of the objectives listed above are most relevant to your jurisdiction?
- Who should be involved? Possible participants include city management, CIO’s office, private sector, emergency management and first responders, public information officers, election site owners and government attorneys.
- How long should the exercise be?
- Does the jurisdiction benefit most from exercising only election security or from exercising election security in conjunction with another emergency management threat? An example might be maintaining election security during extreme weather or a cyberattack.
What results will a CNA election security tabletop exercise provide?
Throughout the exercise, our analysts will capture identified gaps, strengths and recommendations for improvement. These will form the basis of an after-action report, which CNA can provide within two weeks or less. Using the election security after-action report, the jurisdiction can integrate exercise results into updated operational plans and a specific continuity of operations plan (COOP) for the election cycle. For example, our cybersecurity exercises — conducted for 18 jurisdictions — have allowed local governments to test their current COOP plans against a cyberattack and develop annexes that more specifically represent the operational environment, the key decisions identified, and the essential information required for those decisions.
What experience does CNA have in tabletop exercises?
Since 1999, CNA has designed, executed and evaluated more than 350 homeland security exercises, including more than 100 tabletop exercises. Participants have ranged from local first responders to the President of the United States, and scenarios have been as diverse as cybersecurity, hurricanes and disease outbreaks. CNA’s Center for Emergency Management Operations has designed and executed tabletop exercises for the following jurisdictions and organizations, among many others:
Tabletop Exercise Participants:
Federal and International Participants
State and Territory Participants
If you would like more information about conducting a TTX that includes election security, please contact the co-director of CNA’s Center for Emergency Management Operations, Dawn Thomas, at firstname.lastname@example.org.