Author: Kim Strach, Executive Director
Incident Reporting Directive
County boards of elections must report all security incidents and suspected security incidents to the State Board Office. Reporting both successful and unsuccessful attempts to compromise elections infrastructure will help this Agency and its state and federal partners react quickly and detect patterns. It is not sufficient only to inform county IT or your county board members. Our objective is to secure elections and protect, not embarrass, our counties.
How to report an incident:
- Enter all security incidents and suspected security incidents into the Help Ticketing System. New processes at the State Board will route the ticket to appropriate personnel and partners. Tickets should indicate who was involved, what happened, when it happened, and where the incident occurred. Include the contact information for any county IT individuals who are aware of the issue.
Examples of incidents to report:
- Unauthorized access to county offices, voting sites, or the IT systems used to manage elections.
- Hacking, phishing, or compromise of personal or professional e-mail accounts or social media.
- Misinformation campaigns using texts, social media, or flyers with wrong election information.
- Missing equipment (ex. laptops, USBs, or equipment with SEIMS applications or voter data).
- Unexplained issues burning media for electronic poll books or voting systems.
- Reconciliation problems during early voting or Election Day.
These are just examples. It is always better to over-report than to under-report, so please be vigilant in your day-to-day administration of elections and notify us immediately of any irregularity or suspected incident.