Voters cast their ballots at voting machines at Cheyenne High School on November 8, 2016, in North Las Vegas, Nevada. Photo: Ethan Miller via Getty Images

The recent $380 million of federal funding to replace paperless voting machinery and improve cybersecurity is desperately needed, but it is unlikely to ensure the long-term cybersecurity of U.S. election technology.

The big picture: At best, the one-time spending will provide a catalyst for election organizations to gain basic cybersecurity competence. At worst, though, the money will be spent on discretionary purchases (e.g., digital pollbooks or new PC hardware) that only appear helpful and that, without proper security-centric integration, may increase the systems’ exposure to attacks.

The funds help states accomplish three goals:

  1. Pay for replacing unreliable paperless voting systems. While new systems provide paper trails, however, they rely on the same vulnerable hardware design.
  2. Design trustworthy, transparent processes for ballot audits. Audits can detect anomalies, but only if they adopt proven practices statewide.
  3. Fund election organizations to undergo post-election audit training, a process that will take years to implement. Anomaly detection is valuable, but doesn't impede adversaries from using stolen information to discredit an election.

The other side: This funding could also help states' election organizations pay for cybersecurity services, but likely for one-time events, such as basic training for non-technical staff (e.g., defending against phishing) or contracting cybersecurity professionals.

While professional IT services and training would mitigate some of the risk, none of these solutions will address U.S. election technology's fundamental vulnerability. And after 2018, election organizations will remain just as under-resourced to defend against adversaries as they were before.

The bottom line: In order to protect our democracy, the nation must start an intellectually honest discussion about how to design, develop and deliver a new election technology infrastructure.

John Sebes is a co-founder of the OSET Institute and CTO of its TrustTheVote Project. William Crowell is a former deputy director of the National Security Agency and a partner at Alsop Louie Partners.

Go deeper

Transcripts show George Floyd told police "I can't breathe" over 20 times

Photo: Gary Coronado/Los Angeles Times via Getty Images

Newly released transcripts of bodycam footage from the Minneapolis Police Department show that George Floyd told officers he could not breathe more than 20 times in the moments leading up to his death.

Why it matters: Floyd's killing sparked a national wave of Black Lives Matter protests and an ongoing reckoning over systemic racism in the United States. The transcripts "offer one the most thorough and dramatic accounts" before Floyd's death, The New York Times writes.

Updated 2 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Eniola Odetunde/Axios

  1. Global: Total confirmed cases as of 6 p.m. ET: 11,921,616 — Total deaths: 546,318 — Total recoveries — 6,506,408Map.
  2. U.S.: Total confirmed cases as of 6 p.m. ET: 3,035,231 — Total deaths: 132,042 — Total recoveries: 936,476 — Total tested: 36,878,106Map.
  3. Public health: Deaths are rising in hotspots — Déjà vu sets in as testing issues rise and PPE dwindles.
  4. Travel: United warns employees it may furlough 45% of U.S. workforce How the pandemic changed mobility habits, by state.
  5. Education: New York City schools will not fully reopen in fallHarvard and MIT sue Trump administration over rule barring foreign students from online classes.
  6. 🎧 Podcast: A misinformation "infodemic" is here.
2 hours ago - Health

Fighting the coronavirus infodemic

Illustration: Sarah Grillo/Axios

An "infodemic" of misinformation and disinformation has helped cripple the response to the novel coronavirus.

Why it matters: High-powered social media accelerates the spread of lies and political polarization that motivates people to believe them. Unless the public health sphere can effectively counter misinformation, not even an effective vaccine may be enough to end the pandemic.