2018 ELECTION SECURITY PLAYBOOK
Partnerships and Information Intelligence Sharing Information sharing is critical in taking a proactive security approach and is an important part of our preventative measures and mitigations. Tactics, Techniques and Procedures (TTP) is an approach that is used within a cyber threat intelligence solution. TTPs can help with predictive or emergent risk, such as sharing of a zero-day exploit on the Dark Web. A zero-day attack is an attack vector that takes advantage of a security weakness before the vulnerability becomes generally known. There is no time or opportunity for detection because the attacker exploits the vulnerability before the threat is known. TTP is an effective method in helping to prevent zero-day attacks. The TTP method can help identify possible targets, provide threat analysis data, and help with mitigation process. This data or research is provided to us by multi-state sharing cybersecurity threat analysis partners. This section focuses on some of the ways our office employs the approach of intelligence sharing as one of the mitigation strategies of our security plan. Partnership With Orange County Agencies The OCROV has been proactive in communicating with the County security team, and they have expressed a commitment to assist the OCROV when needed. Orange County’s Chief Information Security Officer (CISO) and a cybersecurity joint task force meet monthly to review and discuss security topics that focus on information security countywide. We are working to update and refresh policies, standards, and guidelines, which are key components of an effective information security plan. To address the CIA principles of the technology, the County security team routinely conducts a series of assessments and penetration tests on County network infrastructure, systems, and data. The County security team has also expressed a commitment to establishing an in-depth defense methodology for its infrastructure, systems, and data. Partner with Regional and Local Law Enforcement We interface on a regular basis with regional (California Secretary of State, Criminal Investigations) and local (Orange County District Attorney’s Office) law enforcement. We routinely, when appropriate, continue to refer cases to these agencies for investigations. In addition to these resources, our office interfaces directly with OCIAC to obtain additional threat information, and to have OCIAC help recover from an incident, if necessary.
ORANGE COUNTY REGISTRAR OF VOTERS
19
Made with FlippingBook Digital Proposal Creator