US 2020 Presidential Campaign Cyber Security Examined

The US Internet Society’s Online Trust Alliance (OTA) is a cross- industry organisation which identifies and promotes security and privacy best practices that build consumer confidence in the Internet.

They have recently conducted an evaluation of the 2020 US presidential campaigns, examining three main categories: 

  • Privacy – data sharing, retention, notice, and third-party restriction policies in the privacy statement, as well as analysis of third-party tracking on the website
  • Website Security – server security, use of encryption for web sessions, protections such as firewalls and potential site vulnerabilities
  • Consumer Protection – protection of email via authentication and encryption between servers, and protection of domains from hijacking

As with making any payments or donations, or signing up for any online service, users are encouraged to evaluate campaigns to see if the published practices are consistent with their individual expectations regarding the collection, use, and sharing of their data.

As outlined in this report, the published privacy statements vary significantly, from stating that they disallow any sharing to language effectively enabling campaigns to share personal information broadly with any third party.
 
As cyber threats increase and privacy concerns heighten, the relevancy and timeliness of this report is significant, underscoring the imperative that data security, protection, and privacy need to be integrated into every service, business process, website, and mobile application, whether commercial or political.

Source: Internet Society


 
All campaigns listed in the failure column had a failure in the privacy category, and two campaigns also failed in the consumer protection category.

Overall, the survey found that campaigns have strong website security, reasonable email and domain protections, and poor privacy scores. Privacy statements are the biggest concern, causing failure for 70% of the campaigns.

Internet Society

You Might Also Read: 

Foreign Cyber Intrusions On The USA:

 

« Iranian Hackers Deploy New Spear-Phishing Techniques
Good Cyber Security Practice On The Go »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

MIIS Cyber Initiative

MIIS Cyber Initiative

The Cyber Initiative's mission is to assess the impact of the information age on security, peace and communications.

QNAP Systems

QNAP Systems

QNAP Systems, Inc. delivers world class network attached storage (NAS) and network video recorder (NVR) solutions.

Qualitest Group

Qualitest Group

Qualitest is the world’s largest pure play Quality Assurance and software testing company.

Reblaze Technologies

Reblaze Technologies

Reblaze provides the world’s best security technologies in a cloud-based website security platform.

iLand

iLand

iland is a global cloud service provider of secure and compliant hosting for infrastructure (IaaS), disaster recovery (DRaaS), and backup as a service (BaaS).

VivoSecurity

VivoSecurity

VivoSecurity is a pioneer in cyber risk quantification based on data science. Our products and services help organizations achieve optimal information security and GRC programs.

Xcina Consulting (XCL)

Xcina Consulting (XCL)

Xcina Consulting provides high quality business and technology risk assurance and advisory services.

Blueskytec (BST)

Blueskytec (BST)

Blueskytec has applied its experience of over three decades of working in the field of embedded systems and encryption to provide a scalable and appropriate technology for cyber-physical devices.

European Healthcare Fraud & Corruption Network (EHFCN)

European Healthcare Fraud & Corruption Network (EHFCN)

EHFCN is the only organisation dedicated to combating fraud, corruption and waste in the healthcare sector across Europe.

Blue Hexagon

Blue Hexagon

Blue Hexagon is a deep learning innovator focused on protecting organizations from cyberthreats.

PixelPlex

PixelPlex

PixelPlex is a blockchain and custom software development company with offices and developers in New York, Geneva, and Seoul.

Panacea Infosec

Panacea Infosec

Panacea Infosec is a leading provider of information security compliance services. We help our clients in protecting their data, reducing security risks and fighting cybercrime.

CrowdSec

CrowdSec

CrowdSec is an open-source & participative IPS able to analyze visitor behavior by parsing logs & provide an adapted response to all kinds of attacks.

Mirai Security

Mirai Security

Mirai Security are a cyber security company that specializes in Governance, Risk Management and Compliance, Cloud Security and Application Security.