US 2020 Presidential Campaign Cyber Security Examined

Uploaded on 2019-10-14 in GOVERNMENT-National, FREE TO VIEW

The US Internet Society’s Online Trust Alliance (OTA) is a cross- industry organisation which identifies and promotes security and privacy best practices that build consumer confidence in the Internet.

They have recently conducted an evaluation of the 2020 US presidential campaigns, examining three main categories: 

  • Privacy – data sharing, retention, notice, and third-party restriction policies in the privacy statement, as well as analysis of third-party tracking on the website
  • Website Security – server security, use of encryption for web sessions, protections such as firewalls and potential site vulnerabilities
  • Consumer Protection – protection of email via authentication and encryption between servers, and protection of domains from hijacking

As with making any payments or donations, or signing up for any online service, users are encouraged to evaluate campaigns to see if the published practices are consistent with their individual expectations regarding the collection, use, and sharing of their data.

As outlined in this report, the published privacy statements vary significantly, from stating that they disallow any sharing to language effectively enabling campaigns to share personal information broadly with any third party.
 
As cyber threats increase and privacy concerns heighten, the relevancy and timeliness of this report is significant, underscoring the imperative that data security, protection, and privacy need to be integrated into every service, business process, website, and mobile application, whether commercial or political.

Source: Internet Society


 
All campaigns listed in the failure column had a failure in the privacy category, and two campaigns also failed in the consumer protection category.

Overall, the survey found that campaigns have strong website security, reasonable email and domain protections, and poor privacy scores. Privacy statements are the biggest concern, causing failure for 70% of the campaigns.

Internet Society

You Might Also Read: 

Foreign Cyber Intrusions On The USA:

 

« Iranian Hackers Deploy New Spear-Phishing Techniques
Good Cyber Security Practice On The Go »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

AppRiver

AppRiver

AppRiver is a global provider of cloud-based email and web security solutions that protect businesses worldwide from today's ever-changing online threats.

Daon

Daon

Daon offers a universal biometric authentication platform for mobile devices.

DataSunrise

DataSunrise

DataSunrise Data-Centric high-performance security software protects the sensitive data in real-time in cloud or on premises, and helps organizations to stay compliant.

Ivanti

Ivanti

Ivanti provide user-centered IT solutions designed to increase user productivity while reducing IT security risk.

Blockchain Slovakia

Blockchain Slovakia

Blockchain Slovakia is a non-profit organization that brings together researchers, developers, entrepreneurs, regulators, investors and the public to support blockchain technology in Slovakia.

GovCERT Austria

GovCERT Austria

GovCERT Austria is the Austrian Government Computer Emergency Response Team. Its constituency consists of Austria's public administration.

Nucleon

Nucleon

Nucleon enables cybersecurity tools, organizations and software developers to become proactive by blocking threats before they become breaches.

Outsource UK

Outsource UK

Outsource UK is an independent recruitment company supplying highly-skilled technology, change and engineering talent to clients within a range of specialist sectors including Cyber Security.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alpine Security

Alpine Security

Alpine Security provides penetration testing, security assessments and cybersecurity training services.

Cympire

Cympire

Cympire significantly increases an organisation’s Cyber Resilience through continuous Training and Assessment. Cyber Security Training Platform. Cloud-based and fully customizable Cyber Range.

Zaviant Consulting

Zaviant Consulting

Zaviant Consulting is a leading data security and privacy consulting firm assisting organizations comply with constantly evolving security frameworks and privacy regulations.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

Hackurity.io

Hackurity.io

Hackurity.io is a high energy IT security start-up founded in 2021 out of the frustration that IT Security is highly fragmented and reactive.

Modern Networks

Modern Networks

Modern Networks is a leading provider of IT managed services to the UK’s commercial property sector and medium sized enterprises.