The Full Stack Problem of Election Security

Monday, February 01, 2021 - 7:45 am8:15 am

Jack Cable, Security Researcher and Student, Stanford University


Foreign adversaries interfered in America's 2016 election, and we can expect to see similar activities in 2020. War waged via attacks on state voter registration databases, hack and leak operations targeting political campaigns, and disinformation campaigns against the American people proved that America's elections were not prepared for nation-state adversaries.

The security community, together with election officials, policymakers, and social scientists, can help confront our nation's vulnerabilities. Just as research and advocacy led to an increased usage of voter-verified paper ballots and risk-limiting audits across the nation, so too can we help build resilience across other election technologies and the American people. By addressing the full-stack problem of election security—from the technology used to register voters, cast ballots, and report results, the infrastructure of political campaigns, and most importantly the people that ultimately judge an election's validity—we can hope to preserve the sanctity of our electoral processes.

Jack Cable, Stanford University

Jack Cable is a security researcher and an undergraduate student at Stanford University, currently working as an election security technical advisor at the Cybersecurity and Infrastructure Security Agency (CISA) as well as a research assistant tracking disinformation at the Stanford Internet Observatory. Jack is a top ranked bug bounty hacker, having reported over 350 vulnerabilities to hundreds of companies. Prior to CISA, Jack worked for the Defense Digital Service on the Hack the Pentagon program. Jack also serves as an advisory committee member for the IT-ISAC, aiding election vendors in building bridges with security researchers by establishing vulnerability disclosure policies. At Stanford, Jack studies computer science and launched Stanford’s bug bounty program, one of the first in higher education.

@conference {264092,
author = {Jack Cable},
title = {The Full Stack Problem of Election Security},
year = {2021},
address = {Oakland, CA},
publisher = {{USENIX} Association},
month = feb,