Nonprofit rolls out discounted cyber support for political campaigns
- By Derek B. Johnson
- Oct 31, 2019
A Federal Elections Commission-sanctioned nonprofit group has announced partnerships with a number of companies to offer free or cheap cybersecurity services to candidates running for federal office.
The group, Defending Digital Campaigns, announced a suite of services that will be made available to campaigns, including end-to-end encryption services from Wickr, IT security training services from Cybrary, email security services from Area1 and managed security services from GRA Quantum.
Michael Kaiser, who was named CEO of the group in the same announcement, said the services are meant to help campaigns deal with some of the most common digital threats, from phishing attacks and email compromise to data theft or loss of campaign donor information, polling data and other sensitive data. The unique role that these campaigns play as “elemental pieces” of democracy mean they are going to be the subject of more targeted and determined attacks from hackers.
“While the attackers might be the same – we will definitely see nation states and cyber criminals and hacktivists – their motivations to attack a specific campaign would be greater than, say, an attacker who is probing networks, looking for someone who didn’t patch for the latest version of Windows,” said Kaiser. “That’s one of the reasons this is so important – these people have huge targets on them.”
The FEC issued an advisory opinion in May granting a waiver to the group to offer cybersecurity services to political campaigns at little or no cost, something that traditionally would run afoul of campaign finance laws. The offerings will be available to all federal campaigns that qualify for the general election ballot or meet one of the following criteria: House candidates who have raised at least $50,000, Senate candidates who have raised $100,000 and presidential candidates polling above 5% in national polls.
Wickr CEO Joel Wallenstrom said that in previous cycles, attempts to offer the company’s services ran into road blocks from skeptical campaigns, who often wanted an official sign-off to everything was above board. He said the FEC opinion could serve that purpose and help to get organizations on board early and fast.
“What we’re talking about here is speed, and speed in security is incredibly important,” Wallenstrom told FCW. “That’s the thing that excites me the most. We probably won’t have as much handwringing around ‘has anyone thought this through and is this an okay step for us to take?’”
Some of the services will be free, while others will be discounted. Kaiser was reluctant to go into specific prices or rates, but said the companies involved are exploring a variety of ways to make their products cheaper or easier to buy.
“People have been very good about sharpening their pencils, some are giving 50% off, some are giving some level of product for free,” he said. “Companies are also being creative in other ways… [with] some saying we’ll give you a shorter contract [term] so you don’t have to commit as long.”
Wallenstrom said his company would be offering its “highest level” of service to campaigns for the price of “a cup of coffee each month.”
Kaiser said it was difficult to provide an estimate of how many campaigns the group expected to work with over the next twelve months, but said he hope to work with the Republican and Democratic National Committees as well as other groups to do outreach and ensure awareness among as many campaigns as possible.
“We’re just getting started, we’re hearing from the people that we’re talking to that there’s a hunger for this,” he said. “I don’t think it will be a hard sell for people to think they need to do cybersecurity, but there may be some awareness raising and we’ll do that if we need to but we’re hoping there will be relatively large numbers [of interested campaigns].”
The group, an outgrowth of Harvard University’s Defending Digital Democracy project, was formed this year out of widespread recognition following the 2016 election that political campaigns were prime targets for compromise by foreign intelligence agencies and other bad actors. Many campaigns are understaffed, operate on shoestring budgets and lack the kind of IT expertise to go toe to toe with Russian GRU operatives.
The group also announced the addition of three new board members – former DHS official Suzanne Spaulding, LinkedIn co-founder Allen Blue and Ron Gula, founder of Gula Tech Adventures.
Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.
Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.
Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at firstname.lastname@example.org, or follow him on Twitter @derekdoestech.
Click here for previous articles by Johnson.