Cybersecurity Guide

Who is responsible for implementing or managing cybersecurity safeguards?

Written by Larisa RedinsLast updated:
In this guide

The question of who is responsible for cybersecurity has been hotly debated over the last few years.

While the issues involving cybersecurity and responsibility have no clear black-and-white areas to determine who is exactly responsible for what, it is clear that everyone — especially governments and corporations — needs to play a role in the fight against cybercrime.

With recent events like major data breaches and global cyberattacks, this belief is more relevant than ever. In the case of cyberattacks and data breaches, companies and organizations are often viewed as negligent for not protecting their customers’ information.

Governments also face blame when they do not or cannot stop malicious cyber activities from happening on their soil.

While it is true that everyone should play their part in the battle against cybercrime, this problem will not be solved with only one side taking action.

Furthermore, it is important to remember that cybersecurity is a constantly evolving field and it will take all of us working together to keep the internet safe from malicious attacks.

Governments and cybersecurity

Elections are a vital foundation of democracy, making them attractive targets for cyberattacks. Hackers, often linked to nation-states or politically motivated groups, use various methods to infiltrate election processes.

These include hacking voter registration databases to manipulate or delete records, penetrating election systems to potentially alter vote tallies, and spreading disinformation through social media to influence public opinion. Recent history offers sobering examples, such as the confirmed Russian interference in the 2016 U.S. presidential election and cyber disruptions in Ukraine’s electoral processes.

Learn more about Cybersecurity in federal government

Governments and election cybersecurity

While governments, in general, have a responsibility to protect infrastructure, one area where governments should have complete control of security issues is during elections. All US citizens should have the right to a free and fair election process.

Elections are the cornerstone of democracy, and voters mustn’t be falsely influenced by other countries’ meddling. Along similar lines, citizens should also feel confident in the electoral process.

Cybersecurity experts should look at all areas of potential breaches, including voter registration lists, voting machines, electronic vote-counting systems, etc. This would ensure that there are no security gaps in the election system. 

Citizens also have the right to be confident in election results. There should be a transparent and reliable process that ensures audits of the vote count are conducted both quickly and carefully.

There is no guarantee that cyberattacks or meddling in elections will stop, so government officials need to come up with ways to work together on this issue.

This requires working across all levels of government to ensure a safe election process.

Example of election cyberattacks

In September 2023, a municipal election system in a Midwestern U.S. state suffered a hacking attempt. Cybercriminals exploited a vulnerability in a third-party software supplier used to manage voter registration databases.

  • What Happened: Malware was injected into a routine software update.
  • Detection: Unusual data access patterns triggered an alarm within a few hours.
  • Response: CISA collaborated with the state’s cybersecurity division to isolate the malware and conduct forensic analysis.
  • Impact: No votes were altered, but the breach caused delays and heightened voter anxiety.

This incident highlighted vulnerabilities not only within government systems but also the need for private sector vigilance.

How do hackers infiltrate a state’s election infrastructure?

Phishing of Election Officials
Cybercriminals send deceptive emails or messages to election workers, tricking them into revealing login credentials or clicking malicious links. With stolen credentials, attackers can gain unauthorized access to voter databases, election management systems, or voting machines.

Malware Deployment
Hackers install malicious software onto election infrastructure, such as voting machines or voter registration systems. Malware can alter, delete, or steal sensitive data, cause system malfunctions on Election Day, or covertly gather intelligence for future operations.

Supply Chain Attacks
Adversaries target third-party vendors that provide critical software, hardware, or services to election authorities. By compromising trusted suppliers, hackers introduce vulnerabilities into election systems before they are delivered or installed, making detection and prevention more difficult.

Distributed Denial of Service (DDoS) Attacks
Attackers overwhelm voter information portals, official election websites, or state reporting systems with excessive traffic. The goal is to make sites slow or inaccessible, causing voter confusion, delaying results, and eroding public confidence in the election process.

Misinformation Campaigns
Cyber actors spread false information through social media platforms, fake news websites, and automated bot networks. These campaigns aim to manipulate voter perception, suppress turnout, and cast doubt on the legitimacy of the election by promoting misleading or divisive narratives.

How can these incidents be prevented?  

Air-Gapping Voting Machines
Voting machines should be air-gapped, meaning they are disconnected from the internet and external networks. This isolation minimizes the risk of remote hacking attempts and prevents unauthorized access to voting data, ensuring more secure election processes.

Penetration Testing
Regular penetration testing simulates real-world cyberattacks to uncover vulnerabilities within election systems. By identifying weaknesses in advance, election officials can patch flaws and improve system defenses before attackers exploit them.

Multi-Factor Authentication (MFA)
Implementing MFA strengthens access control by requiring multiple forms of verification, such as a password and a fingerprint or token. This reduces the likelihood of unauthorized access to sensitive election systems, even if login credentials are compromised.

Encryption
Encrypting all election data, both in transit and at rest, ensures that intercepted or accessed information remains unreadable without the decryption key. This protects the integrity and confidentiality of voter data, preventing tampering or misuse.

Vendor Management
Election authorities should carefully vet third-party vendors that provide election technology and services. Regular audits and security assessments ensure that vendors maintain high cybersecurity standards and reduce risks from supply chain vulnerabilities.

Public Reporting
Transparency in reporting cybersecurity threats and incidents builds public trust. Governments should share accurate, timely information about potential breaches or attacks while avoiding panic and maintaining confidence in the electoral process.

How to keep government staff safe from attacks

During periods of heightened tension, threat actors may attempt to exploit staff and anybody who is part of the election process. Threat actors may utilize a variety of assault techniques, such as phishing and social engineering, to steal sensitive data.

Individuals who are in managerial or executive roles, as well as those who directly support them, are more likely to be targets of these assaults, as their data is readily accessible.

Individuals may also unintentionally expose information that hackers can use to compromise electoral processes. All personnel, particularly election officials, must exercise caution when providing any details about their positions.

Mandatory cybersecurity training should be given to those who are engaged in election procedures as part of the government’s overall risk management process.

Phishing and social engineering attacks should be identified during the training. Established methods for keeping people safe from these attacks should be implemented as well.

Other ways the government is improving cybersecurity

After high-profile cyber hacking incidents, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity in May 2021. Its main objectives are as follows:

  •  To improve tech security at the federal level by making IT systems stronger 
  • To improve the cybersecurity of federal contractors
  • To establish baseline security standards for developing software sold to the government.
  • Information technology companies should be required to disclose cybersecurity issues and remove legal barriers to communicating with government entities.

With this Executive Order, the government hopes to make it more difficult to hack into government and government contractor systems. 

It also requires IT providers to disclose any cybersecurity breaches and makes it easier for them to work with the government.

Corporations and cybersecurity responsibility

Corporations in vital sectors like finance, healthcare, energy, and technology are entrusted with substantial amounts of sensitive data, making them significantly responsible for cybersecurity.

This responsibility includes protecting customer and employee information, actively identifying and reducing cyber risks, developing thorough plans for responding to security incidents, and complying with regulations like GDPR (Europe), HIPAA (USA), and SOX (USA).

Major Cyberattacks Corporations Have Encountered

How Corporations Safeguard Themselves

Implementing cybersecurity frameworks: This involves the active adoption of robust and recognized frameworks such as ISO 27001, the NIST Cybersecurity Framework, and the CIS Controls to establish a comprehensive security foundation.
Encrypting data: A fundamental security practice that necessitates the strong encryption of sensitive data both when it is stored on systems (at rest) and when it is being transmitted across networks (in transit) to prevent unauthorized access.
Employee training: Regular and comprehensive training programs are crucial to educate employees on how to identify increasingly sophisticated phishing attempts and the importance of diligently securing their usernames and passwords.
Deploying AI and machine learning: Leveraging advanced technologies like Artificial Intelligence and Machine Learning to enhance the organization’s ability to proactively detect potential cybersecurity threats and automate incident response processes for quicker mitigation.
Regular security audits and penetration tests: Conducting routine and thorough security audits to evaluate the effectiveness of existing security controls and performing penetration tests to actively identify and address any vulnerabilities that could be exploited by malicious actors.

Individuals and personal cybersecurity responsibility

At a personal level, individuals need to be aware of the risks associated with cybersecurity. Cybersecurity can be compromised not only by external actors but also through internal negligence and carelessness.

Individuals must understand the risks associated with using devices, sharing information online, and conducting any form of online business. 

Learn more about internet safety resources

As a general rule, it’s better for individuals not to provide personal details unless they are sure of who is receiving them. Along similar lines, information about passwords, PINs, or bank account details should only be given when necessary.

In short, individuals need to be vigilant about their cybersecurity concerning what they share online.

Individuals should not rely on companies and the government to keep them safe. Cybersecurity must be everyone’s responsibility. In general, people should do the following to keep themselves safe online:

  • Use strong and unique passwords for each website or account.
  • Only log in through trusted devices (such as your computer at home).
  • If you receive an email from Amazon saying that there has been unusual activity on your Amazon account, do not click the link in that email. Instead, go to Amazon directly
  • Use multi-factor authentication where available. This adds an extra layer of security by requiring more than one factor (e.g., password and email verification) to access accounts.
  • Keep software up-to-date on all devices so that important patches are installed as soon as possible after they are announced. Hackers love to take advantage of holes in software that are not patched.
  • Avoid public Wi-Fi hotspots. Hackers can easily sit on a network and steal private information, including user names, passwords, credit card numbers, etc.
  • Clear the browser cache after each browsing session. Attackers can exploit the cache to gather information about your browsing habits.
  • Pay attention to domain names. URLs that include variations in spelling or a different domain can be decoys to trick people into entering personal information.
  • Ensure your antimalware software is up-to-date and active. Antimalware software will protect devices from malicious sites, security holes, viruses, ransomware, etc.

Overall, individuals play an important role when it comes to protecting themselves and their data online.

The onus isn’t just on the government and companies that store our data: each needs to take some responsibility too.

Are the government, corporations, and individuals all responsible for cybersecurity?

Cybersecurity is a shared responsibility that requires coordinated efforts from governments, corporations, and individuals.

Governments must lead with robust policies and defenses, corporations must protect their systems and users, and individuals must practice vigilant cybersecurity habits.

Learn more about cybersecurity in critical industries

The stakes — whether protecting an election, personal data, or a nation’s critical systems — have never been higher. By understanding the shared responsibilities and learning from recent examples, societies can build stronger, more resilient defenses against the growing threat landscape.

Frequently asked questions

What is cybersecurity responsibility?

Cybersecurity responsibility refers to the duty of individuals, organizations, and governments to protect digital assets, networks, and information from cyber threats. This encompasses implementing security measures, practicing safe online behaviors, and ensuring data protection.

Why is cybersecurity everyone’s responsibility?

Cyber threats can come from anywhere and impact anyone. From individuals to large corporations, everyone can be a victim of cyberattacks. By taking shared responsibility, we can build a stronger and more resilient digital ecosystem.

How can individuals take responsibility for their cybersecurity?

To protect yourself from cyber threats, regularly update software and apps, use strong, unique passwords, enable multi-factor authentication, be wary of suspicious emails and links, and stay informed about the latest cyber threats.

How do organizations ensure cybersecurity responsibility?

Organizations can protect themselves from cyber threats by implementing strict security policies, conducting regular security audits, educating employees about cybersecurity best practices, investing in robust security software and hardware solutions, and collaborating with cybersecurity professionals and experts.

What role do governments play in cybersecurity responsibility?

Organizations can protect themselves from cyber threats by implementing a comprehensive cybersecurity program that includes policies, audits, education, technology, and collaboration.

What are the consequences of neglecting cybersecurity responsibility?

Consequences can range from personal data breaches, financial losses, and identity theft for individuals to significant financial and reputational damage for organizations. At a national level, security breaches can affect critical infrastructure and national security.

How often should I update my cybersecurity measures?

Regular updates are crucial. It’s recommended to monitor for software patches or security updates at least monthly. However, staying informed about the latest threats and adapting strategies accordingly is an ongoing process.

Sources