Cyber Safe Elections: Protecting democracy and your residents in the digital age

By Carlos Saavedra - November 07, 2025

Municipal elections are more than a civic milestone. They are a test of trust. As technology becomes central to voting and communication, municipalities face growing challenges from cyber threats, misinformation, and infrastructure vulnerabilities. Our Cyber Safe Elections webinar brought together experts from municipal IT, law enforcement, cybersecurity, and risk management to share practical strategies for safeguarding democracy. Here is what you need to know. 

Why election security matters now 

Cybersecurity is no longer just an IT issue. It is a public confidence issue. When systems fail or information is compromised, the impact goes beyond technical disruption. It erodes trust in the democratic process. With the 2026 municipal elections approaching, municipalities need to act now to protect their digital infrastructure and reassure residents. 

James Lin, Manager of IT Security for Halton Region, captured the stakes clearly: “It is basically an attack on our democracy.” The goal is often reputational damage or disruption rather than simple financial gain. 

The top threats facing election systems 

  1. Ransomware remains a primary risk. Ben Barnes, Director of Cloud Operations, GHD Digital, noted that ransomware “has remained at the top of the list for some time, and with the empowerment of AI, it is still seen as the number one trend.” Attackers are moving faster than ever. Nate Matthew, Detective Constable, Cyber Crime, for Halton Region, explained that where dwell time (time of penetration to time of detection) used to be six to eight months, it is now measured in days or even hours.
  2. Denial of service is surging. Election reporting is a prime target. James warned, “Come election night, if reporting stalls, there is a huge open-ended question around what is happening with your election systems.” Ben added that volumetric DDoS activity shows a “53 percent increase year over year,” often starting at full force to overwhelm services all at once.
  3. Hardware-level exploits are emerging. Nate shared a frontline example: “We are seeing exploits happening at the hardware level. In one case, an unpatched Cisco router had its CPU compromised. Even if you reset the device, the persistence does not go away.” The lesson is simple. Asset inventories and patching programmes must include all devices, not just servers and endpoints. 

Building trust in an age of misinformation 

Cybersecurity is only part of the challenge. Misinformation campaigns and deepfake videos are rising sharply. Nate observed, “We see deepfake videos now on every platform, and the majority seem to be either politically based or crypto fraud based.” 

Two practical actions stood out: 

  • Educate voters early. James advised, “If you see something that stokes emotions or uses terms like ‘always’ or ‘everyone,’ think critically about what they are trying to achieve.” 

  • Monitor and respond. Ben recommended building relationships with platforms (like Meta, X) to remove false content quickly. “Maintaining relationships with platforms is incredibly important to help control the messaging.” 

Shannon Devane, Municipal Risk Manager for AMO / LAS reinforced the value of proactive communication: “Start now. Get dedicated websites up and make sure voters know where to find trusted information.” 

Internet voting, convenience with complexity 

Internet voting introduces significant risks around anonymity and vote integrity. James explained the core tension: “We have to preserve the anonymity of the voter while providing assurances that the vote was cast as intended. That opens a can of worms.” 

While privacy-preserving techniques like zero knowledge proofs may help in the future, they are not widely implemented today. For now, the panel underscored careful vendor vetting, clear documentation such as software bills of materials, and a practical fallback. As James put it, paper ballots remain a valuable contingency because they enable recounts and public confidence. 

Practical steps you can take now 

The panel highlighted several actions municipalities can implement immediately: 

  • Plan early and rehearse. “Start election planning at least a year in advance,” said Shannon. “Run tabletop exercises to test your incident response plan.” Nate added that repetition helps teams avoid redlining under pressure.

  • Separate critical systems. Where feasible, isolate election infrastructure. James shared that his team built an air gapped network and used sneaker net to publish results: “We literally sneaker netted data on a USB key to publish results.” 

  • Extend log retention. Nate recommended keeping forensic data for up to 12 months for critical environments. James noted that some security frameworks already align to this cadence, such as three months hot and nine months cold storage. 

  • Invest in accessibility. Election sites should meet WCAG 2.1 and AODA standards. Accessible, mobile friendly design helps every resident find reliable information quickly and reduces compliance risk. 

Cyber insurance is now part of cyber resilience 

A standout thread in the discussion was the role of cyber insurance. The market has shifted significantly in recent years. Shannon explained, “During the pandemic, cyber insurers’ loss ratios sat around 400 to 500 percent. Completely unsustainable.” As a result, premiums and deductibles increased, and coverage terms tightened. 

Three practical points emerged: 

  1. Confirm coverage and reporting. Do you have cyber insurance in place today and what are the reporting requirements across your policies. Shannon advised, “If you are bringing on an additional thousand laptops, that needs to be reported.” The same applies to added equipment, temporary sites, and new vendors.
  2. Understand today’s minimum controls. “First and foremost is MFA,” Shannon said. “It has to be on 100 percent of the time in every single capacity.” Insurers also ask detailed questions about vulnerability management, patch cadence, and how you triage known issues. Missing required controls can lead to exclusions or claim denials.
  3. Align your incident response with your policy. Test your plan with your breach coach and legal partners before a crisis. “You do not want to meet somebody on your worst day,” Shannon cautioned. Nate added that involving law enforcement early can unlock national and international partnerships, including access to potential decryption keys. However, once legal privilege is invoked by a breach coach, information sharing can narrow. James encouraged leaders to resolve these tensions during exercises so roles and communications are clear when it counts. 

The takeaway is that cyber insurance is not a substitute for security. It is a component of a broader resilience strategy that links controls, contracts, communications, and practice. 

Collaboration increases resilience 

Resources vary widely across municipalities. Smaller communities can struggle to meet advanced requirements on their own. James encouraged regional coordination and shared procurement: “If municipalities band together, they can negotiate better pricing and demand stronger security standards from vendors.” Regional working groups also help align communications, infrastructure policies, and mutual aid during incidents. 

Looking ahead 

Cybersecurity is a shared responsibility. Protecting elections means combining technology, communication, insurance readiness, and disciplined practice. Nate summarised the challenge plainly: “We have to be right 100 percent of the time. Threat actors only need to be right once.” 

The good news is that there is still time to act. By starting now, you can build resilience, maintain trust, and deliver a secure, accessible election experience for your community. 

Ready to put these insights into action? 

Govstack election packages are designed to help municipalities deliver secure, accessible, and high-performance election experiences. From mobile-friendly design to enterprise-grade security powered by Microsoft Azure, Govstack gives you the tools to keep voters informed and your systems resilient. Explore our packages today and secure priority onboarding before the 2026 election cycle.