The elections in March saw over 200,000 of the eligible NSW voters, most of who were outside the state, using the Internet to cast their votes through the iVote system.
Anticipating the increased number of voters who were likely to use the electronic system, the NSW Electoral Commission worked with IT services and solutions provider CSC to further enhance the security of its voting system.
CSC managed the security monitoring of iVote, providing advanced threat analysis and security monitoring through its Security Operations Centres.
Originally developed to allow the visually impaired to easily participate in the democratic process, iVote served voters with literacy issues, disabilities, those who live more than 20 kilometres from a polling place, or are voting from another state or country.
And, while iVote isn’t intended to replace paper based person voting, NSWEC expects a gradual increase in iVote numbers for votes which would otherwise be difficult to issue ballots to in person and/or return for counting.
According to the NSWEC, an independent survey showed that the vast majority of NSW electors used iVote where they were confident security was adequately addressed, and they were also confident that the correct candidates were elected because the separate voting channels offered by combining iVote and paper ballots were acceptably aligned at the end of the count.
“When you bring electronic voting into the mix, you have to ensure that the community will trust the outcome,” said Brightwell.
“Cybersecurity is not our business. Although it’s important for an electronic voting system, it’s not something we as an organisation would have to deal with at the level that CSC deals with on a daily basis. CSC provided us with a view of the cybersecurity landscape, and of initiatives and opportunities we can engage with to improve our security posture.”
Brightwell said that by understanding the types of threat actors that might attack the iVote®system, and the landscape in which they operate, CSC helped the NSWEC provide the secrecy, transparency and trust that voters and candidates expect.
“The threats themselves are very dynamic,” said Clinton Firth, CSC Cybersecurity general manager, Australia and New Zealand.
“Threat actors evolve through new affiliations, skills and capabilities, and they target and calibrate their actions. Our adoption of an advanced threat-based approach, which focuses on what is happening in the world, is a much better way to secure a system than relying completely on a compliance-based threat approach, which focuses on standards or regulations.”
According to Firth, with many jurisdictions thinking of adopting some form of electronic voting, the NSWEC’s use of electronic voting continues to draw national and international attention as one of the leading electoral bodies to use technology for voting in such a manner.