TITLE 26: ELECTIONS
CHAPTER I: STATE BOARD OF ELECTIONS
PART 213 CYBER NAVIGATOR PROGRAM
SECTION 213.10 GENERAL PROVISIONS AND DEFINITIONS


 

Section 213.10 General Provisions and Definitions

 

a) The State Board of Elections shall provide by rule, after at least 2 public hearings of the Board and in consultation with the election authorities, a Cyber Navigator Program to support the efforts of election authorities to defend against cyber breaches and detect and recover from cyber-attacks. The rules shall include the Board's plan to allocate any resources received in accordance with the Help America Vote Act of 2002 (HAVA) Pub. L. No. 107252, 116 Stat. 1666 (codified at 42 USC 15301 et seq. (2002)) and provide that no less than half of any funds received shall be allocated to the Cyber Navigator Program. The Cyber Navigator Program will be designed to provide equal support to all election authorities, with allowable modifications based on need. The remaining half of the Help America Vote Act funds shall be distributed as the State Board of Elections may determine, but no grants may be made to election authorities that do not participate in the Cyber Navigator Program. (Section 1A-55 of the Code)

 

b) Definitions

 

"Board" − The Illinois State Board of Elections.

 

"Code" − The Illinois Election Code [10 ILCS 5].

 

"Compromised" − The state in which a computer system, network, or data has had its integrity, availability, or confidentiality undermined by an attacker.

 

"Cyber" − Of, relating to, or involving computers or computer networks (such as the internet).

 

"Cyber Navigator" − Cybersecurity personnel directed by the State to enhance the cybersecurity posture of election jurisdictions.

 

"Cybersecurity" − The activity, process, ability, capability, or state by which information and communications systems and the information contained in those systems are protected from, and/or defended against, damage, unauthorized use or modification, or exploitation.

 

"Cybersecurity Posture" − Overall cyber security strength, particularly as it relates to the internet and vulnerability to outside threats.

 

"Database" − A structured set of data held in a computer, especially one that is accessible in various ways.

 

"Department of Innovation and Technology" or "DoIT" − The State agency with responsibility for the information technology (IT) functions of agencies under the jurisdiction of the Governor. This term also includes the agency tasked with managing the Illinois Century Network.

 

"EI-ISAC" − The Elections Infrastructure Information Sharing and Analysis Center.

 

"Illinois Century Network" or "ICN" − A service that creates and maintains high speed telecommunications networks providing communication links to and among Illinois schools, institutions of higher education, libraries, museums, research institutions, State agencies, units of local government, and other local entities providing services to Illinois citizens.

 

"MS-ISAC" − The Multi-State Information Sharing and Analysis Center.

 

"Phishing" − The fraudulent attempt to obtain sensitive information such as usernames, password and credit card details, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.

 

"STIC" − The Statewide Terrorism and Intelligence Center

 

"Spear-phishing" − A more targeted form of phishing in which attackers first gain knowledge of their intended target and in which the intended target is a small group or individual.

 

"Whitelist" − A list of items that are granted access to a certain system or protocol. When a whitelist is used, all entities are denied access, except those included in the whitelist.

 

c) The Board will use no less than half of the funds from the 2018 HAVA Election Security Grant to implement the Cyber Navigator Program as provided in this Part.