Disputed Fact
CISA’s Cyber Risk Assessment depicts U.S. election infrastructure as a highly networked, variably secured critical infrastructure ecosystem with persistent, exploitable weaknesses, while the EAC’s election system oversight is narrowly product centric, episodic, and largely detached from those systemic cyber risk realities. Unlike other critical infrastructure systems, there are no failure modes and effects analyses performed on election systems nor is there any substantive analysis of their supply chain.
Citations
CISA Cyber Risk Assessment: https://drive.google.com/file/d/1nkO-5TLaDIXxkwMM4qv7uayGb-g9K9wX/view?usp=sharing
Assessment of EAC Assertions Regarding Electronic Voting Systems, https://electioncrimebureau.com/the-security-of-electronic-voting-systems-in-the-u-s/