Cybersecurity

Analysis: Warren and Booker most cyber-aware 2020 candidates

Democratic Sens. Elizabeth Warren (Mass.) and Cory Booker (N.J.) are the 2020 presidential candidates with the highest level of cybersecurity awareness, according to an industry report released on Monday, with former tech entrepreneur Andrew Yang ranking last. 

Both Warren and Booker received an A-, while Yang scored a D+. Sen. Amy Klobuchar (D-Minn.) and former Vice President Joe Biden also scored badly, with Klobuchar receiving a C, and Biden a C-. 

Other top scorers included Sen. Bernie Sanders (I-Vt.), with a B+, and President Trump, who received a B grade. 

{mosads}The findings come from a “report card” compiled by website security group SiteLock on 12 of the top 2020 presidential candidates. SiteLock evaluated cyber awareness based on how integrated cybersecurity was in a candidate’s platform, how often the candidate discussed it, and the actions taken in relation to cybersecurity by the candidate.

Some of the factors SiteLock used to make these evaluations were whether a candidate had ever been involved in a data breach, whether campaign email addresses had been found on the dark web, if the candidate had publicly supported legislation on cybersecurity issues and whether the candidate had a published privacy policy on their campaign website. 

SiteLock also scanned candidate websites to ascertain how at-risk they were to cyberattacks, finding that 58 percent of the candidates’ sites use out-of-date software.

“Technically, anything short of perfect cybersecurity awareness practices should be viewed as a security flaw because it only takes a single vulnerability to fall victim to a bad actor,” SiteLock wrote in a blog post announcing the report card findings. “The fact that not one candidate can be credited with a perfect score proves that cybersecurity awareness is an overlooked issue.”

SiteLock noted that Warren “rose to the top” of the awareness ranking in large part due to her “advocacy for stronger cybersecurity practices,” particularly in regards to securing elections. 

Warren described U.S. elections in a blog post for Medium in June as “less secure than your Amazon account,” and laid out a plan for overhauling the U.S. voting system in order to heighten security. 

Booker also included strengthening election security as part of his national security platform, vowing to “protect our democracy from foreign interference” if elected. Almost all of the other candidates scored by SiteLock have either prioritized or discussed the need to shore up election security.

SiteLock wrote that Trump would have received a higher grade had Trump International Hotels not been involved in three data breaches between 2016 and 2017 and if cybersecurity was part of his 2020 platform. Trump’s reelection website does list steps taken by the Trump administration to combat cyber threats, including providing cybersecurity assistance to states during elections.

{mossecondads}The remaining candidates scored by SiteLock included former Housing and Urban Development Secretary Julián Castro and former Rep. Beto O’Rourke (D-Texas), both of whom received a B; Sen. Kamala Harris (D-Calif.), who received a B-; and former Massachusetts Gov. Bill Weld (R) and South Bend, Ind., Mayor Pete Buttigieg, both of whom received a C+. 

SiteLock wrote that “none of the candidates we audited have mastered a fully secure online presence alongside a strong cybersecurity platform as a candidate, though a few came close.”

The company noted that Harris’s score had been boosted due to her support of cybersecurity legislation while serving in the Senate and as the California attorney general. 

Harris’s campaign was also the only one of those scored to use a “CAPTCHA” on an email form, which cuts down on threats from bot accounts by requiring the sender to verify they are human by checking a box and typing out text. 

SiteLock wrote that it notified each campaign of its findings prior to the report card’s release and said that while it received “minimal” feedback, some unnamed campaigns expressed the belief that not having CAPTCHA sign up forms did not present a major cybersecurity risk.

SiteLock noted that while a candidate scoring low on cybersecurity awareness does not mean their campaign is “doomed” on the issue, it is something that the American public is increasingly zeroing in on.

“As our world becomes more connected, the need for a leader who will champion the issue only becomes more urgent,” SiteLock wrote. “Keep a close eye on your 2020 candidates to see how they rise to the challenge.”