From the Brennan Center
Federal, State and Local funders should provide consistent support to maintain, secure and regularly upgrade election system infrastructure as needed.
Election Jurisdictions should conduct regular audits, penetration tests and threat assessments of all websites, networks, firewalls and election systems.
When vulnerabilities are identified, make needed changes and apply basic cybersecurity best practices across systems.
Require state voter registration databases to meet the NIST cybersecurity framework.
All voting machines should be software independent and auditable. Currently, this means all systems should use voter marked paper ballots.
Require all voting machines to have an airgap requirement and no way to connect to the internet.
Pre and post-election auditing for all voting machines.
Conduct Logic and Accuracy testing on 100% of voting machines before an election.
Compare statistical sample of voting system totals to hand counts of paper ballots to minimize chance that outcome changing failure was missed.
Conduct and report audit results in public.
Ensure that if audit finds error, error can be fixed before certification of results.
Ban electronic return of voted ballots
Have a contingency plan and election day failsafe in place in every polling place in case of registration list or voting machine failure.
Work with the EAC to develop test reports and standards before buying or employing e-pollbooks.
Require election system vendors to report any cybersecurity breach to their facilities.