Election Security Spotlight - What is Malicious Domain Blocking and Reporting (MDBR)?
MDBR logs create valuable insights used in security decision-making with your IT partner. The log reports provide an overview of what was blocked and the number of connection attempts. These metrics allow you to take actions such as tailored employee security training or removing infected devices from your network.
Why you should use MDBR
Malware finds its way into organizations through links in phishing emails and dangerous ads on websites. Even with safe internet browsing and email practices, mistakes can happen when interacting with malicious domains. As an added layer of defense from human error, MDBR protects election systems from multiple threats, including disruption of service, data theft, and financial damage.
Malicious cyber attacks commonly occur in different stages spread out over time. If malware gets through your first line of defense and infects an election office device, it may attempt to connect to additional domains. MDBR will stop these connections, preventing further harm. Malicious Domain Blocking and Reporting Plus (MDBR+) provides even more coverage with quick-to-configure and easy-to-deploy cloud-based secure PDNS service. MDBR+ is offered by the Center for Internet Security (CIS) in partnership with industry leader Akamai.
MDBR logs create valuable insights used in security decision-making with your IT partner. The log reports provide an overview of what was blocked and the number of connection attempts. These metrics allow you to take actions such as tailored employee security training or removing infected devices from your network. MDBR protected members by blocking over 48.5 million requests in 2021.
How to get started at no-cost
- If you do not have an IT partner, you can email [email protected] for technical assistance with security tools.
- If you have an IT partner, ask them if your office is using a domain blocking solution, or “DNS filtering.”
- The MDBR sign up and connection process is simple and easy for current EI-ISAC members:
- Enter your email at https://learn.cisecurity.org/e/799323/2022-02-11/qsqnh/259438208?h=4xQCYsotAx16hDeQRATD2aqaaxAxSo-TynMcD4RPKTs
- Provide contact information to receive technical support and reports.
- EI-ISAC sends you instructions to connect.
The EI-ISAC Cybersecurity Spotlight is a practical explanation of a common cybersecurity concept, event, or practice and its application to Elections Infrastructure security. It is intended to provide EI-ISAC members with a working understanding of common technical topics in the cybersecurity industry. If you would like to request a specific term or practice that may be of interest to the elections community, please contact [email protected].