There is no "national democratic infrastructure" for US elections. Anyone who thinks there is, is simply wrong. There is a hodgepodge of 50 state secretaries of state, hundreds of county or other regional boards of election, and probably several dozen commercial vendors of equipment and software used to record and count votes, record voter registrations and maintain voter registration information, and assist in management of election day precinct operations. Some of the software involved might well have been developed by state or local government IT personnel with varying skills operating under management of varying quality. The 51 top-level election officials (assuming the District of Columbia, although not a state, also has one) vary in their management skills and understanding of the IT and other issues involved, may or may not have capable advice from their staffs, and may just possibly be affected by political considerations, since the great majority of them are statewide elected officials.
The time for panic, as well as the time for providing resources to firm up security of this rather messy infrastructure, so called, is long past. At this point, three months before election day, it is too late to make more than minor changes to either the equipment and software or the procedures to be used for the upcoming election. All in all, it is a bit of a mess.
The good news, if any, is that in many places, perhaps most, no more than minor changes are necessary to ensure relatively smooth operation, and there probably is time to make them without a lot of additional public expense. For instance:
Isolate registration data to be used for official purposes from the Internet as much as possible; back it up early and often, not to the cloud; and guard it well. Use printed copies for precinct level voter verification (essentially eliminating the risk that programs used for the purpose are corrupted).
Monitor Internet connected services for unauthorized activity. Solicit, and hopefully obtain, monitoring by the federal government to augment local monitoring.
Insist on hand or courier delivery of firmware/software updates for equipment used in connection with election operations, and on appropriate checksums, manually verified after delivery by election officials representing several political parties.
Control and establish a manual audit trail of all access to equipment and software used in election management and operations. As a minimum requirement, cover access ports with serial numbered seals that cannot be removed without destruction whenever they are not in use, and maintain a manual paper audit record of the serial numbers used for each system, either by or witnessed by several officials not all of whom are of the same political party. Removal and replacement of seals for authorized port access to be similarly witnessed and placement of new seals similarly recorded with each access to a port. Optionally, dispense with such seals and disable ports not required for operation or maintenance by relatively permanent means like filling them with epoxy filler.
Double down on warnings to all election personnel about social engineering (and hope against the available evidence that they pay attention and act appropriately).
None of these is very costly to implement and many of them probably already are used in various places. Collectively, they would go quite a ways toward mitigating the undeniable vulnerabilities of existing election systems. For now, discussion of major changes to election systems, and provision of the necessary funding, should be directed at the election cycle of 2020, which begins in under two years..