National Computer Security Survey

Slides:



Advertisements
Similar presentations
FOREIGN DIRECT INVESTMENT STATISTICS IN TURKEY MENA/OECD TASK FORCE ON FDI STATISTICS NOVEMBER 9, 2006 İSTANBUL Yeşim Şişik Balance of Payment Division.
Advertisements

NACARA Annual Conference Industry Perspectives Panel September 29,2014 Boise, Idaho Andy Madden Director State Government Affairs ACA International.
CSI 2005 Computer Crime Survey Put together by J. Scott, 2006 Using Graphics and Text from the Published CSI/FBI 2005 Crime Survey.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page Security Mega Trends Survey Independently conducted by Ponemon Institute.
Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202)
B2B Why Organizations Buy: Business-to-Business Markets and B2B E-Commerce.
Canada’s 2006 Census Online Experience MSIS 2008 Luxembourg, April 7-9, 2008 Karen Doherty Director General Informatics Branch Statistics Canada.
Current Surveys of Wholesale and Retail Trade An Overview of the Wholesale and Retail Programs Timothy Winters Service Sector Statistics Division 17 June.
Today’s Strategic Imperative: E-Business Jeremy Malley BSAD – 145 Ch February 2002.
Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.
Thursday, February 10, Management of Information Systems: Mini-3 Spring 2000.
COMM 1010 Presentation By: Gina Haws Information for the presentation obtained from EVERYTHING YOU SAY, POST OR DO ON THE INTERNET CAN PUT YOU AT RISK.
House Committee on Business and Industry House Bill Implementation of Closed Account Notification System Texas Department of Banking April 22, 2008.
Private, Secure, Guaranteed ACH Credits – The Next Generation of Online Payments Samantha Carrier, Director, eCommerce, NACHA.
“ Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds” Federal Committee for Statistical Methodology (FCSM)
The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
1 Computer Security Survey (CSS) Workshop Thomas L. Mesenbourg Assistant Director for Economic Programs Bureau of the Census April.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
Development of a Framework on Statistics and Indicators on ICT and Electronic Commerce in the Philippine Statistical System by Francisco K. Mallion.
Using the Dun & Bradstreet (D&B) Database as a Sampling Frame for Company Surveys Sarah Cotton, Anil Bamezai.
Aware the Effect of Social Network For 1 Malaysia’s Safety Towards A Healthy Virtual Socialization.
Modernization and Reengineering of the Census of Governments Presented at the State Data Center Annual Training Conference Lisa Blumerman Governments Division.
Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA.
Settling the Frontier: The Convergence and Impact of Privacy and Security Practices Chris Israel Deputy Assistant Secretary for Technology Policy U.S.
SOCIAL DEVELOPMENT CANADA 1 Measuring the Non-Profit and Voluntary Sector in Canada Civil Society Excellence: International Seminar on Strategies and Agreements.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
Larry Clinton Operations Officer Internet Security Alliance
United Nations Statistics Division Work Programme on Economic Census Vladimir Markhonko, Chief Trade Statistics Branch, UNSD Youlia Antonova, Senior Statistician,
Better Care, Lower Costs Value-Driven Health Care Gordon Woodrow Regional Director U.S. Department of Health and Human Services.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
David A. Olive General Manager, Fujitsu Limited WITSA Public Policy Chairman WITSA Public Policy Meeting Athens, Greece May 15, 2005 Global Public Policy.
The face of eCommerce The popular image of eCommerce is that of a splashy web page, full of products and advertisements. In fact, that web page is the.
Information Security Officer Meeting
Explain the nature of decision support system.(DSS)
Cyber Insurance Risk Transfer Alternatives
PILOT SCHOOL PRINCIPAL EVALUATION
Measuring e-commerce - the Eurostat and OECD approach and the Statistics Finland experience Aarno Airaksinen Regional Workshop, Strengthening.
The Marketing Research Industry
Washington Group on Disability Statistics (WG16)
Logistics Management System Solutions
Melissa McBee Anderson Ethan Via Federal Bureau of Investigations
Conversely Mixed Mode in the Swedish Crime Survey Sanna Wallin, researcher The Swedish National Council for Crime Prevention Thank you! It’s very nice.
IAB/PwC Internet Advertising Revenue Report Detailed Analysis
Anna Długosz Central Statistical Office of Poland
COMPILATION OF DISTRIBUTIVE TRADE STATISTICS IN UGANDA
The 4th Industrial Revolution (4IR)
B2B E-Commerce Chapter 2.
Information Security Footprint.
Protective Security Advisor Program Brief
Chapter 1 Getting Started Understandable Statistics Ninth Edition
The Financial Impact of Cyber Risk 50 Questions Every CFO Should Ask
Combating Cybercrime: Tools and Capacity Building for Emerging Economies WSIS 2015, Geneva Jinyong Chung May 25, 2015.
NERC Cyber Security Standard
Background to the development of a European Victimisation Survey
PPSO (Joint) Presentation on RFID Activities & Projects
Cybercrime and Canadian Businesses
HIGHLIGHTS FROM THE 2017 CUSTOMER RAGE SURVEY:
Quality, efficiency and productivity: a challenge for official statistics EFTA/CROSTAT/EUROSTAT Strategic Management Seminar, Split, November 2007.
Forensic and Investigative Accounting
Project on translating and testing a victimisation survey module
Secondary Marketing Data
Changes in the Canadian Census of Population Program
Mini Research Project Evaluating Sources.
Noncommercial partnership «National Rental Association»
Benefits Plus Staff Overview
Figuring out CyberSecurity Return On Investment
PRODCOM Working Group JMO M November 2012
ECONOMIC SECURITY COMPONENT OF CIP: Roles of Industry and Government U
Presentation transcript:

National Computer Security Survey SOURCE: U.S. DoJ (NCSS ESWG) (Submitted by TIA) TITLE: National Computer Security Survey AGENDA ITEM: 5.5-NGN - Cyber Security CONTACT: Ramona R. Rantala, Ramona.Rantala@usdoj.gov National Computer Security Survey Ramona R. Rantala U.S. Department of Justice Bureau of Justice Statistics May 2006 GSC-11 Chicago 2006

"Everyone knows that cybercrime and other computer incidents are a growing problem. But no one really knows how large, how fast it's growing, or where the problems are concentrated. And you can’t manage what you can't measure. The more we know about the extent of cybercrime, the better we'll all be able to combat it." Paul Kurtz Executive Director Computer Security Industry Alliance

Reliable Cybercrime Data Needed Nature of computer security incidents Prevalence by industry and type of incident Reporting to official organizations Types of offenders Monetary losses Downtime

Reliable Cybercrime Data Reveals vulnerabilities Identifies best security practices Technology Policy Other security measures Informs resource allocation Federal Economic sector Company

Current Cybercrime Data FTC identity theft data National Crime Victimization Survey National Prosecutors Survey Federal Justice Statistics Program National Incident-Based Reporting System CSI/FBI Computer Crime and Security Survey

Computer Security Survey Pilot Test Conducted as a feasibility test Are data reportable? Will companies participate? Employed extensive cognitive testing Analyzed non-response

CSS Pilot Test Non-Response Most common barriers Voluntary survey Don’t have time Less common barriers Legal/confidentiality concerns Data not available

CSS Pilot Test Results Of the 500 sampled companies, 42% responded 95% of respondents used computers Nearly 75% of companies with computers were victimized by cybercrime Reporting incidents to official organizations varied by type of incident Losses for 100 companies totaled $61 million and varied by type of incident

National Computer Security Survey Is being conducted in partnership between U.S. Department of Justice U.S. Department of Homeland Security Is being fielded on our behalf by the RAND Corporation, a private, non-profit research organization Collects comprehensive data on computer infrastructure, security, and incidents Is designed to be representative at national and industry levels

Maximizing NCSS Response Rates Endorsements Attorney General & Secretary of Homeland Security Computer security organizations Industry leaders Trade associations Project website General information Endorsers and quotes Frequently Asked Questions Contact information for DOJ, DHS, and RAND

Maximizing Response Rates (cont’d) Extensive follow-up All companies in sample receive, by regular post Initial packet Reminder letter Two additional packets Largest companies also receive Phone calls Fourth packet by FedEx Industry reports

Maximizing Response Rates (cont’d) Publicity Press releases Newspaper and journal articles Conference sessions Announcements Confidentiality P.L. 107-347, Title V [E-Government Act of 2002, CIPSEA (Confidential Information Protection)] 44 U.S.C. § 3501 note (codifies the E-Gov Act)

NCSS Survey Methodology Rigorous cognitive testing of questionnaire Scientific sample of 36,000 companies Stratified by industry and company size 5,000 certainty companies 50 largest companies in each industry All Fortune 1000 companies All companies employing more than 5,000 people 31,000 non-certainty companies Paper and Web-based survey instruments

Preliminary Results Roughly 3,500 mailed in February Remaining 32,500 mailed late April Response is steady and increasing Companies are reporting all types of incidents Results are not dissimilar to Pilot Test results, but not enough data has been collected to form even preliminary conclusions

E-Commerce E-commerce is defined as any transaction completed over a computer-mediated network that involves the transfer of ownership or rights to use goods or services. Examples: Taking orders for merchandise or services Transferring information or rights Paying accounts

E-Commerce Data Collected in NCSS Which of the following does this company have or use? Website with e-commerce Virtual Private Network Electronic Data Interchange Internet Intranet Extranet Which of the above were used, accessed, or affected in the incidents?

E-Commerce Data in NCSS (cont’d) Percentage of business transacted over Internet, Intranet, Extranet, Electronic Data Interchange, etc. Total operating revenue, sales, or receipts Percentage of this total derived from e-commerce

Contact Ramona Rantala Statistician DOJ/DHS NCSS Program Manager U.S. Department of Justice Bureau of Justice Statistics (202) 307-6170 Ramona.Rantala@usdoj.gov

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.