Presentation is loading. Please wait.

Presentation is loading. Please wait.

National Computer Security Survey

Published byCody Palmer Modified over 6 years ago

Similar presentations

Presentation on theme: "National Computer Security Survey"— Presentation transcript:

1 National Computer Security Survey
SOURCE: U.S. DoJ (NCSS ESWG) (Submitted by TIA) TITLE: National Computer Security Survey AGENDA ITEM: 5.5-NGN - Cyber Security CONTACT: Ramona R. Rantala, National Computer Security Survey Ramona R. Rantala U.S. Department of Justice Bureau of Justice Statistics May 2006 GSC-11 Chicago 2006

2 "Everyone knows that cybercrime and other computer incidents are a growing problem. But no one really knows how large, how fast it's growing, or where the problems are concentrated. And you can’t manage what you can't measure. The more we know about the extent of cybercrime, the better we'll all be able to combat it." Paul Kurtz Executive Director Computer Security Industry Alliance

3 Reliable Cybercrime Data Needed
Nature of computer security incidents Prevalence by industry and type of incident Reporting to official organizations Types of offenders Monetary losses Downtime

4 Reliable Cybercrime Data
Reveals vulnerabilities Identifies best security practices Technology Policy Other security measures Informs resource allocation Federal Economic sector Company

5 Current Cybercrime Data
FTC identity theft data National Crime Victimization Survey National Prosecutors Survey Federal Justice Statistics Program National Incident-Based Reporting System CSI/FBI Computer Crime and Security Survey

6 Computer Security Survey Pilot Test
Conducted as a feasibility test Are data reportable? Will companies participate? Employed extensive cognitive testing Analyzed non-response

7 CSS Pilot Test Non-Response
Most common barriers Voluntary survey Don’t have time Less common barriers Legal/confidentiality concerns Data not available

8 CSS Pilot Test Results Of the 500 sampled companies, 42% responded
95% of respondents used computers Nearly 75% of companies with computers were victimized by cybercrime Reporting incidents to official organizations varied by type of incident Losses for 100 companies totaled $61 million and varied by type of incident

9 National Computer Security Survey
Is being conducted in partnership between U.S. Department of Justice U.S. Department of Homeland Security Is being fielded on our behalf by the RAND Corporation, a private, non-profit research organization Collects comprehensive data on computer infrastructure, security, and incidents Is designed to be representative at national and industry levels

10 Maximizing NCSS Response Rates
Endorsements Attorney General & Secretary of Homeland Security Computer security organizations Industry leaders Trade associations Project website General information Endorsers and quotes Frequently Asked Questions Contact information for DOJ, DHS, and RAND

11 Maximizing Response Rates (cont’d)
Extensive follow-up All companies in sample receive, by regular post Initial packet Reminder letter Two additional packets Largest companies also receive Phone calls Fourth packet by FedEx Industry reports

12 Maximizing Response Rates (cont’d)
Publicity Press releases Newspaper and journal articles Conference sessions Announcements Confidentiality P.L , Title V [E-Government Act of 2002, CIPSEA (Confidential Information Protection)] 44 U.S.C. § 3501 note (codifies the E-Gov Act)

13 NCSS Survey Methodology
Rigorous cognitive testing of questionnaire Scientific sample of 36,000 companies Stratified by industry and company size 5,000 certainty companies 50 largest companies in each industry All Fortune 1000 companies All companies employing more than 5,000 people 31,000 non-certainty companies Paper and Web-based survey instruments

14 Preliminary Results Roughly 3,500 mailed in February
Remaining 32,500 mailed late April Response is steady and increasing Companies are reporting all types of incidents Results are not dissimilar to Pilot Test results, but not enough data has been collected to form even preliminary conclusions

15 E-Commerce E-commerce is defined as any transaction
completed over a computer-mediated network that involves the transfer of ownership or rights to use goods or services. Examples: Taking orders for merchandise or services Transferring information or rights Paying accounts

16 E-Commerce Data Collected in NCSS
Which of the following does this company have or use? Website with e-commerce Virtual Private Network Electronic Data Interchange Internet Intranet Extranet Which of the above were used, accessed, or affected in the incidents?

17 E-Commerce Data in NCSS (cont’d)
Percentage of business transacted over Internet, Intranet, Extranet, Electronic Data Interchange, etc. Total operating revenue, sales, or receipts Percentage of this total derived from e-commerce

18 Contact Ramona Rantala Statistician DOJ/DHS NCSS Program Manager
U.S. Department of Justice Bureau of Justice Statistics (202)

Download ppt "National Computer Security Survey"

Similar presentations

FOREIGN DIRECT INVESTMENT STATISTICS IN TURKEY MENA/OECD TASK FORCE ON FDI STATISTICS NOVEMBER 9, 2006 İSTANBUL Yeşim Şişik Balance of Payment Division.

FOREIGN DIRECT INVESTMENT STATISTICS IN TURKEY MENA/OECD TASK FORCE ON FDI STATISTICS NOVEMBER 9, 2006 İSTANBUL Yeşim Şişik Balance of Payment Division.
NACARA Annual Conference Industry Perspectives Panel September 29,2014 Boise, Idaho Andy Madden Director State Government Affairs ACA International.

NACARA Annual Conference Industry Perspectives Panel September 29,2014 Boise, Idaho Andy Madden Director State Government Affairs ACA International.
CSI 2005 Computer Crime Survey Put together by J. Scott, 2006 Using Graphics and Text from the Published CSI/FBI 2005 Crime Survey.

CSI 2005 Computer Crime Survey Put together by J. Scott, 2006 Using Graphics and Text from the Published CSI/FBI 2005 Crime Survey.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 1 2009 Security Mega Trends Survey Independently conducted by Ponemon Institute.

Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page Security Mega Trends Survey Independently conducted by Ponemon Institute.
Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202) 353-7848.

Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202)
B2B Why Organizations Buy: Business-to-Business Markets and B2B E-Commerce.

B2B Why Organizations Buy: Business-to-Business Markets and B2B E-Commerce.
Canada’s 2006 Census Online Experience MSIS 2008 Luxembourg, April 7-9, 2008 Karen Doherty Director General Informatics Branch Statistics Canada.

Canada’s 2006 Census Online Experience MSIS 2008 Luxembourg, April 7-9, 2008 Karen Doherty Director General Informatics Branch Statistics Canada.
Current Surveys of Wholesale and Retail Trade An Overview of the Wholesale and Retail Programs Timothy Winters Service Sector Statistics Division 17 June.

Current Surveys of Wholesale and Retail Trade An Overview of the Wholesale and Retail Programs Timothy Winters Service Sector Statistics Division 17 June.
Today’s Strategic Imperative: E-Business Jeremy Malley BSAD – 145 Ch. 3 20 February 2002.

Today’s Strategic Imperative: E-Business Jeremy Malley BSAD – 145 Ch February 2002.
Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.
Thursday, February 10, 20001 Management of Information Systems: 45-870 Mini-3 Spring 2000.

Thursday, February 10, Management of Information Systems: Mini-3 Spring 2000.
COMM 1010 Presentation By: Gina Haws Information for the presentation obtained from EVERYTHING YOU SAY, POST OR DO ON THE INTERNET CAN PUT YOU AT RISK.

COMM 1010 Presentation By: Gina Haws Information for the presentation obtained from EVERYTHING YOU SAY, POST OR DO ON THE INTERNET CAN PUT YOU AT RISK.
House Committee on Business and Industry House Bill 2002 - Implementation of Closed Account Notification System Texas Department of Banking April 22, 2008.

House Committee on Business and Industry House Bill Implementation of Closed Account Notification System Texas Department of Banking April 22, 2008.
Private, Secure, Guaranteed ACH Credits – The Next Generation of Online Payments Samantha Carrier, Director, eCommerce, NACHA.

Private, Secure, Guaranteed ACH Credits – The Next Generation of Online Payments Samantha Carrier, Director, eCommerce, NACHA.
“ Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds” Federal Committee for Statistical Methodology (FCSM)

“ Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds” Federal Committee for Statistical Methodology (FCSM)
The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.

The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.
BITS Proprietary and Confidential © BITS 2003. Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
1 Computer Security Survey (CSS) Workshop Thomas L. Mesenbourg Assistant Director for Economic Programs Bureau of the Census April.

1 Computer Security Survey (CSS) Workshop Thomas L. Mesenbourg Assistant Director for Economic Programs Bureau of the Census April.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

Similar presentations

Ads by Google