2001 COMPUTER SECURITY SURVEY CS-1 DUE DATE:

Please download to get full document.

View again

of 8
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Information Report
Category:

Networking

Published:

Views: 0 | Pages: 8

Extension: PDF | Download: 0

Share
Related documents
Description
OMB No. 0607-0725: Approval Expires: 08/31/2004 FORM CS-1 U.S. DEPARTMENT OF COMMERCE (7-31-2002) Economics and Statistics Administration U.S. CENSUS BUREAU…
Transcript
OMB No. 0607-0725: Approval Expires: 08/31/2004 FORM CS-1 U.S. DEPARTMENT OF COMMERCE (7-31-2002) Economics and Statistics Administration U.S. CENSUS BUREAU 2001 COMPUTER SECURITY SURVEY Acting As Collecting Agent For BUREAU OF JUSTICE STATISTICS U.S. DEPARTMENT OF JUSTICE DUE DATE: RETURN COMPLETED FORM TO: U.S. CENSUS BUREAU 1201 East 10th Street Jeffersonville, IN 47132-0001 OR FAX TO: 1–888–300–5192 For assistance, call 1–800–227–1735 Monday through Friday 8:00 a.m. to 5:00 p.m. EDT OR E-mail: css@census.gov (Please correct any errors in name, address and ZIP Code) NOTICE OF CONFIDENTIALITY – Your report to the Census Bureau is confidential by law (Title 13, Section 9 of the U.S. Code). It may be seen only by persons sworn to uphold the confidentiality of Census Bureau information and used only for statistical purposes from which no firm may be identified. The law also prohibits the sharing of your data with other agencies, exempts the information you provide from requests made under the Freedom of Information I. COMPUTER SECURITY CONCERNS Act, and ensures that your responses are immune from legal 1. What are the top three computer security concerns for process, including copies retained in your files. this company? Mark (X) three. 101 Please refer to the enclosed instructions before completing the survey. 01 Embezzlement 02 Fraud SURVEY SCOPE – This survey collects data on the type and 03 Theft of proprietary information frequency of computer security incidents in which a computer was 04 Denial of service (to Internet connection or e-mail service) used as the means of committing a crime against the company. 05 Vandalism or sabotage (electronic) REPORTING ENTITY – Report consolidated figures for DOMESTIC 06 Computer virus OPERATIONS of this company, including all DIVISIONS, 07 Other intrusion or breach of computer systems SUBSIDIARIES and LOCATIONS. If this company changed its 08 Misuse of computers by employees (Internet, e-mail, etc.) operational status prior to or during the reporting period, see instructions. 09 Unlicensed use or copying (piracy) of digital products – software, music, motion pictures, etc. – developed for resale REPORTING PERIOD – The reporting period for this survey is calendar year 2001. If 2001 calendar year figures are not available, 10 Other – Specify please use fiscal year 2001 data. ESTIMATES are acceptable. Page 2 II. COMPUTER INFRASTRUCTURE AND SECURITY 2a. In 2001, what types of computer networks did this 3b. In 2001, how much did this company spend on the types company use? For this survey, company means DOMESTIC of computer system security OPERATIONS, including all DIVISIONS, SUBSIDIARIES and technology identified in 3a? Mil. Thou. Dol. LOCATIONS. Mark (X) all that apply. ESTIMATES are acceptable. 206 $ 201 EXCLUDE personnel costs. 01 Local area network (LAN) 02 Wide area network (WAN) c. What percentage of this company’s total 2001 Information 03 Process control network (PCN) Technology budget did this company spend on the types of computer system security technology identified in 3a? 04 Virtual private network (VPN) ESTIMATES are acceptable. 05 Electronic Data Interchange (EDI) Round to nearest whole percent. 207 % 06 Wireless network (e.g., 802.11) 07 Internet d. In 2001, was the amount this company spent on the types 08 Intranet of computer system security technology identified in 3a 09 Extranet more, less or about the same compared to the amount 10 Stand-alone PCs (not on LAN) spent in 2000? Mark (X) only one. 208 11 Company has no computers – (Skip to 20, page 8.) 01 More 12 Don’t know 02 Less b. In 2001, how many servers did this 03 About the same/did not change company have? 202 Number 04 Don’t know c. In 2001, how many individual PCs and e. In 2001, what computer security services did this company workstations did this company have? 203 Number contract out to a third party? Mark (X) all that apply. 209 d. In 2001, which of the following types of access to its 01 Evaluation of vulnerability networks did this company support? Mark (X) all that apply. 02 Intrusion/penetration testing of computer security 204 03 Installation of computer security 01 Remote dial-in access 04 System administration of computer security 02 Access to networks through Internet 03 Wireless access to e-mail 05 Other – Specify 04 Wireless access to Internet 06 None; all computer security was done in-house 05 Wireless access to this company’s other networks 07 Don’t know 06 Publicly accessible website WITHOUT e-commerce capabilities 07 Publicly accessible website WITH e-commerce capabilities 4a. In 2001, what types of computer security practices did this company have? Mark (X) all that apply. 08 Other – Specify 210 09 None of the above 01 Business continuity program for computer systems 10 Don’t know 02 Disaster recovery program for computer systems 03 Corporate policy on computer security 3a. In 2001, what types of computer system security technology did this company use? Mark (X) all that apply. 04 Regular review of system administrative logs 205 05 Periodic computer security audits 01 Anti-virus software 06 Formal computer security audit standards 02 Biometrics 07 Training employees in computer security practices 03 Digital certificates 08 Other – Specify 04 E-mail logs/filters 09 None of the above 05 System administrative logs 10 Don’t know 06 Encryption 07 Firewall 08 Intrusion detection system b. If this company had a computer system business continuity or disaster recovery program, was it tested, 09 One-time password generators (smartcards, tokens, keys) used in an emergency situation and/or updated in 2001? 10 Passwords (changed every 30 or 60 days, etc.) Mark (X) all that apply. 211 11 Other – Specify 01 Tested 12 None; no computer security 02 Used in emergency situation 13 Don’t know 03 Updated 04 None of the above 05 Don’t know 06 Not applicable FORM CS-1 (7-31-2002) Page 3 NOTICE OF CONFIDENTIALITY — Your report to the Census Bureau is confidential by law (Title 13, Section 9 of the U.S. Code). It may be seen only by persons sworn to uphold the confidentiality of Census Bureau information and used only for statistical purposes from which no firm may be identified. See page 1 of this survey for more details. III. TYPES OF COMPUTER SECURITY INCIDENTS The questions in this section pertain to computer security incidents against this company, where the word incident refers to any unauthorized access, intrusion, breach, compromise or use of this company’s computer systems. Computer security incidents may be committed by people either inside or outside the company and include embezzlement, fraud, theft of proprietary information, denial of service, vandalism, sabotage, computer virus, etc. EXCLUDE incidents of unlicensed use or copying (piracy) of digital products – software, music, motion pictures, etc. – developed by this company for resale. These should be reported in Question 18, page 8. Please do NOT duplicate information. If an incident can be classified under multiple categories, report it under the FIRST applicable category. For example, if proprietary information was stolen or copied by means of computer fraud, report it under fraud and do NOT include it under theft of proprietary information. ESTIMATES are acceptable. 5. EMBEZZLEMENT 6. FRAUD Embezzlement is the unlawful misappropriation of money or other Fraud is the intentional misrepresentation of information or things of value, BY THE PERSON TO WHOM IT WAS ENTRUSTED identity to deceive others, the unlawful use of credit/debit card (typically an employee), for his/her own use or purpose. or ATM, or the use of electronic means to transmit deceptive INCLUDE instances in which a computer was used to wrongfully information, in order to obtain money or other things of value. transfer, counterfeit, forge or gain access to money, property, Fraud may be committed by someone inside or outside the financial documents, insurance policies, deeds, use of rental cars, company. various services, etc., by the person to whom it was entrusted. INCLUDE instances in which a computer was used by someone inside or outside the company in order to defraud this company a. Did this company detect any incidents in which a computer of money, property, financial documents, insurance policies, was used to commit embezzlement against this company deeds, use of rental cars, various services, etc., by means of in 2001? forgery, misrepresented identity, credit card or wire fraud, etc. 301 302 Number EXCLUDE incidents of embezzlement. Report these in 5. 01 Yes How many incidents were detected? 02 No – (If No, skip to 6.) a. Did this company detect any incidents in which someone inside or outside this company used a computer to commit b. How many of these incidents were reported to law fraud against this company in 2001? enforcement, FedCIRC, ISAC or CERT? INCLUDE incidents 308 309 reported to local, State or Federal law enforcement, the Federal Number 1 01 Yes How many incidents were detected? Computer Incident Response Center, the Information Sharing and Analysis Center or the 02 No – (If No, skip to 7, page 4.) CERT Coordination Center. 303 Number b. How many of these incidents were reported to law enforcement, FedCIRC, ISAC or CERT? INCLUDE incidents c. For the incidents in 5a, were any of the suspected reported to local, State or Federal law enforcement, the Federal offenders employed by this company at the time of the Computer Incident Response Center, the Information Sharing and incident? Analysis Center or the 304 CERT Coordination Center. 310 Number 01 Yes In how many incidents? 305 Number 02 No c. For the incidents in 6a, were any of the suspected 03 Don’t know offenders employed by this company at the time of the incident? d. What was the dollar value of 311 money or other things taken Mil. Thou. Dol. 01 Yes In how many incidents? 312 Number by embezzlement in 2001? ESTIMATES are acceptable. 306 $ 02 No 03 Don’t know e. What other monetary losses and costs were incurred in 2001 due to these incidents? ESTIMATES are acceptable. INCLUDE the cost of diagnosis, repair and replacement such as d. What was the dollar value of money or other things taken Mil. Thou. Dol. labor, hardware, software, etc. If possible, include the estimated value of downtime, lost productivity, by fraud in 2001? ESTIMATES are acceptable. 313 $ income from lost sales, labor or fees for legal or investigative work, etc. EXCLUDE costs associated solely Mil. Thou. Dol. with the prevention of future 307 $ incidents. FORM CS-1 (7-31-2002) Page 4 III. TYPES OF COMPUTER SECURITY INCIDENTS – Continued 6. FRAUD – Continued 8. DENIAL OF SERVICE e. What other monetary losses and costs were incurred in Denial of service is the disruption or degradation of an Internet 2001 due to these incidents? ESTIMATES are acceptable. connection or e-mail service that results in an interruption of the INCLUDE the cost of diagnosis, repair and replacement such as normal flow of information. Denial of service is usually caused by labor, hardware, software, etc. If possible, include the estimated ping attacks, port scanning probes, excessive amounts of value of downtime, lost productivity, incoming data, etc. income from lost sales, labor or fees for legal or investigative work, etc. INCLUDE incidents in which a virus, worm or Trojan horse was EXCLUDE costs associated solely Mil. Thou. Dol. the cause of the denial of service. with the prevention of future 314 $ incidents. a. Did this company detect any incidents of denial of service (a noticeable interruption of its Internet connection or e-mail service) in 2001? 7. THEFT OF PROPRIETARY INFORMATION 323 322 Yes How many incidents were detected? Number Theft of proprietary information is the illegal obtaining of designs, 01 plans, blueprints, codes, computer programs, formulas, recipes, 02 No – (If No, skip to 9, page 5.) trade secrets, graphics, copyrighted material, data, forms, files, lists, personal or financial information, etc., usually by electronic copying. b. In 2001, how many of these incidents of denial of service were caused by a virus, worm or Trojan horse? 324 Number EXCLUDE incidents which resulted in embezzlement or fraud. Report these in 5 or 6, page 3. c. How many of these incidents in 8a were reported to law EXCLUDE incidents of unlicensed use or copying (piracy) of digital enforcement, FedCIRC, ISAC or CERT? INCLUDE incidents products – software, music, motion pictures, etc. – developed by reported to local, State or Federal law enforcement, the Federal this company for resale. Report these in 18, page 8. Computer Incident Response Center, the Information Sharing and Analysis Center or the CERT Coordination Center. 325 Number a. Did this company detect any incidents in which someone inside or outside this company used a computer in order to obtain proprietary information from this company in 2001? d. For the incidents in 8a, were any of the suspected 315 316 offenders employed by this company at the time of the Number incident? 01 Yes How many incidents were detected? 326 02 No – (If No, skip to 8.) 01 Yes In how many incidents? 327 Number 02 No 03 Don’t know b. How many of these incidents were reported to law enforcement, FedCIRC, ISAC or CERT? INCLUDE incidents e. What was the total duration (in hours) of the incidents of reported to local, State or Federal law enforcement, the Federal denial of service indicated in 8a? Computer Incident Response Center, the Information Sharing and Analysis Center or the INCLUDE downtime needed for repairs. 328 Hours CERT Coordination Center. 317 Number f. How many of these incidents of denial of service resulted in the company taking some action c. For the incidents in 7a, were any of the suspected to restore the level of service? 329 Number offenders employed by this company at the time of the incident? 318 g. How much was spent in 2001 to recover from these 01 Yes In how many incidents? 319 Number incidents of denial of service? ESTIMATES are acceptable. INCLUDE the cost – both internal and external – of diagnosis, 02 No repair and replacement such as 03 Don’t know labor, hardware, software, etc. EXCLUDE costs associated solely Mil. Thou. Dol. with the prevention of future d. What was the dollar value of incidents. 330 $ proprietary information taken Mil. Thou. Dol. by theft in 2001? 320 $ h. What other monetary losses and costs were incurred in 2001 ESTIMATES are acceptable. due to these incidents? ESTIMATES are acceptable. INCLUDE the estimated value of e. What other monetary losses and costs were incurred in 2001 downtime, lost productivity, income Mil. Thou. Dol. due to these incidents? ESTIMATES are acceptable. from lost sales, labor or fees for 331 $ INCLUDE the cost of diagnosis, repair and replacement such as legal or investigative work, etc. labor, hardware, software, etc. If possible, include the estimated value of downtime, lost productivity, i. How many of the incidents in 8a resulted in recovery costs income from lost sales, labor or fees or other monetary losses and costs for legal or investigative work, etc. reported above? 332 Number EXCLUDE costs associated solely Mil. Thou. Dol. with the prevention of future 321 $ incidents. FORM CS-1 (7-31-2002) Page 5 III. TYPES OF COMPUTER SECURITY INCIDENTS – Continued 9. VANDALISM OR SABOTAGE (ELECTRONIC) 9. VANDALISM OR SABOTAGE (ELECTRONIC) – Continued Vandalism or sabotage (electronic) is the deliberate or malicious damage, defacement, destruction or other alteration of h. What other monetary losses and costs were incurred in electronic files, data, web pages, programs, etc. 2001 due to these incidents? ESTIMATES are acceptable. INCLUDE actual losses such as the value of lost information. INCLUDE incidents of destructive viruses, worms, Trojan INCLUDE the estimated value of downtime, lost productivity, income Mil. Thou. Dol. horses, etc. from lost sales, labor or fees for 344 $ EXCLUDE incidents of alteration which resulted in fraud. legal or investigative work, etc. Report these in 6, page 3. i. How many of the incidents in 9a a. Did this company detect any incidents in which files, resulted in recovery costs or other data, web pages or any part of its computer systems monetary losses and costs reported above? 345 Number were electronically vandalized or sabotaged in 2001? 333 334 01 Yes How many incidents were detected? Number 02 No – (If No, skip to 10.) 10. COMPUTER VIRUS A computer virus is a hidden fragment of computer code which propagates by inserting itself into or modifying other programs. b. How many of these incidents of vandalism or sabotage were caused by a destructive INCLUDE viruses, worms, Trojan horses, etc. virus, worm or Trojan horse? 335 Number EXCLUDE incidents in which viruses caused excessive c. How many of these incidents in 9a were reported to law amounts of incoming data, resulting in denial of service. enforcement, FedCIRC, ISAC or CERT? INCLUDE incidents Report these in 8, page 4. reported to local, State or Federal law enforcement, the Federal Computer Incident Response Center, the Information Sharing EXCLUDE incidents of destructive viruses, worms, Trojan and Analysis Center or the horses, etc. Report these in 9. CERT Coordination Center. 336 Number a. In 2001, did this company intercept any computer viruses before they could infect any part of its computer systems? d. For the incidents in 9a, were any of the suspected offenders 346 employed by this company at the time of the incident? EXCLUDE incidents in which an employee inadvertently executed 01 Yes  a virus. 02 No  – (Continue with 10b.) 337 03 Don’t know  01 Yes In how many incidents? 338 Number 02 No b. Did this company detect any viruses which infected any part 03 Don’t know of its computer systems in 2001? EXCLUDE viruses already reported in this survey. 347 e. How many of these incidents of vandalism or sabotage in 9a resulted in the downtime of this company’s servers, routers, 01 Yes How many incidents of virus infections were switches, individual PCs/workstations detected? Count EACH DISTINCT INFECTION as a or websites? INCLUDE downtime needed separate incident, even if for repairs. 339 Number caused by the same virus. 348 Number 02 No – (If No, skip to 11, page 6.) f. What was the total downtime (in hours) of each of the following due to these acts of vandalism or sabotage? c. How many of these incidents were reported to law INCLUDE downtime needed for repairs. enforcement, FedCIRC, ISAC or CERT? INCLUDE incidents reported to local, State or Federal law enforcement, the Federal 1) Downtime of company websites/ Computer Incident Response Center, the Information Sharing web servers 340 Hours and Analysis Center or the 2) Downtime of servers, routers or switches CERT Coordination Center. 349 Number EXCLUDE downtime of websites/ web servers. 341 Hours d. For the incidents in 10b, were any of the suspected 3) Downtime of individual PCs/workstations offenders employed by this company at the time of the EXCLUDE network-wide downtime reported incident? EXCLUDE incidents in which an employee inadvertently above. 342 Hours executed a virus. 350 01 Yes In how many incidents? 351 Number g. How much was spent in 2001 to recover from these incidents of vandalism or sabotage? ESTIMATES are acceptable. 02 No INCLUDE the cost – both internal and external – of diagnosis, 03 Don’t know repair and replacement such as labor, hardware, software, etc. EXCLUDE costs associated Mil. Thou. Dol. solely with the prevention of future incidents. 343 $ FORM CS-1 (7-31-2002) Page 6 III. TYPES OF COMPUTER SECURITY INCIDENTS – Continued 10. COMPUTER VIRUS – Continued 11. OTHER COMPUTER SECURITY INCIDENTS – Continued e. What was the total number of infections for each of the b. Please briefly describe these computer security incidents. following due to the computer virus incidents in 10b? 361 1) Number of server, router or switch infections 352 Number 2) Number of in
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks