This free survey is powered by
12%
Exit Survey
 
 
1. 
On May 4, 2017, the outgoing Commander of the 13th Coast Guard District called out cybersecurity resilience as his greatest concern. He called for industry and government to come together and act to remedy the lack of standards for addressing the who, what, how, and when of cyber incident reporting. He spoke of the urgent need for industry and government stakeholders to develop voluntary standards and protocols before the next serious incident like Maersk (which resulted in $1 billion in losses), which could have grave consequences for critical infrastructure in our region.

This survey is designed to help us develop a baseline of current best practices and investments in cybersecurity by organizations in the Puget Sound Region. The first part (31 questions – approximately 15 minutes to complete) is required before our initial workshop in early March, and to ensure the value and efficacy of our efforts to produce a relevant and usable Concept of Operations (CONOPS) based on your input. The second, more detailed section (including first section – total of 52 questions – approximately 30 minutes to complete) is optional but can also provide your organization an opportunity for a self-assessment of the maturity of your current cybersecurity resilience and response capabilities.

Instructions: 
Please carefully complete the survey to the best of your knowledge. You may need to consult with or refer some questions to other managers or experts in your organization. At the beginning of each section we note which job functions might be best equipped to answer, listed in order of best choice (with the understanding that many organizations will not have some of the listed resources).
 
In order to complete the survey most efficiently, we recommend you download the PDF version of the survey HERE, and consult with your colleagues to answer all questions before taking the survey online. That will both give your organization a usable cyber resilience and response assessment and allow you to gather information from the right people in your organization. We invite you to use the comment section at the end of each section to add any other information you deem pertinent. Except for the first section, no questions are required, so please answer only those that you wish to. All answers are non-attributable.
 
 
 
2. Qualifying Questions
(Suggested respondent – CIO; CTO; CSO; CISO; Information Security Management; IT Management; Administrative Manager; Clerk)
 
 
3. Describe your sector
 
 
 
4. Under which critical infrastructure sector would you consider your organization?
 
 
 
5. If applicable, under which of the following categories would you consider your organization?
 
 
 
6. How many full-time employees in your organization?
 
 
 
7. Please indicate the types of high value assets your organization operates and must protect [select all that apply]
 
Finance system/wire transfer (ACH)
 
Traffic management
 
Public safety radio system
 
Human resources database
 
Health information database
 
911 call center/Public Safety Answering Point (PSAC)
 
Critical Infrastructure control systems/public works
 
SCADA systems
 
Navigation/GPS systems
 
I don't know
 
Other
 

 
 
 
8. Approximately what percentage of your staff are IT and cybersecurity personnel?
 
100%
 
90%
 
75%
 
50%
 
25%
 
10%
 
Other
 
 
 
 
9. Does your organization have full-time Information Technology (IT) employees?
 
Yes
 
No
 
 
 
10. If you answered 'No' to the last question, do you outsource any or all of your IT support?
 
Yes
 
No
 
Not applicable
 
Other
 
 
 
 
11. If you do outsource IT support, what percentage of your IT support is outsourced?
 
5-10%
 
10-25%
 
50-75%
 
75%+
 
Not applicable
 
 
 
12. Comments
   
     |