Nationwide Cyber Security Review
What is NCSR?
The NCSR, or Nationwide Cyber Security Review, is a voluntary self-assessment survey designed to evaluate cyber security management.
The Senate Appropriations Committee has requested an ongoing effort to chart nationwide progress in cybersecurity and identify emerging areas of concern. In response, the U.S. Department of Homeland Security (DHS) has partnered with the Center for Internet Security's Multi-State Information Sharing and Analysis Center (MS-ISAC), the National Association of State Chief Information Officers (NASCIO), and the National Association of Counties (NACo) to develop and conduct the NCSR.
Who can participate?
All States (and agencies), Local government (and departments), Tribal and Territorial governments.
Why should you participate?
How does it work?
When does the survey take place?
The survey will be available October 1, to coincide with National Cyber Security Awareness Month. The survey closes on November 30.
The NCSR provides participants with instructions and guidance, and additional support is available through online help, supplemental documentation and the ability to contact the NCSR helpdesk directly from the survey.
Once complete, participants will have immediate access to an individualized report that measures the level of adoption of security controls within their organization and includes recommendations on how to raise the organization’s risk awareness. In alternate years only (odd numbered years) the MS-ISAC and DHS will aggregate all review data and share a high level summary with all participants. The names of participants and their organizations will not be identified in this report. This report is provided to Congress in alternate years (odd numbered years) to highlight cyber security gaps and capabilities among our State, Local, Territorial and Tribal Governments.
The U.S. Department of Homeland Security (DHS) has partnered with the Center for Internet Security’s (CIS) Multi-State Information Sharing and Analysis Center (MS-ISAC), the National Association of State Chief Information Officers (NASCIO), and the National Association of Counties (NACo) to develop the Nationwide Cyber Security Review.
DHS is responsible for safeguarding our Nation’s critical infrastructure from physical and cyber threats that can affect national security, public safety, and economic prosperity. NPPD leads DHS’s efforts to secure cyberspace and cyber infrastructure. For additional information, please visit www.dhs.gov/cyber.
NASCIO’s mission is to foster government excellence through quality business practices, information management, and technology policy. Founded in 1969, the National Association of State Chief Information Officers (NASCIO) is a nonprofit, 501(c)3 association representing state chief information officers and information technology executives and managers from the states, territories, and the District of Columbia. The primary state members are senior officials from state government who have executive-level and statewide responsibility for information technology leadership. State officials who are involved in agency level information technology management may participate as associate members. Representatives from federal, municipal, international government and non-profit organizations may also participate as members. Private-sector firms join as corporate members and participate in the Corporate Leadership Council.
CIS is a nonprofit organization focused on enhancing the cyber security readiness and response of public and private sector entities, with a commitment to excellence through collaboration. CIS serves as a central resource in the development and delivery of high-quality, timely products and services to assist our partners in government, academia, the private sector and the general public in improving their cyber security posture.
MS-ISAC, a division of CIS, is the focal point for cyber threat prevention, protection, response and recovery for the nation's state, local, territorial and tribal (SLTT) governments. The MS-ISAC 24x7 cyber security operations center provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification and mitigation and incident response.
The National Association of Counties (NACo) is the only national organization that represents county governments in the United States. Founded in 1935, NACo provides essential services to the nation’s 3,069 counties. NACo advances issues with a unified voice before the federal government, improves the public’s understanding of county government, assists counties in finding and sharing innovative solutions through education and research, and provides value-added services to save counties and taxpayers money. For more information about NACo, visit www.naco.org.