Nationwide Cyber Security Review


What is NCSR?

The NCSR, or Nationwide Cyber Security Review, is a voluntary self-assessment survey designed to evaluate cyber security management within state, local, tribal and territorial governments.

The Senate Appropriations Committee has requested an ongoing effort to chart nationwide progress in cybersecurity and identify emerging areas of concern. In response, the U.S. Department of Homeland Security (DHS) has partnered with the Center for Internet Security's Multi-State Information Sharing and Analysis Center (MS-ISAC), the National Association of State Chief Information Officers (NASCIO), and the National Association of Counties (NACo) to develop and conduct the NCSR.

Who can participate?

All States (and all agencies within), Local government jurisdictions (and all departments within), Tribal and Territorial governments.

For more information, contact:
(518) 880-0699


Why should you participate?
  • You will receive customized reports to help you understand your cybersecurity maturity, including:
    • a detailed report of your responses along with recommendations to improve your organization's cybersecurity posture; and
    • additional summary reports that gauge your cyber security measures against peers (using anonymized data) and help prioritize your effort to develop security controls.
  • Your results will serve as benchmarks to gauge your own year-to-year progress.
  • The metrics provided may assist in cybersecurity investment justifications.
  • The NCSR is completely voluntary.
  • There is no cost to participate.
  • Your participation helps provide important input to the nation's cyber risk assessment process.


How does it work?
  • The NCSR is hosted on a secure portal.
  • The NCSR relies on six escalating categories of security control maturity.
  • The levels of maturity are based on key milestone activities for information risk management.
  • The milestones are closely aligned with security governance processes and maturity indexes embodied in accepted standards and best practices.
  • The survey covers the core components of cybersecurity and privacy programs.
  • The survey is designed to be completed in about an hour.

Related Links

New! FAQs
New! NCSR Question Set with Online Help