October 19 - 21, 2003 · Hyatt Regency Reston · Reston, Virginia, U.S.A.

EVENT MATERIALS

Speaker Presentations eFORUM Results Recommendations Webcast

eFORUM Results: 

SESSION 1.1: IMPLEMENTING TECHNOLOGY TO ADVANCE SECURITY

PERCENT
How many times in the last year has your organization been disrupted by a virus or worm?
1 Zero 30
2 One to three 46
3 Four to six 17
4 Seven to ten 4
5 More than 10 3
Does your organization use an anti-virus product?
1 Yes 96
2 No 4
What is the more significant threat to the nation's critical infrastructure in its present form?
1 Terrorists/physical threats 28
2 Hackers/cyber-crime 48
3 Equal threat 24
What is the most important thing your industry is doing or planning to do to help the U.S. government guard against this threat?
1 Increasing sending on IT security 14
2 Partnering with peer companies to improve security on a sector-wide basis 31
3 Following recommendations of government leaders/agencies 10
4 Pressuring IT providers to make their products more secure 18
5 Other 27
Is the government treating the private sector infrastructures as true partners in advancing global security?
1 Yes 38
2 No 62
A joint national level crisis coordination center should be:
1 Funded and managed by the Federal government 19
2 Funded and managed by the private sector 12
3 A jointly funded and managed autonomous federal corporation 69
SESSION 1.2: COMBATING CYBER-CRIME & CYBER-TERRORISM PERCENT
Has your organization been the target of cyber terrorism or cyber warfare?
1 Yes 36
2 No 64
Have you been asked by the government to cooperate in an investigation of a cyber terrorist or cyber warfare incident?
1 Yes 19
2 No 81
Which of the following is the biggest threat to U.S. national security?
1 Cyber attacks by terrorist organizations 47
2 Cyber attacks by nation states 18
3 Cyber attacks by organized crime rings 20
4 Natural disasters that impact computer systems 16
Has your organization ever used techniques such as hacking back" to defend against cyber attacks?"
1 Yes 18
2 No 82
Does the government have the in-house expertise to effectively combat cyber-terrorism, or does the government need to recruit persons with more expertise from the private sector?
1 Yes, the government has the expertise in-house 9
2 No, the government needs to recruit from the private sector 91
SESSION 1.3: ENGAGING THE CONSUMER PERCENT
What is the biggest risk to the consumer in doing business on the internet?
1 Someone being able to "sniff" or "capture" my credit card information 14
2 Someone tricking me into divulging my personal information on a malicious website or "spoof" e-mail 28
3 Someone sending me an e-mail with an attachment that is actually an executable program that will install spyware or a Trojan backdoor program on my computer 49
4 Other 9
In your opinion, how safe is your home computer?
1 Extremely safe 18
2 Mostly safe 47
3 Fairly unsafe 20
4 Completely vulnerable 13
5 Not sure 2
What measures do you take to secure your home computer?
1 I have updated anti-virus software and a firewall 63
2 I have updated anti-virus software only 17
3 I have a firewall only 2
4 I have anti-virus software, but I'm not sure if it's updated 12
5 None of the above 5
What is the biggest risk to your organization's network?
1 Employees opening web-based e-mail from their system 41
2 Allowing business partners to connect to internal corporate network 3
3 Allowing road warriors" to connect to internal corporate network" 12
4 Employees illegally using peer-to-peer networks for file sharing 38
5 Other 6
Have you are anyone in your family been a victim of identity theft?
1 Yes 42
2 No 58
Would you be willing to join the Federal Trade Commission's efforts by linking to www.ftc.gov/infosecurity?
1 Yes 79
2 No 21
SESSION 1.4: IMPROVING PUBLIC/PRIVATE ORGANIZATION PERCENT
Which of these factors do you view as the major challenge to improving public/private sector information sharing?
1 Regulatory and competitive issues 25
2 Fragmentation of physical and cyber-security 12
3 Need for local, national and global coordination 25
4 Costs 9
5 Developing a trust model 28
Does your company or organization participate in the information sharing community?
1 Yes 22
2 Yes, including one or more of the ones mentioned on the slide 28
3 No 41
4 Don't know 9
For private sector representatives: Which of the following concerns about a partnership with a government entity do you have?
1 Concern that we're letting the government" see too much of our internal information" 6
2 Concern that the government sector will use our sensitive information inappropriately 28
3 Concern that we as a company will derive substantially less benefit from this sharing of information than our public sector partners 33
4 Concern that a partnership with the public sector will, regardless of good intentions, expose our company to potentially uncomfortable levels of media and regulatory attention 33
For public sector representatives: Which of the following concerns apply to you and your organization?
1 Concern that you cannot or should not share sensitive information with one or more for-profit businesses 12.5
2 Concern that profit motives on the part of your private sector partners will cause inappropriate behavior on their part 12.5
3 Concern that the ability of business entities to protect sensitive information is less than it should be 12.5
4 Concern that the private sector partners will take the partnership as an opportunity to better position themselves for government dollars 62.5