CISA Partner Satisfication Survey

Department of Homeland Security

Cybersecurity and Infrastructure Security Agency (CISA) Partner Satisfaction Survey

PRA Burden Statement: The public reporting burden to complete this information collection is estimated at 7 minute per response, including the time completing and reviewing the collected information. The collection of this information is voluntary. An agency may not conduct or sponsor, and a person is not required to respond to a collection of information unless it displays a currently valid OMB control number and expiration date. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to DHS/CISA. Mail Stop 0608, 245 Murray Lane SW, Arlington, VA 20598. ATTN: PRA [1670-0027].

The Department of Homeland Security (DHS) Cybersecurity Infrastructure Security Agency (CISA) is charged with enhancing the security, resiliency, and reliability of the nation's cyber, communications, and physical infrastructure, as well as with supporting DHS’s mission to manage risk. CISA comprises four divisions: Infrastructure Security Division (ISD), Cybersecurity Division (CSD), Emergency Communications Division (ECD) and National Risk Management Center (NRMC).

To identify opportunities to improve our products and services, we ask that you please take 7 minutes to complete this anonymous and voluntary survey to understand your expectations and values, so we may use the information to help us bring those expectations and values to reality. Thank you.

Please note CISA does not intend to collect any Personally Identifiable Information (PII) such as respondent contact information (names, organizations, phone numbers, email addresses). Please do not provide any PII in the open text fields.

1. Which of the following best describes you or your organization/affiliation?

2. What is your current role in your organization?

1. Federal/State/Local/Territorial/Tribal Communications or Public Safety Official

2. Firewall/Intrusion Detection System/Intrusion Prevention System (IDS/IPS) Engineer or equivalent

3. Intelligence Analyst or Intelligence Officer

4. IT Continuity, Contingency, or Disaster Recovery Analyst or equivalent

5. IT Continuity, Contingency, or Disaster Recovery Manager or equivalent

6. IT Project Manager

7. IT Security Analyst or equivalent

8. Malware/Forensic Analyst or equivalent

9. Management Analyst or Program Analyst

10. Manager for IT/Cybersecurity or equivalent

11. Operations Research Analyst

12. Physical Security Analyst or Facility Security Officer

13. Policy Analyst or Strategist

14. President/Vice President/Director/CISO/CIO

15. Quality Assurance Analyst

16. Security Operations Center (SOC) Manager or equivalent

17. SES-level Federal Employee

18. State/Local/Territorial Agency Administrator or Deputy Administrator

19. Other (Please identify)

Click here to enter text.

2. Which <enter ISD, CSD, ECD, NRMC> personnel do you partner with in your current role? (Personnel can be from multiple <enter ISD, CSD, ECD, NRMC> offices; please check all that apply).

1. <Enter titles of division personnel>

2. <Enter titles of division personnel>

3. <Enter titles of division personnel>

4. <Enter titles of division personnel>

5. <Enter titles of division personnel>

6. <Enter titles of division personnel>

7. <Enter titles of division personnel>

8. <Enter titles of division personnel>

9. <Enter titles of division personnel>

10. I am not certain which specific division(s) personnel I partner with, e.g., I only know of a specific POC(s)

(For Questions 4 to 9): The Federal Government has directed <enter ISD, CSD, ECD, NRMC>, through various federal directives and requirements, to provide <enter cybersecurity or infrastructure or communication or risk management> products and services to organizations. Please indicate your level of agreement with the following statements regarding <enter ISD, CSD, ECD, NRMC> products, services, and information sharing:

2. I am satisfied with the quality of products and services from <enter ISD, CSD, ECD, NRMC>.

1. Completely agree

2. Somewhat agree

3. Neutral

4. Somewhat disagree

5. Completely disagree

2. I am satisfied with the reliability of products and services from <enter ISD, CSD, ECD, NRMC>.

1. Completely agree

2. Somewhat agree

3. Neutral

4. Somewhat disagree

5. Completely disagree

2. I am satisfied with the timeliness of products and services from <enter ISD, CSD, ECD, NRMC>.

1. Completely agree

2. Somewhat agree

3. Neutral

4. Somewhat disagree

5. Completely disagree

2. I am satisfied with how often <enter ISD, CSD, ECD, NRMC> partners with my organization.

1. Completely agree

2. Somewhat agree

3. Neutral

4. Somewhat disagree

5. Completely disagree

2. I am satisfied with how <enter ISD, CSD, ECD, NRMC> shares information with my organization.

1. Completely agree

2. Somewhat agree

3. Neutral

4. Somewhat disagree

5. Completely disagree

2. I find <enter ISD, CSD, ECD, NRMC> products and services valuable to fulfilling my organization’s priorities.

1. Completely agree

b) Somewhat agree

c) Neutral

d) Somewhat disagree

e) Completely disagree

f) I do not know the value of <enter ISD, CSD, ECD, NRMC> products and services in fulfilling my organization’s priorities

(Please explain).

Click here to enter text.

2. For what purpose(s) do you use <enter ISD, CSD, ECD, NRMC> products and services in your current role? (Please check all that apply).

a) As indicators and/or alerts, directly in daily operations and system protection

b) Informationally, for internal risk and/or threat analysis efforts

c) Informationally, for assessment and/or performance measurement

d) Informationally, for reporting

e) Operationally, for event and/or incident planning

f) Operationally, for incident response

g) Operationally, for intrusion prevention

h) Operationally, for public safety technical assistance

i) Operationally and/or strategically, to assist in public safety interoperable communications

j) Strategically, for risk and/or threat awareness

k) Strategically, for planning

l) Other (Please explain)

Click here to enter text.

2. In what ways does <enter ISD, CSD, ECD, NRMC> share information with your organization? (Please check all that apply).

1. Direct formal partnership via DHS personnel, e.g., conferences, working groups, workshops, exercises, events, visits, and/or meetings

2. Distributed/printed media

3. Email

4. Phone

5. Information campaigns

6. Website(s) and/or web portal(s) including secure portal(s), e.g., Homeland Security Information Network (HSIN)

7. Social media platforms

8. Webinars

9. Other (Please explain)

Click here to enter text.

2. How often do you use <enter ISD, CSD, ECD, NRMC> products and services in your current role? Services can include, but are not limited to, <enter ISD, CSD, ECD, NRMC> personnel partnering with your organization to inform its governance, security management, and/or emergency communications planning. (Please select only one answer).

1. Daily

2. Weekly or bi-weekly

3. Monthly

4. Periodically, situationally, and/or ad hoc (unpredictable)

5. Never, because I am not familiar with <enter ISD, CSD, ECD, NRMC> products and services

6. Never, because I do not find <enter ISD, CSD, ECD, NRMC> products and services useful. (Please explain).

Click here to enter text.

2. What is the greatest challenge or barrier to partnering with <enter ISD, CSD, ECD, NRMC>? (Please select only one answer).

1. Lack of opportunities to actively work with <enter ISD, CSD, ECD, NRMC> to create and/or develop products and services

2. Lack of information being shared by <enter ISD, CSD, ECD, NRMC>

3. Reporting or other information shared by <enter ISD, CSD, ECD, NRMC> is not timely

4. Reporting or other information shared by <enter ISD, CSD, ECD, NRMC> lacks sufficient context

5. Lack of knowledge regarding an appropriate <enter ISD, CSD, ECD, NRMC> POC(s) to partner with

6. Necessity for a security clearance to access <enter ISD, CSD, ECD, NRMC> products and services

7. Lack of an adequate feedback loop for your organization to offer comments and/or suggestions to <enter ISD, CSD, ECD, NRMC> on its products and services

8. Time constraints of your organization and/or of <enter ISD, CSD, ECD, NRMC>

9. Other (Please explain)

Click here to enter text.

2. How can your organization benefit more from the products and services <enter ISD, CSD, ECD, NRMC> provides? (Please check all that apply).

1. Reduce impact to your organization when responding to <enter cyber or infrastructure> attacks and other <enter cyber or infrastructure> security incidents

2. Increased networking opportunities

3. Increased and/or more robust information exchanges

4. Greater awareness of <enter cyber or security> risks and/or threats facing your organization

5. Heightened awareness of what <enter ISD, CSD, ECD, NRMC> does

6. Greater ability to put a face with a name in terms of <enter ISD, CSD, ECD, NRMC> personnel you interact with

7. Enhanced ability to meet your organization’s goals

8. Increased opportunities for providing feedback to <enter ISD, CSD, ECD, NRMC> e.g., in-person, through surveys

9. Other (Please explain)

Click here to enter text.