Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Projects Cyber Risk Analytics

Cybersecurity Risk Analytics CRA

Cyber Incident Data Analysis Repository (CIDAR)

OMB Control #0693-0043

Expiration Date:   06/30/2025

A Federal agency may not conduct or sponsor, and a person is not required to respond to, nor shall a person be subject to a penalty for failure to comply with an information collection subject to the requirements of the Paperwork Reduction Act of 1995 unless the information collection has a currently valid OMB Control Number.  The approved OMB Control Number for this information collection is 0693-0043.  Without this approval, we could not conduct this survey/information collection.  Public reporting for this information collection is estimated to be approximately 45 minutes per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the information collection.  All responses to this information collection are voluntary. Send comments regarding this burden estimate or any other aspect of this information collection, including suggestions for reducing this burden to the National Institute of Standards and Technology (NIST) at: 100 Bureau Drive, Gaithersburg, MD, 20899, Attn: Hung Trinh, or [email protected].

Additional Informed Consent Information

The Cyber Incident Data Analysis Repository (CIDAR) is a proof-of-concept research and educational resource for anonymously sharing, storing, aggregating, and analyzing cyber incident data to inform cyber risk management practices. This resource could enable information sharing among the Federal government and enterprise risk owners to facilitate awareness of current and historical cyber risk conditions and longer-term cyber risk trends to enhance cyber risk mitigation strategies. 

The survey is intended for organizations that benefit from a trusted cyber incident data repository to anonymously share, store, aggregate, and analyze sensitive cyber incident data. It can be used by cyber practitioners involved in cybersecurity analysis, planning and risk management functions.

The CIDAR is cloud-based application composed of a data collection front end, a data repository, and a functional analytics component.  The data collection is in the form of a survey, which provides a series of questions for the participants to address in a secured and anonymized environment. The survey response data is stored in a relational database. The functional analytics component contains interactive graphical displays of aggregate survey data to show relationships and trends related to cybersecurity incidents.

Download the user guide and survey questionnaire and gather the necessary information. 

User Guide Download                                        Survey Questionnaire 

Once data gathering is complete proceed to the survey and respond to the questionnaire.

Survey

 

Survey Feedback Form

Additional Pages

Contacts

CRA team
[email protected]

Topics

Security and Privacy: analytics, risk management

Created September 07, 2018, Updated April 22, 2025