\u00a0 I\u2019m not usually a complainer, but I\u2019m tired of receiving security surveys. They\u2019ve become almost like spam, and in some ways worse. For a variety of reasons, I\u2019ve gotten to the point where I just delete the e-mails or throw the official-looking, color glossy ones in the trash. \u00a0For loyal readers, I\u2019ll get back to cyber ethics next time, but I can\u2019t resist a short blog to complain about the number of IT survey requests\u00a0we receive. Since I\u00a0know I\u2019m not the only one getting these, I thought I\u2019d better express my concerns. Here\u2019s a few points to ponder:1)\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Most of these come via e-mail from companies I\u2019ve never heard of nor hear from again. Who\u2019s to say these aren\u2019t bad guys? They may claim to represent someone else, but ....2)\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 They often ask very detailed questions about incidents, vulnerabilities, architectures, tools, etc. My thoughts: I\u2019m not going to tell you that. I don\u2019t even tell some internal people about that stuff.3)\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 They\u2019re often marketing ploys to sell you something or get their foot in the door.4)\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Many times they offer you a free tee shirt, pen, or maybe even a $25 dollar Starbucks card. Please. Are you willing to give away \u201cgovernment confidential information\u201d or even less important info for being entered into a drawing? Is this basically a sophisticated phishing technique? How many people bite?5)\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Sometimes they try to make you feel special to lower your guard. They may even offer you an exclusive \u201cwhite paper\u201d or free research for your time. Consider this (slightly modified) e-mail:\u00a0\u201cDear Colleague,XYZ Research is conducting a short 3 minute online survey to learn how IT Professionals like you are managing their desktop systems and security. For your participation in this research poll we will send you a free copy of the final report prepared by XYZ Research.We are only sending this invitation to a small group of thought leaders who are senior executives and who have been referred to us for participation.\u201dI wonder how many people got the same message? Now the hard part. I realize that my attitude is not good news for the \u201cserious survey information seekers,\u201d like the CSI\/FBI Computer Crime Survey. How are certain organizations going to get real numbers and industry metrics? How are the \u201cThink Tanks\u201d going to tell us about industry security trends if we don't fill these out? There are exceptions, but not 1-2 a week!\u00a0 My view is that you\u2019d better know who you\u2019re dealing with, what they\u2019re doing with the info, and how this affects your job. Your name and information may not really be anonymous. Even with\u00a0numerous caveats, I still think the risks are often too high to fill these security surveys out. I now answer\u00a0very few.I'd like to hear the vendor perspectives on these. Can we reach\u00a0some type of truce? I doubt it, since\u00a0CSOs are inundated with vendor e-mail and phone calls as well.\u00a0I say these may be worse than spam, since they are more directed and\u00a0sometimes require more thought before I hit the delete button. In reality, that's now changing.\u00a0\u00a0\u00a0I\u2019d really like to hear how you deal with these surveys and your reasoning for filling them out or not.