Skip to content

Sharing Best Practices

A small group of students taking notes and listening to one person talk while outside on a patio talking.

"The program has exceeded my expectations. In time, we’ll achieve UC’s goal to develop an effective, broad-based, and adaptable approach to managing digital risk that both advances UC’s mission and strengthens our position as the world’s leading social-impact university."

—Van Williams, Vice President of IT and Chief Information Officer, University of California

In June 2023, UC launched the inaugural UC Tech Academy: Cyber Leadership Program for UC leaders designed to cultivate broad, diverse, and collaborative ways of thinking about man-aging digital risk. This unique program embodies the idea that cybersecurity progress means enhanced human harmonization, underscoring that it’s not solely a technological responsibility. The program aims to equip participants with a common language, a unified understanding of UC’s complex governance and management ecosystem, and a shared set of tools and skill sets for effective leadership.

The program brought together forty UC leaders from diverse areas such as information security, privacy, legal, risk, audit, compliance, law enforcement, and public safety—areas that partner with cybersecurity to manage UC digital risk. Participants attended two three-day modules at the UC Berkeley campus to learn about current and emerging cybersecurity issues, negotiation, conflict resolution, communications, and strategic thinking. UC Berkeley’s Haas School of Business, UC executives, and industry and public sector experts taught the courses.

"The participation pool was pretty diverse, which exposes everyone to a large set of diverse perspectives. We had highly talented and intelligent folks from legal, audit, compliance, public safety, and information security attend."

—Henry Jenkins, Senior Director, UC Irvine


Learn more about the Cyber Leadership Program

A woman sitting on the grass outside, working on her laptop. Behind her is a sign that reads, "WHEN I GRADUATE."

"From the projects I worked on, I’ve become more aware of how prevalent cybersecurity truly is in our everyday lives. I have even more interest in pursuing cybersecurity now that I’ve garnered a deeper understanding of the fast-paced environment that protects and benefits the population daily."

—Jade Gregory, 2023 Intern, Rising Senior at UCLA

To contribute to the future cybersecurity workforce, the Office of the President employed interns from different UC campuses in the summer. The interns worked in various disciplines and applied their skill sets to real-world projects and problems. During their time, the interns participated in multiple activities and brought fresh perspectives and innovative ideas to the team.

Jade Gregory, a senior at UCLA majoring in Data Science and Statistics, interned with the Cyber-risk Coordination Center (C3) and applied her knowledge of numbers to many projects within the group. In her second week alone, Gregory’s impact was felt after she solved a data mystery with the first Gramm-Leach-Bliley Act compliance report. “Figuring out the problem gave me the confidence I needed to be successful in this position,” Gregory said.

In her role, she attended the UC Tech conference, contributed to the systemwide cybersecurity metrics, applied data interpretation and visualization techniques for the threat detection and identification program (TDI) program reports, and summarized data for the Board of Regents.

Women are a minority in the cybersecurity field, both as an area of study and a profession. One of UC’s core values is diversity, equity, and inclusion, so partnering with an organization that supports women in cybersecurity in our student body and workforce is a natural fit. The Office of the President initiated this partnership with Women in CyberSecurity (WiCyS), an organization of nearly 8,100 members dedicated to uniting women from academia, research, and industry to share knowledge, network, and mentor others. The global nonprofit, which was started in 2013, is an important resource in helping women develop their skills and advance their careers.

This strategic partnership will help ensure that UC continues to provide opportunities to help women advance in cybersecurity throughout every stage of their careers, building a stronger, gender-diverse cybersecurity workforce and a more robust educational entity.

Learn more about WiCyS

Two men collaborating on a computer in a laboratory, engaged in research and analysis.

"The AIM program provided a wonderful opportunity to build relationships with others at sister UCs doing the same work. In addition, I was not aware of the breadth and scope of CTI. Going through with the process the team outlined has helped highlight the opportunities for improvement in how I categorize CTI-related work as well as help contribute towards those efforts at our campus."

—Don Kileen, IT Security Analyst, UC Santa Barbara

Twelve Cyber Threat Intelligence (CTI) practitioners across UC had an opportunity to enroll in the first cohort of the UC Tech Academy: Applied Intelligence Mentorship (AIM), an exciting new CTI program developed in partnership with the UC Cyber-risk Coordination Center and a third-party partner. The eight-month virtual program consisted of monthly hands-on workshops and modules where participants learned about building and refining UC locations’ CTI programs, optimizing workflows, aligning CTI initiatives with business needs, and improving systemwide communication. In addition, attendees gained insight into how to immediately implement what they learned, met peers across UC with similar settings, and developed a professional network. Since taking on threat intelligence isn’t always intuitive, the program helped teach people how to better incorporate CTI into their work.

The program’s goal is to have as many people as possible across UC understand how to leverage cybersecurity to reduce risk by staying ahead of the curve. The first cohort was a success, and the second cohort began in December 2023.

 "The program added concrete principles and approaches to CTI, which were presented in a much more holistic fashion that the many resources I’ve read and cataloged while learning about CTI over the years. While CTI resource allocation, scale, and maturity will vary greatly from organization to organization, having the underlying principles and approaches to inform the level of investment and focus is key to communicating capability and residual risk to leadership."

—Toby Barber, Information Security Architect, UC San Francisco

 "The course topics were pretty broad and covered everything from setting up a CTI program to what to look for and how to go about it. So whatever step your organization may be in the process, there is useful information."

—Miguel Salazar, Computer System Engineer, Lawrence Berkeley National Laboratory

 

Learn more about the AIM program.

"Loved the discussion with US government case studies… I gained the most valuable information by talking to other conference attendees—learning about their experiences and what they’re currently working on."

—Summit Attendee

 "The feds and lawyer talks covered some material new to me, and the case studies presented alarmed me sufficiently to do some planning."

—Summit Attendee

The excitement was palpable at the 14th Cyber Security Summit, the first in-person summit since 2019. Participants became reacquainted at the gathering, held at UCLA Carnesale Commons. More than 200 people from functional areas such as IT security, legal, procurement, compliance, and more came together to share ideas, learn from each other, and network with colleagues. The evening’s gathering was a favorite, as attendees had time to continue conversations and meet new professionals. Speakers included industry experts and sponsors who spoke about a variety of topics related to cybersecurity.

US Government Cyber Case Studies: Lessons Learned

  • Olivia Olson, Assistant Special Agent in Charge, Cyber & Counterintelligence Branch, FBI Los Angeles
  • Cameron Schroeder, Chief, Cyber & Intellectual Property Crimes of United States Attorneys’ Offices, DOJ Los Angeles

How to Develop a Security-First Mindset

  • Jenny Brinkley, Director of Amazon Security

Privacy Enhancing Technologies: From Theory to Practice

  • Dr. Rafail Ostrovsky, Norman E. Friedmann Distinguished Professor of Computer Science and Mathematics, UCLA

Law and the CISO

  • Sajjad Matin, Principal Counsel for Cybersecurity and Data Protection in the UC Office of General Counsel
  • Franklin Monsour, Jr, Partner at Orrick, Herrington & Sutcliffe LL

 Attendees: 46% were first-timers and 19% have attended 4+ summits
97% of participants were very satisfied or satisfied with the overall event
100% of participants were extremely likely or likely to attend and recommend our summits to a colleague

For more information:

An image of the web banner for the Cybersecurity Awareness Month, October 2023.

This October marked the 20th year of Cybersecurity Awareness Month, a dedicated month established by the President of the United States and Congress for government and industry together to raise cybersecurity awareness.

This year’s theme focused on protecting your digital self and your data. With increasing digital threats and evolving technologies, being aware of online risks is more important than ever. UC focused on key behaviors that people can use to protect themselves in their personal lives and at work.

UC offered more than 15 systemwide events and numerous individual UC location events to support the campaign. Events included live webinars, lectures, panel discussions, social engagement, and games. Topics included health device security, cyber leadership, cybercrime, AI, and social engineering.

Cyber Security Month Highlight: JeoparTy

Lia Grant, Assessments Security Analyst with the UC Berkeley Information Security Office, crafted a cybersecurity game called JeoparTy, based on the Jeopardy game. JeoparTy tested users’ cybersecurity knowledge of definitions, acronyms, passwords, and the internet. To add to the fun, a “Stump the CISO” version of the game tested our CISOs’ cybersecurity knowledge!

"I thought this was a fun event, and I can see how it could be used to reinforce cybersecurity concepts and create engagement. Great job!"

—Julie Goldstein, Information Security Policy Program Manager, UC Berkeley

Read more about Cybersecurity Awareness Month.

A man in a lab looking through a microscope with focused attention.

 

Phishing and stolen or compromised credentials were responsible for 16% and 15% of breaches, respectively, with phishing moving into the lead spot by a small margin over stolen credentials, which was the most common vector in the 2022 report. (Source: IBM Cost of a Data Breach Report 2023, IBM Security)

Phishing remains a major cybersecurity concern within UC, as cyberattacks become progressively more sophisticated and frequent every year. To address it, UCLA Health began running complex phishing campaigns for all 50K+ people at UCLA Health with the goal of motivating people to report phishing attempts—not just ignore them.

Luis Perez, Senior Information Security Analyst at UCLA Health, stated, “We wanted to focus on the human layer, which is often the most exploited by cybercriminals, to build a strong security culture in the organization and equip all our users with the knowledge and confidence to respond and report in the event of a real-life attack.”

The campaigns introduced more complex examples from global real-world attacks as well as other challenging scenarios, such as a simulated attack from a compromised UCLA Health email account.

Another unique aspect of the campaigns involved a targeted and tailored training approach. It allowed UCLA Health to educate, continuously remind users how to report, and reward those who reported with Cybersecurity Challenge points that increased their chances of winning raffle prizes.

The phishing campaign’s year-over-year report rates increased despite more users and higher difficulty levels. The UCLA Health fail rate remains well below the health care and education industry.

UCLA Health reported a 124% increase in reporting phishing attempts after implementing campaigns.

Groups of students sitting at tables working on their laptops in a spacious open room.

At UC Berkeley, students can prepare for the workforce and their future in many ways. One example is in the Master of Information and Cybersecurity (MICS) program, where students participate in capstone projects during their final semester to demonstrate the cybersecurity technical and professional skills acquired during the program. The capstone projects showcase core cybersecurity technical skills, understanding how cybersecurity issues impact humans, and professional skills—proficiencies that prepare students for success in the field.

The top projects receive the Lily L. Chang MICS Capstone Award, established in 2019 through a gift by Lily L. Chang. Chang is a career technologist and business leader dedicated to cultivating security professionals. She first established the Dr. James R. Chen Award in 2001 in memory of her late husband, a scholar at NASA, for the winning final project of the Master of Information Management and Systems (MIMS) program. Chang was inspired to create the capstone award when she attended UC Berkeley’s commencement and heard about the new MICS program. Previously the VP of the Strategic Transformation Office at VMware, Chang is currently on the Women Who Code Board and is an adjunct lecturer for Santa Clara University Leavey School of Business.

Receiving the Lily L. Chang Award marks the beginning of a successful journey into the cybersecurity field for MICS students.

Learn more about the Lily L. Chang Award

Two women sitting in front of an art exhibit called The Shapes Project at UC San Francisco.

"These tools, combined with our processes, enable our goal as cybersecurity professionals to safeguard our colleagues in their use of technologies in UC San Francisco’s clinical, research, business, and education missions."

—Toby Barber, Information Security Architect, UC San Francisco 

Attack Surface Management (ASM) is the continuous remediation and monitoring of cybersecurity vulnerabilities and potential attack vectors. UC San Francisco became an early adopter of ASM services when they added the capabilities to their cybersecurity monitoring program. The ASM tools continuously scanned UC assets from the perspective of an internet attacker to find vulnerabilities.

The ASM service allowed UC San Francisco to rapidly improve exposure management for their public-facing digital assets, and it also propelled the automatic discovery and assessment of their constantly evolving digital asset inventory on their network and in the cloud. These services enabled the team to quickly prioritize risk and establish mitigation strategies for their diverse technology footprint.

Organizations with an ASM solution identify and contain a data breach 24.6% faster than those without one.(Source: IBM Cost of a Data Breach Report 2023, IBM Security)

Copyright © Regents of the University of California | Terms of use