Introduction
Our Approach to Cybersecurity Is Structured Around Five Pillars
1. Governance - Enhancing governance structures helps us coordinate cybersecurity efforts.
2. Management - Strengthening risk management ensures consistent efforts across UC.
3. Technology - Adopting modern technology keeps UC one step ahead of threats.
4. Environment - Fortifying our environment through information sharing guarantees dependable protection.
5. Culture - Driving culture change makes sure every stakeholder plays their part.
Cybersecurity Improves When Everyone Works Together
Our risk governance structure contains three types of groups. These groups balance knowledge of systemwide requirements with proactive customized plans of protection for each campus, health center, and lab. These groups serve the campuses, health centers and laboratories.
1. Systemwide Committees- Cyber Risk Governance Committee
- IT Leadership Council
- UC Information Security Council
- Ethics, Compliance, and Audit Services
- University Committee on Academic Computing and Communications
- UC Security Incident Response Coordination
- IT Policy and Security (ITPS)
- Leveraging Scale for Value
- Center for Data Driven Insights and Innovations
"Since joining this community, I feel more plugged into the IT security and policy and privacy initiatives going on at UC… Excellent way of sharing across UC communities… Interesting, relevant, and helps bring contextual awareness!... Always helpful and practical information."
—ITPS Member Insight
The UC Information Security Council (ISC) is one of the systemwide committees and is composed of Chief Information Security Officers (CISOs) from all UC locations, the executive ISC, and ex-officio members. Chartered by the UC Chief Information Officer (CIO) Council, the primary responsibility of the ISC is to serve as a consulting and advisory body on cybersecurity initiatives to the Systemwide CISO, UC CIO Council, Cyber-Risk Governance Committee (CRGC), Council of Chancellors, President of the UC System, and other UC Leadership. The work of ISC supports UC’s mission and drives collaborative cybersecurity initiatives that yield mutual benefits for UC locations and the UC system as a whole.
ISC Mission
To identify, prioritize, sponsor, provide expert advice, and implement programs to enhance cyber resilience of individual locations, the entire UC system, and the greater cybersecurity community.