Tools and Services
The Cyber-risk Coordination Center (C3) provides comprehensive services and tools to enhance cybersecurity across the University of California system. Collaborating with UC locations, C3 manages a robust portfolio of best-practice tools, products, and services designed to help campuses, health centers, and labs effectively manage cybersecurity, reduce risks, and respond to threats. Through strategic coordination and expert guidance, C3 equips UC locations to stay ahead of the latest cybersecurity threats, safeguarding the institution’s critical missions of education, research, healthcare, and public service.
Read more about C3's tools and services on the C3 website.
C3 Achievements 2024
90% of faculty and staff completed cybersecurity awareness training
708 Members of the IT Policy and Security (ITPS) Community
As cybersecurity threats grow more complex, service and tools capabilities are continuously enhanced to provide the most effective solutions. The service initiatives outlined in this story span various areas of cybersecurity, reflecting ongoing efforts to strengthen detection and response while also expanding targeted learning opportunities. These initiatives, some of which fall under the Threat Detection and Identification (TDI) program, showcase the advancements to improve UC’s overall security posture.
UC San Diego piloted a new, immersive training experience that allowed participants to respond to realistic cyberattack scenarios in a controlled, consequence-free environment using industry-standard tools.
The Digital Risk Leadership course content, variety of speakers, and interactive discussions were valuable. The program also emphasized that effective risk management is a shared responsibility, requiring partnership across all levels. I highly recommend it to professionals looking to deepen their understanding of digital risk management.
—Roshni Pratap, Director, Strategic Sourcing, Office of the President
This year, UC Tech Academy expanded its Digital Risk Leadership and Applied Intelligence Mentorship programs, adding more education, collaboration, and networking opportunities to support leaders in navigating emerging digital risks.
The shift in industry focus from gamified training to human-risk management marks a new approach to security awareness. This method emphasizes behavioral change and proactive risk management, signaling a meaningful evolution in training priorities.
The TDI program continues to evolve as we explore new technologies that offer enhanced features and functionalities. These advancements are designed to integrate seamlessly into UC’s infrastructure, providing more robust and adaptable solutions for managing technical risks.
As AI technology advances, UC leads discussions and initiatives through collaborative efforts, working groups, and committees. These initiatives focus on understanding and integrating AI’s role in enhancing cybersecurity and education.
We evaluate systemwide cyber metrics to gain insights into digital risk management across UC. By analyzing metrics such as percentage of endpoints with Endpoint Detection and Response (EDR), percentage of high-risk systems monitored by security, and percentage of vendors without a Vendor Risk Assessment (VRA), we’re better equipped to understand the evolving threat landscape. This helps us prioritize risks and improve decision-making to protect institutional information and IT resources.
"The Managing Human Risk course was outstanding! The course content was insightful, relevant, and contained valuable information. I especially enjoyed the lab sessions that allowed me to collaborate with my UC peers. I gained fresh ideas on how to positively impact our security awareness program at UC Santa Barbara."
Roger Padilla, Jr., CISSP, Senior Systems Engineer, Unit Information Security Lead, UC Santa Barbara
When Cecelia Finney, Manager of Systemwide Cybersecurity Awareness, Training, and Human Risk Strategy at the Office of the President, took a Managing Human Risk course in August 2023, she saw an opportunity to bring the training to UC's Cyber Champions Group. This group of security experts, including analysts, compliance professionals, engineers, developers, and CISOs, is dedicated to strengthening UC’s culture of cybersecurity. Finney recognized that the UC Human Risk Management (HRM) program could benefit from this knowledge. The training, held at UCLA on August 13-15, 2024, brought together over 20 participants, marking the first in-person meeting in nine years.
Two Primary Objectives of Training
- Empower the team with a structured approach to managing human risks at UC, focusing on practical priorities rather than theoretical concerns.
- Elevate the maturity of UC’s cyber awareness programs by effectively managing behaviors associated with these risks.
What Is Human Risk Management?
Cyber threat actors have changed their attack methods, they no longer target technology but people. Human Risk Management (HRM) is the structured approach in how organizations secure people, addressing for most organizations what is now their greatest vulnerability—their workforce.
50% of Large Enterprise CISOs will adopt human-centric security behavior and design practices to minimize human risk and maximize control adoption.
"Let’s do this!… Document everything!... What’s our next step?...I wish I would’ve followed up on my hunch..."
—Attendee Insights
The Threat Detection Response (TDR) team at UC San Diego piloted the first experience-based educational cyberattack training program provided by a third-party partner on July 29-31, 2024. The program provided a realistic, consequence-free environment designed to simulate real-world cyberattack scenarios, enabling participants to practice incident response procedures using industry-standard tools and techniques.
Participants included members of the TDR team, security, the Windows Active Directory (AD) team, and the Identity & Access Management team. During the training, facilitators set up virtual corporate networks, replicating a real-world environment, and performed advanced persistent threat (APT)-level attacks with dynamic engagement rules. The program allowed organic changes to the scenarios and enabled attendees to hone their skills against attacks.
Cheo Codda, Threat Detection & Response Manager at UC San Diego, noted that one of the training’s benefits was improved collaboration among the different security teams. While the teams work under the same umbrella of Security or the Office of Information Assurance (OIA), they usually engage with each other in more proactive endeavors. During the training, the teams worked together, improving their understanding of each other’s processes and fostering camaraderie.
Collaboration: A Key Takeaway from the Training
The AD team usually doesn’t see how the TDR team handles security incidents, so this experience gave both teams valuable insight into how others work. The insight will help the AD teams anticipate the TDR team’s needs, improving response time. In addition, the AD team’s Windows expertise helped the TDR team identify unusual activities and interpret suspicious actions, which will lead to faster resolutions in the future.