Cybersecurity Awareness Month 2023

Social Engineering, the Art of Manipulation

With Rosa L. Smothers, Senior Vice President of Cyber Operations at KnowBe4

Tuesday, October 3, 2023 / 10 AM - 11 AM

Hosted by UC San Francisco

Social engineering, in the context of information security, refers to the use of psychological manipulation to trick people into divulging sensitive information (information gathering) or performing actions (fraud, unauthorized system access.) Rosa will discuss these types of approaches, the latest scams, and ways to be a “human firewall” for UC and your digital life.

Rosa L. Smothers has over 20 years of experience in cybersecurity. She is currently senior vice president of cyber operations at KnowBe4, where she is responsible for leading KnowBe4’s Federal Practice efforts, including providing cybersecurity advisory services to civilian and military agencies within the U.S. federal government. Ms. Smothers is also responsible for providing analysis for KnowBe4’s cybersecurity research and cyber threat intelligence efforts. Having served for over a decade in the Central Intelligence Agency, Ms. Smothers is a highly decorated national security professional with extensive experience leading the planning and execution of cyber operations against terrorist and nation-state targets as well as the adoption of cutting-edge computer technology. She served as a cybersecurity analyst and technical intelligence officer in the Center for Cyber Intelligence and the Counter Terrorism Mission Center and on multiple overseas tours, to include extensive service in Iraq. She holds a B.A. in Information Studies and an M.S. in Computer Network Security. Ms. Smothers is a mentor to women and young people in cybersecurity and is a member of Women in Defense and Infragard.

Register to attend: Social Engineering, the Art of Manipulation.

Protecting Your Online Identity in the Age of Big Data and AI

Thursday, October 5, 2023 / 11:00 AM - Noon

Hosted by UC Santa Cruz

Technology is evolving at a fast pace. Although we benefit from many of its advances, new digital privacy and security risks emerge. For instance, cybercriminals are using AI-assisted tools to (1) manipulate people via convincing phishing emails and text messages and (2) impersonate people’s voice and alter their images and videos.

In this webinar, we will share with you some tips to protect your online identity, and leverage technology advances at the same time.

Diana Freed is a Fellow at the Center for Research on Computation and Society at the Harvard’s John A. Paulson School of Engineering and Applied Sciences and Harvard’s Berkman Klein Center for Internet and Society. In 2024 she will start as an assistant professor in the department of Computer Science and The Data Science Institute at Brown University. She holds a Ph.D. from the Department of Information Science at Cornell University. Her research focuses on designing, developing, and building sociotechnical systems in the context of youth interpersonal relationships, intimate partner violence, and caregiving systems. She also develops tools and resources to improve digital literacy to enable individuals to make informed choices regarding technology use and to improve understanding of digital risks and harms. Diana’s research has been recognized with an ACM CHI Best Paper Award, ACM CSCW Honorable Mention, and a CSCW paper recognition for her contribution to Diversity and Inclusion. Her research has been featured by media outlets that include The New York Times, MIT Technology Review, Wired, NPR, and Time Magazine.

Julio Poveda is a Ph.D. student in Computer Science at the University of Maryland. He does computer security and privacy research, and is a volunteer at Cornell University's Clinic to End Technology Abuse (CETA), where he helps survivors of intimate partner violence with their tech-related concerns.

Register to attend: Protecting Your Online Identity in the Age of Big Data and AI.

The State of (Passwordless) Authentication

Wednesday, October 11, 2023 / Noon - 1:00 PM

With Chad Spensky, Ph.D

Hosted by UC Santa Barbara

Recording On-Demand

The world is going passwordless and it's going to be awesome. However, navigating this new paradigm can be very confusing. In this talk, I will provide a brief history of passwords and authentication, highlighting the small wins and pitfalls along the way. Then, I will shed light on the various "passwordless" solutions and how they might shape our future. After this presentation, you will be able to confidently choose authentication solutions and increase your security posture both at home and at work.

Chad Spensky is a computer security researcher, entrepreneur, and educator who is passionate about using technology to make people’s lives easier and their digital systems more secure. He is currently the CEO of Allthenticate, a company that is revolutionizing authentication by offering an all-in-one, smartphone-based identity management and authentication solution. Chad has over 10 years of research experience and has numerous academic publications in top conferences. Formerly, he was a member of the technical research staff at MIT Lincoln Laboratory, where he helped them solve some of the Department of Defense's toughest cyber-security problems. Chad received his Ph.D. from the University of California, Santa Barbara, and is also a recipient of the prestigious IBM Ph.D. Fellowship. In addition to his academic credentials, Chad is a lifetime hacker. His hacking career started in his teenage years and has taken him to compete in some of the world's best capture the flag tournaments around the world as a member of the UCSB Shellphish hacking team. His unique blend of hacking knowledge and academic rigor make him particularly well-suited to solve complex real-world cybersecurity problems, like making authentication usable and secure.

Emerging AI Threats & Essential Safeguards: Understanding Cybersecurity in Healthcare with Elvis Chan, FBI and Pat Phelan UCSF

Hermínio Neto, Moderator
Associate Director, Marketing & Communications
UCSF Rosenman Institute
San Francisco, California

Kasper Mossman - Moderator
QB3, UC San Francisco

Thursday, October 12, 2023 / 12:30 PM - 2 PM

Hosted by UC San Francisco

Cybersecurity has rapidly evolved into a crucial concern, affecting our private lives with risks such as identity theft, and at a larger scale, national issues such as federal elections. For healthcare startups, working as scientists in academic & commercial labs, and IT departments professionals, the threat landscape is increasingly complex. Alongside traditional risks like IP theft, ransomware, and hacktivism, there’s a rising risk posed by the exploitation of generative artificial intelligence by cyber criminals Where do our vulnerabilities lie? How can we maximize our defensive strategies to protect ourselves and the organizations we serve? Join us to learn the best practices from our experts FBI’s Elvis Chan, who manages San Francisco’s Cyber Branch focusing on cyber investigations and digital forensics, and Patrick Phelan, the Chief Information Security Officer at UCSF. This webinar will provide an important opportunity to stay ahead in understanding both traditional and emerging cyber threats.

Elvis Chan is an Assistant Special Agent in Charge (ASAC) assigned to FBI San Francisco. ASAC Chan manages the field office’s Cyber Branch, which is responsible for cyber investigations, digital forensics, technical operations, community engagement, and public affairs. With over 16 years in the Bureau, he is a decorated agent who is recognized within the Intelligence Community as an election cybersecurity and cyberterrorism expert. ASAC Chan was the lead agent on significant cyber investigations and managed joint counterterrorism operations with domestic and foreign law enforcement agencies. Prior to joining the Bureau, ASAC Chan was a process development engineer in the semiconductor industry for almost 12 years. He holds two U.S. patents, presents at many technical and law enforcement symposiums, and published multiple articles in journals. ASAC Chan earned his bachelor’s degrees in chemical engineering and chemistry from the University of Washington and his master’s degree in homeland security studies from the Naval Postgraduate School.

Patrick Phelan is Chief Information Security Officer of UCSF, one of the premier academic medical centers in the country. He is responsible for the security strategy and operations that protect systems supporting the research, education, and clinical missions of the institution. A 25-year IT veteran, he is a member of several professional organizations, holds CISSP, CEH, CISM certifications, and a B.S. in computer science from UCLA.

Register to attend: Emerging AI Threats & Essential Safeguards: Understanding Cybersecurity in Healthcare.

JeoparTy!: The Cybersecurity Edition

Thursday, October 12, 2023, Noon – 1 PM

Hosted by UC Berkeley

CyberSecurity Awareness Month is here! As we kick off the month, we invite everyone to save the dates and come test their cybersecurity knowledge.  Lia Grant of the Berkeley Information Security Office will be hosting this cyber fun version of the game of Jeopardy. And stay tuned for the “Stump the CISO” version of this game, where CISOs from across the system try their hands at a slightly more difficult version of our JeoparTy game!

Register to attend: JeoparTy - The Cybersecurity Edition

Adopting Zero Trust and SASE Architectures

With Jon Green, VP and Chief Security Technologist at Aruba (an HP Enterprise Company)

Monday, October 16, 2023 /  Noon - 1 PM

Hosted by UC Santa Barbara

Recording On-Demand

Jon Green is the VP and Chief Security Technologist at Aruba, a Hewlett Packard Enterprise company. He describes himself as a Cybersecurity guy with a technical background in routing, switching, wireless, authentication, PKI, firewalls, and crypto. "I have a bunch of industry certifications, which proves that I'm good at taking multiple-choice tests. I fly airplanes, don't do CrossFit, and am a lousy but aspiring guitar and banjo player."

Zoom Security Features and New Features, with John Chiaro

Tuesday, October 17, 2023 / Noon - 1 PM

Hosted by UC Santa Barbara

Recording On-Demand

It has been another year of utilizing Zoom as our primary communication tool across the UC System. John Chiaro from Zoom will discuss some of Zoom’s new advanced security features & best practices to demonstrate how to effectively use them to keep your meetings safe and secure. In addition, she will explore some awesome new features and how to incorporate them successfully into your Zoom sessions.

John Chiaro joined Zoom about 2 years ago supporting Higher Education clients and was a Zoom user in his previous role supporting the K-12 space. he's passionate about helping those in the Education world leverage technology in the hopes of providing positive impacts in and around the classroom. John lives in the Raleigh, North Carolina area with his wife and 3 children.

JeoparTy!: The Cybersecurity Edition

Thursday, October 17, 2023, Noon – 1 PM

Hosted by UC Berkeley

CyberSecurity Awareness Month is here! As we kick off the month, we invite everyone to save the dates and come test their cybersecurity knowledge.  Lia Grant of the Berkeley Information Security Office will be hosting this cyber fun version of the game of Jeopardy. And stay tuned for the “Stump the CISO” version of this game, where CISOs from across the system try their hands at a slightly more difficult version of our JeoparTy game!

Register to attend: JeoparTy - The Cybersecurity Edition

A Tale of Two Industroyers

With Alvaro A. Cardenas, Ph.D., Associate Professor of Computer Science and Engineering at the University of California, Santa Cruz

Moderated by Cecilia Carrillo, and Liz Wright, UCSC

Thursday, October 19, 2023 / Noon - 1 PM

Hosted by UC Santa Cruz

In less than a decade, Ukraine has suffered from three cyber attacks attempting to cause electrical outages. On December 23, 2015, in the middle of freezing weather, Ukraine suffered the first blackout caused by cyber attacks. In this first incident, attackers gained remote access to the industrial networks of power companies, and a remote adversary operated the human-machine interface of operators, opening circuit breakers manually. A year later, on December 17, 2016, a fifth of Ukraine's capital Kyiv experienced another blackout. This time, the target was a transmission utility, and unlike the previous year when remote human attackers opened the circuit breakers, the attack in 2016 was launched automatically by the first known example of industrial malware targeting the power grid: Industroyer. Finally, on April 8, 2022, in the first months of the Russian invasion of Ukraine, operators discovered another malware tailored to attack circuit breakers automatically. This new piece of malware was called Industroyer 2, and it represented yet another attempt to target Ukraine's power grid.

In this talk we will summarize our work in analyzing the malware to understand how it targeted industrial networks, as well as consider what future potential damages this type of malware may create in the future.

Alvaro A. Cardenas is an Associate Professor of Computer Science and Engineering at the University of California, Santa Cruz. Before joining UCSC he was the Eugene McDermott Associate Professor of Computer Science at the University of Texas at Dallas, a postdoctoral scholar at the University of California, Berkeley, and a research staff member at Fujitsu Laboratories. He holds M.S. and Ph.D. degrees from the University of Maryland, College Park, and a B.S. from Universidad de Los Andes in Colombia. His research interests focus on cyber-physical systems and IoT security and privacy, including autonomous vehicles, drones, smart home devices, and SCADA systems controlling the power grid and other critical infrastructures. He is the recipient of the NSF CAREER award, the 2018 faculty excellence in research award from the Erik Johnson School of Engineering and Computer Science, the Eugene McDermott Fellow Endowed Chair at UTD, and the Distinguished Service Award from the IEEE Computer Society Technical Committee on Security and Privacy. He has also received best paper awards from various venues, including the ACM CPS & IoT Security Workshop, IEEE Smart Grid Communications Conference, and the U.S. Army Research Conference. One of his papers was also a finalist in the CSAW competition in Israel. Cardenas' research has been funded by NSF, ARO, AFOSR, NSA, NIST, MITRE, DHS, DoT, Phoenix Technologies, and Intel.

Register to attend: A Tale of Two Industroyers.

Connected Diabetes Device Security

With David C. Klonoff, M.D., F.ACP, FRCP (Edin), Fellow AIMBE

Thursday, October 19, 2023 / 2 PM – 3 PM

Hosted by UC San Francisco

Connected diabetes devices require sound cybersecurity. FDA, FBI, HHS, and the President of the United States are increasingly focused on the need for medical device cybersecurity. The Consolidated Appropriations Act of 2023 mandates the FDA to require increased medical device cybersecurity. This law requires manufacturers of medical devices to: 1) submit a plan to monitor, identify, and address postmarket cybersecurity vulnerabilities, 2) ensure devices remain cybersecure, which includes issuing updates and patches, 3) submit a software bill of materials (e.g. commercial, open-source, and off-the-shelf components), 4) comply with such other requirements that may be added through regulation. IEEE 2621, recognized by the FDA in December 2022, is the first Standards Development Organization-developed medical device cybersecurity standard containing both performance and assurance requirements. This standard is intended for wireless diabetes devices, such as blood glucose monitors, continuous glucose monitors, insulin pumps, closed loop automated insulin delivery systems, smart insulin pens, and spinal cord stimulators. IEEE 2621 is a conformity assessment standard that defines a framework for a connected electronic product security evaluation program for diabetes devices. Its purpose is to provide grounds for confidence that connected electronic diabetes products deliver the security protections claimed by their developers and deemed necessary by stakeholders. Conforming to IEEE 2621 can prevent breaches and associated negative effects.

Dr. Klonoff is an endocrinologist specializing in bioengineered solutions for people with diabetes. He has led many multi-stakeholder technical and clinical standards projects for diabetes monitoring and drug delivery technologies, most recently chairing the the CGMs and Automated Insulin Dosing Systems in the Hospital Guideline in 2020 and the iCoDE (Integration of CGM data into EHR) standard in 20220. Dr. Klonoff received the American Diabetes Association’s 2019 Outstanding Physician Clinician Award. He received an FDA Director’s Special Citation Award in 2010 for outstanding contributions related to diabetes technology and the IEEE Conformity Assessment Award in 2022 for his work in medical device cybersecurity. Dr. Klonoff led the development of the Glycemia Risk Index composite metric for CGM data which is used for patient management and outcomes research, based on data collected from 330 diabetes experts from all six continents. He is currently focusing on improved health outcomes using digital health tools, biomarker testing for precision medicine, and improved patient safety through cybersecurity standards for medical devices. He has published over 300 articles in PubMed-referenced journals and he was Senior Editor of the first two books on Digital Health for Diabetes.

Register to attend: Connected Diabetes Device Security.

Zoom Security Features and New Features, with John Chiaro

Monday, October 23, 2023 / Noon - 1p.m.

Hosted by UC Santa Barbara

Recording On-Demand

John Chiaro joined Zoom about 2 years ago supporting Higher Education clients and was a Zoom user in his previous role supporting the K-12 space. he's passionate about helping those in the Education world leverage technology in the hopes of providing positive impacts in and around the classroom. John lives in the Raleigh, North Carolina area with his wife and 3 children.

Cyber and Privacy Law Regulatory Landscape

With Reema Moussa, J.D. Candidate

Tuesday, October 24, 2023 / Noon - 1 PM

Hosted by UC Santa Barbara

Recording On-Demand

2023 has been a banner year for privacy and cybersecurity legislation and regulation. This session will focus on major developments from US and international data protection regulatory agencies, industry-specific regulations, and new and upcoming legislation in data privacy and security. From the SEC's recently passed cyber rules to new priorities for enforcement of US state privacy legislation, the GDPR in Europe, the Federal Trade Commission's recent activity, and more - we'll unpack how privacy and cybersecurity is unfolding in legal and policy spheres. We'll also cover some best practices, resources, and how to keep up with the rapidly changing environment. This presentation will focus on high-level updates for all stakeholders and audiences of different disciplines, and no legal background or expertise is required for understanding the session.

Reema Moussa is a J.D. Candidate at USC Gould School of Law, concentrating her studies and practice on cybersecurity, privacy, artificial intelligence, and trust and safety. She graduated from UC Santa Barbara in 2020 with degrees in Communication and Global & International Studies, and completed her Masters in Technology Management at UCSB in 2021. During a study abroad program at the University of Geneva, she launched her career in technology at the United Nations’ International Telecommunication Union (later returning to coordinate the 10th anniversary of Girls in ICT Day). Upon her return to UCSB from abroad in 2019, she joined UCSB's Office of the CIO as the campus' Cybersecurity Awareness Coordinator. Now in law school, she has worked for a number of different types of stakeholders, interning at SentinelOne, the Future of Privacy Forum, the Electronic Frontier Foundation, and Goodwin Procter; a large international law firm. She has spoken on her unique view of interdisciplinary digital rights issues at several international conferences, including Women in Cybersecurity (WiCyS), IAPP’s Global Privacy Summit, the California Lawyers Association’s annual Privacy Summit, and the American Bar Association’s inaugural Consumer Protection and Data Privacy Conference. She currently serves as the Vice-President and West Coast Regional Chair of the Internet Law and Policy Foundry, where she is a Senior Fellow and the host/executive producer of the Tech Policy Grind podcast. She is also a member of the Young Lawyers Advisory Panel for the Privacy and Information Security Committee of the American Bar Association's Antitrust Section.

Is AI Really as Dangerous as They Say?

With Chad Spensky

Wednesday, October 25, 2023 / Noon - 1 PM

Hosted by UC Santa Barbara

Recording On-Demand

AI is the latest fad that the media has decided to focus on. In this talk, Chad Spensky will try to debunk some of the myths surrounding current AI capabilities and will similarly provide context to the risks that do exist. It's safe to say that we are nowhere near sentient beings exterminating humanity, but we are far beyond computers being used for simple math problems. How might this shape our society and the future of cybersecurity? After this talk, you will, hopefully, have a better understanding of AI and be able to separate fact from fiction when reading your next buzzword laden AI news article.

Chad is a computer security researcher, entrepreneur, and educator who is passionate about using technology to make people’s lives easier and their digital systems more secure. He is currently the CEO of Allthenticate, a company that is revolutionizing authentication by offering an all-in-one, smartphone-based identity management and authentication solution. Chad has over 10 years of research experience and has numerous academic publications in top conferences. Formerly, he was a member of the technical research staff at MIT Lincoln Laboratory, where he helped them solve some of the Department of Defense's toughest cyber-security problems. Chad received his Ph.D. from the University of California, Santa Barbara, and is also a recipient of the prestigious IBM Ph.D. Fellowship. In addition to his academic credentials, Chad is a lifetime hacker. His hacking career started in his teenage years and has taken him to compete in some of the world's best capture the flag tournaments around the world as a member of the UCSB Shellphish hacking team. His unique blend of hacking knowledge and academic rigor make him particularly well-suited to solve complex real-world cybersecurity problems, like making authentication usable and secure.

Secure Your Sign-In - Password Hacking Demo and Tips

With Michael Taggart

 Wednesday, October 25, 2023 / I PM - 2 PM

Hosted by UCLA Health

Join us for a session on the importance of password security and how having a complex password can help keep bad actors from getting into your account. Plus a password hacking demo!

Michael Taggart is a Senior Cybersecurity Researcher at UCLA Health. That means he moves ahead of automated defenses, looking for potential threats before they have a chance to impact our mission of healing humankind one patient at a time. Some days that means analyzing malware samples; some days that means pretending to be an attacker and testing defenses with the same tools used by threat actors.

When not defending UCLA Health, he uses his background as a teacher to educate others about technology and cybersecurity skills through streaming video and written courses.

Register to attend: Secure Your Sign-In - Password Hacking and Demo Tips

Privacy Breaches and the Aftermath – a Behind the Scenes Look - Panel Discussion

• Mary Morshed, UCSF Director of Data Security Compliance
• Christian Sisenstein, UCSF Manager of IT Security Incident Response and Security Operations
• Jaison Mathew, UCSF Health Manager, Privacy Investigations & Regulatory
• Maral Iftekhary, UCSF Health Research Privacy Specialist
• Mike Lee, Data Analyst for the Office of Healthcare
• Michael Victor, Senior Privacy Investigator at UCSF Health
• Mike Benevento, Privacy Investigator at UCSF Health

Thursday, October 26, 2023 / 10 AM - 11 AM

Hosted by UC San Francisco

Who hasn’t been on the receiving end of a letter explaining their personal information was inappropriately accessed and/or disclosed. But what happens behind the scenes leading up to mail carriers delivering breach notification letters or public postings of privacy breach announcements?

The panel of privacy and cybersecurity experts from UCSF provides a closer look at the types of privacy violations and breaches investigated in large healthcare and research focused organizations. The panel will discuss privacy investigation techniques and tools; data analysis and algorithmic advancements; regulatory reporting of breaches involving personal health information (PHI); complications involving research health information (RHI); technical security controls; and regulatory penalties that can have lasting impacts.

Christian Sisenstein is the UCSF Manager of IT Security Incident Response and Security Operations. Christian has been with UC/UCSF/UCSF Health for 11 years. His favorite security related movie is Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon.

Jaison Mathew is the UCSF Health Manager, Privacy Investigations & Regulatory. Jaison has been with UC/UCSF/UCSF Health for 8 years. His previous work experience includes roles as a Privacy Investigations Analyst and Privacy Investigations Supervisor at UCSF and he served as a legal clerk for a boutique law firm. Jaison’s favorite security related movie is The Matrix.

Maral Iftekhary is a UCSF Health Research Privacy Specialist. Maral joined UCSF/UCSF Health in November 2022 and has almost 5 years of experience with the University of California. Her previous work experience includes working as a Senior Research Compliance Analyst at UCI Health, and Lead Contracts & Grants Analyst at the Center for Clinical Research, Providence St. Joseph Health. Maral’s new favorite movie in general is Oppenheimer.

Mary Morshed is the UCSF Director of Data Security Compliance. Mary joined UC/UCSF/UCSF Health in November 2022. She previously served 15+ years in the role of Chief Information Security and Privacy Officer for various state of California entities and Sacramento Municipal Utility District (SMUD). Mary’s favorite security related movie is We are Legion – The Story of Hacktivists.

Mike Benevento is a Privacy Investigator at UCSF Health. Mike has been with UC/UCSF/UCSF Health for 2.5 years. His previous work experience includes stints at DoubleClick (now Google) and Schulte Roth & Zabel LLP. Mike’s favorite privacy related movie was left blank intentionally ("that's private!")

Mike Lee is a Data Analyst for the Office of Healthcare Compliance & Privacy at UCSF Health. Mike has been with UC/UCSF/UCSF Health for 15 years. His previous work roles were as a Data Analyst for UCSF Audit & Advisory Services and as a Research Associate for Flagstone Securities. Mike’s favorite security or tech related show is Black Mirror.

Michael Victor is a Senior Privacy Investigator at UCSF Health. He has been with UC/UCSF/UCSF Health for 2.5 years. For over 15 years, Michael has been dedicated to the field of privacy compliance, education, and investigation; playing a key role in the privacy programs of leading organizations within the higher education, healthcare, technology, and utility sectors. His favorite security related movie is Catch Me If You Can (2002).

Register to attend: Privacy Breaches and the Aftermath – a Behind the Scenes Look - Panel Discussion.

UC Cyber Leadership Program: Panel Discussion with Van Williams, UC Vice President of ITS and Chief Information Officer

Thursday, October 26, 2023 / Noon - 1 PM

Hosted by UC ANR

Recording On-Demand

Join Van Williams, UC Vice President of Information Technology Services and Chief Information Officer as he leads a discussion a panel of UC professionals who recently completed the UC Cyber Leadership Program. The panel represents personnel across a variety of professional disciplines whose work intersects with cybersecurity.

The panel will discuss what prompted them to join the leadership program, current cybersecurity challenges in their current roles, takeaways from the program, and new skills gained through the program.

Host: Jaki Hsieh Wojan, Chief Information Security Officer, UC ANR

Panelists:

• Mary Morshed, Director of Data Security Compliance, UCSF

• Mary is the UCSF Director of Data Security Compliance. Mary joined UC/UCSF/UCSF Health in November 2022. She previously served 15+ years in the role of Chief Information Security and Privacy Officer for various state of California entities and Sacramento Municipal Utility District (SMUD). Mary’s favorite security related movie is We are Legion – The Story of Hacktivists.

• Pegah K. Parsi, JD, MBA, CIPP/US/EU, CIPM, Chief Privacy Officer, UCSD

• Pegah is the inaugural Chief Privacy Officer at UC San Diego where she spearheads the privacy and data protection efforts for the research, educational, and service enterprise. She is passionate about data ethics and privacy as human rights and civil liberties issues and is an advocate for the idea that privacy requires much more than legal compliance. She is an attorney, holds an MBA, and serves as the CPO for the non-profit #AfghanEvac and the Vice Chair of the City of San Diego Privacy Advisory Board.  

• Troy Wright, Cybersecurity Program Manager, UC Santa Cruz

• Troy has been with UCSC for 16 years, supporting Information Technology Services (ITS) across a range of     disciplines from application and systems administration to cloud engineering and information security. In my current role, I oversee information security efforts on medium to large scale projects and enjoy working with various cross-functional teams to help advance our business mission and goals.

• Frank Fimbrez,  Skilled Trades Superintendent, Facilities Management / Operations, UC Merced

• Frank is a founding staff member of UC Merced. Beginning there a year prior to the campus opening in 2004, he has worked to grow the campus from infancy, past teenage years into its present state. Over the last 20 years Frank has worked with and led multiple teams across many organizations and touched all campus stakeholders and is s is now planning for his next UC decade.

• The Cyber Leadership Program provides advanced leadership training for UC leaders in disciplines that collaborate on cyber. The program offers advanced training in current and emerging cybersecurity issues, along with leadership skills development in areas such as negotiation, conflict resolution, communications and strategic thinking. Courses are taught by faculty from UC Berkeley’s Haas School of Business, UC executives, and other experts from industry and the public sector.

  Through interactive sessions and in‐depth presentations, the program prepares UC leaders to become effective agents of change. The program brings together a wide community of personnel from across UC whose work intersects with cybersecurity, including professionals in security, privacy, legal, audit, law enforcement, risk, compliance, and public safety. It emphasizes the critical need for leaders in these fields to collaborate and learn from each other in order to strengthen the university’s cyber defense.

  To learn more about the program, visit the Cyber Leadership Program website.

   

Porosity: Why Cybersecurity Remains Elusive

With Steve Gibson, Host of the Security Now! Podcast

October 26, 2023 / 2 PM - 3 PM

Hosted by UC Irvine

The benefits to society from secure and trustworthy computing systems are obvious and many. But despite decades of monumental investment toward in this obvious goal, cybersecurity remains elusive with damages ranging from individual users to international corporations. With the causes of each failure clear in retrospect, why do we seem unable to get ahead of them? Steve is going to share and layout his concept of "security porosity".

Steve Gibson is the founder & CEO of Gibson Research Corporation, located in Southern California. Since 1988, all of the bills have been paid by the sales of Steve's long-standing mass storage maintenance and data recovery utility: SpinRite. GRC's website mostly reflects Steve's life-long passion for all-things-technology including Internet Security. He began programming early computers in 1970, at the age of 15, and he never stopped. Steve believes in "old School" computing, and, yes, misses working with computers having 16 Kbytes of memory. So today, because he lives to code, even though it's a bit nuts, he still writes all of his programs in 100% pure assembly language. Listeners to his weekly Security Now! podcast often comment that they can hear his love and enthusiasm for technology in his voice. It's the real deal.

Register to attend: Porosity: Why Cybersecurity Remains Elusive.

Additional Resources and Information To Explore

National Cybersecurity Alliance

Making it easy for everyone to learn more about cybersecurity and staying safe online.  View a collection of easy-to-follow resources and guides for youself and to share with others.

WiCyS - Women in Cybersecurity

A global community of women, allies and advocates dedicated to the recruitment, retention and advancement of women in cybersecurity.

Cybersecurity & Infrastructure Security Agency (CISA)

• Parent and Educators Tip Card
• Chatting with Kids about Being Online Booklet
• Student Tip Cards
  • K-8 Students
  • 9-12 Students
  • Undergraduate

Savvy Cyber Kids (3-7 year olds)

NetSmartz, a program of the National Center for Missing and Exploited Children (NCMEC)

Federal Communications Commission