NEWS: 2023 Cyber Risk Program annual report spotlights UC Cyber security initiatives  

2023 Cyber Risk Program

By Wendy Rager and Judi Baker. The Cyber-risk Coordination Center (C3) is excited to share the just published 2023 Cyber Risk Program Annual Report, spotlighting the initiatives, people, services, and tools that manage and reduce cyber risk at every UC campus, health center, and lab.  

Highlighting UC Stories and Successes 

The University of California recognizes the importance of staying ahead of cybersecurity threats and fostering a collaborative environment. The Cyber Risk Program Annual Report highlights stories and successes from across the UC system over the past year that enhanced cybersecurity systemwide.

In the 2023 report, the (C3) spotlights stories about how UC Berkeley is sharing best practices around policy implementation, how phishing simulations at UCLA Health were improved to provide greater learning opportunities, and how tabletop exercises tackled executive communication during a simulated, but realistic, cyber incident. 

The report also covers the popular privacy workshops out of UC San Diego, a twenty-million-dollar AI-powered cyber security grant out of UC Santa Barbara, and dive into how UC San Francisco became an early adopter of Attack Surface Management (ASM) services.   

Focusing on Human Power 

This year, C3 made it a point to shine a light on the several ways UC has been growing its pipeline of human resources and nurturing a diverse and informed workforce.

 With efforts such as the UC Tech Academy: Applied Intelligence Mentorship (AIM) program, the internship program, the UC Tech Academy: Cyber Leadership Program, and the Women in Cybersecurity (WiCyS) strategic partnership program, UC is empowering and improving our current and future workforce a priority.  These programs are designed to strengthen UC as an employer, as a state-wide educational system, and as a customer-facing medical centers.  

 The report also highlights how the Information Technology Policy and Security (ITPS) Community is ensuring that UC security professionals connect and share information, and how the UC Cyber Security Summit allows participants from IT (Information Technology) security, legal, procurement, compliance, and more to network and learn from each other.   

Spotlighting Cybersecurity Tools & Services  

This year, C3 created a comprehensive catalog for the report that allows readers to become more familiar with the myriad of premier cybersecurity tools and services that are provided to UC campuses, health centers, and labs. These offerings help boost security awareness and offer strategic support to keep up with the ever-evolving cybersecurity scene. 

C3’s tools and services help UC stay prepared and one step ahead. Here is an abbreviated list that is expanded on in the report: 

  • Threat Detection and Identification (TDI): A program that enables a better understanding of threats and vulnerabilities 
  • Incident Response Coordination: Services providing an organized and systematic approach to cybersecurity incidents or breaches. 
  • Threat Intelligence: Services that obtain threat information from a variety of sources to protect UC 
  • Security Risk Assessments: Services that include UC location risk assessments, supplier risk assessments, and assessments at UC health centers 
  • Training and Awareness: Mandatory and customized training that, along with events, programs, communities, and tools, provide opportunities for education and knowledge sharing 
  • Consulting Services: Services, paired with technologies, services, and operations, that assist UC locations in assessing their readiness levels  

Looking at 2023 and Beyond 

This report offers a holistic view of the tools, methods, and collaborative efforts being leveraged at UC to create a cohesive and unified safe cyber environment. With cyber risks always changing and evolving, practices, processes, and solutions are evolving as well.  

The best way to create an informed, flexible, and resilient cybersecurity community and workforce across all of UC is by sharing knowledge, collaborating, and communicating. With opportunities to connect through groups like the growing University of California’s Information Technology Policy and Security (ITPS) group, chances to grow through programs like the Cyber Leadership Program, and possibilities to learn through training and exercises, UC is ensuring that our systems are strong, and our workforce is collaborating and learning from each other.  Interested in learning more about cybersecurity initiatives, programs, results, and metrics? Check out the 2023 Cyber Risk Program Annual Report here

About C3 

The Cyber-risk Coordination Center (C3) collaborates with UC locations to enhance cybersecurity systemwide. Use this link to learn about C3 services and tools

Authors  

 
Wendy Rager
Cyber Risk Coordination Center Manager
UC Office of the President 

Judi Baker  
Contract Content Marketer 
UC Office of the President