You may be familiar with some of UC’s biggest cybersecurity priorities, but you may not know one of the people behind the scenes whose leadership and expertise keep UC safe. That leader is Monte Ratzlaff, Chief Information Security Officer (CISO) for the University of California system. Ratzlaff oversees UC’s security program to protect institutional information and resources from cyber threats like ransomware and phishing.
From Music to Cybersecurity
Ratzlaff joined the October 2025 Information Technology Policy and Security Community of Interest meeting for a fireside chat, hosted by Damian Luna, Cyber Risk Assessment Unit Manager at the Office of the President. Attended by more than 200 participants, Luna inquired about Ratzlaff’s career path, systemwide security work, top concerns and more. Here’s a closer look at the person guiding cybersecurity across UC.
Did Ratzlaff dream of becoming a cybersecurity leader? Not at all. In fact, Ratzlaff was busy dreaming about music. However, a series of career turns led him away from music and studio engineering and into IT, then firewalls, and ultimately, security.
After roles in county government, Blue Shield of California and Golden 1 Credit Union, Ratzlaff joined UC in 2010 as the first Chief Security Officer at UC Davis Health. He moved to UC’s Office of the President in 2016 to help build the Cyber Risk Program following a major incident at UC. He then served as the interim CISO and is now the permanent systemwide CISO.
Risk, Leadership and Staying Calm Under Pressure
One lesson that Ratzlaff shared is that early in his career, he often defaulted to “no” for security reasons. Over time, he learned to seek secure and thoughtful ways to say “yes” by getting a better understanding of business needs, applying layered controls and managing risk realistically.
Ratzlaff also shared that learning to build relationships is really key. Leadership requires focusing on relationships, communication, strategy, budgets and program-building, rather than hands-on engineering.
In addition, Ratzlaff explained that “In cybersecurity, you need to learn to roll with the punches and not panic. It takes someone with a certain personality.” He described that when dealing with a cybersecurity crisis, you need to slow down so you can think clearly. “Great quarterbacks do this: they stay calm to see the field clearly, and they focus on the next right move. It’s the same philosophy in cybersecurity.”
Some Updates on Cybersecurity Work
Switching subjects, Luna asked Ratzlaff about some of the recent and ongoing systemwide cybersecurity work that’s underway.
Ratzlaff referred to the President’s Cybersecurity Letter requirements, also known as the University of California Information Security Investment Plan, as some of the hardest and most rewarding work in the past year. “The success of this project depended on collaboration with CIOs, CISOs, chancellors and faculty, especially around privacy concerns with Endpoint Detection and Response (EDR).” He emphasized that this work is ongoing and treated as a process, and not a one-time project. In fact, a privacy program around the Threat Detection and Identification Program (TDI) is currently being planned.
Other security work includes:
- IS-3 policy update: UC is beginning an overhaul of IS-3, which is the systemwide electronic information security policy. The improvements will be based on prior Deloitte recommendations to make the policy shorter, clearer and more readable without relaxing compliance requirements.
- Appendix DS update: Early work is underway to modernize the security contract appendix to ensure that UC’s institutional information and resources remain secure when shared with third parties. Updates address AI and systemwide pain points identified by procurement and security teams.
Top Security Concerns
When Luna inquired about top security concerns, Ratzlaff identified the following.
- External pressures: Federal funding dynamics and regulatory changes are significant concerns for UC, especially where they intersect with research security and data requirements.
- Cyber-related risks: Zero-day vulnerabilities, sophisticated phishing targeting elevated-privileged accounts and the complexity of global cloud architectures are ongoing concerns. “It’s the things we don’t know that worry me,” said Ratzlaff.
Collaboration and Shared Services
Ratzlaff highlighted how collaboration through shared services and partnerships help UC work smarter. For example, shared services like UCPath are a model for doing more together under budget constraints. Shared platforms reduce costs and duplicated effort across locations while helping UC adopt new technologies more strategically.
Outside of Cybersecurity
How does Ratzlaff unwind after a stressful day of protecting UC? He turns to his creative passions: cooking and listening to music, sometimes doing both simultaneously. He enjoys making various cuisines, but Italian food is his favorite and his go-to music genres are EDM and Latin.
Join the ITPS Meetings
This fireside chat was part of ITPS’s regular meeting series. The next ITPS meeting will be held on February 11, 2026. See a summary of the 2025 ITPS meetings, with the 2026 calendar coming soon.
