In May 2024, UC cyber threat intelligence (CTI) practitioners from across the University of California completed the UC Tech Academy: Applied Intelligence Mentorship (AIM) Program, an eight-month program offered through a partnership between the UC Cyber-risk Coordination Center (C3) and Mandiant, an American cybersecurity firm and a subsidiary.
AIM is a cutting-edge virtual training initiative designed for enhancing CTI capabilities across UC locations. The program equips participants to enhance or develop new CTI products and workstreams, providing better support to UC stakeholders. By participating in the program, individuals collaborated with peers, advanced their CTI capabilities, and now contribute to a stronger cyber defense posture across UC locations.
“Aside from the steep CTI acronym learning curve, this course is in my top 5 classes of all time. The instructors … brought a breadth and depth of knowledge in cyber security posturing and intelligence that was directly attuned to higher education. This course also served as an excellent networking opportunity as we were able to work in group projects with other UC campus security professionals.”
Stephen Waits, IT Architect, UC Santa Barbara
This was the second cohort to complete the program. Each participant has received a certificate of completion, acknowledging their achievement. A huge congratulations to all who participated and completed the AIM program!
Participant Feedback
The Mandiant AIM Program Lead captured feedback from some of the participants from this cohort. Here is what they had to say:
“The knowledge and skills I gained during the courses have been invaluable, and I am truly grateful for the opportunity to learn from such knowledgeable and dedicated instructors.”
“I particularly appreciated the hands-on exercises and interactive discussions that allowed us to apply the theoretical knowledge in a practical setting.”
“This was a really good opportunity for us to build a cohort among the UCs to identify contacts, build networks, and share pertinent information.”
“The interactions between the students and the instructors have been so helpful to my growth progress throughout the course.”
“Bringing in multiple SMEs helped with the learning experience.”
Interactive Learning: Hands-On Workshops with Expert Guidance
“There were a lot of new skills and approaches taught that are going to help us figure out how to integrate threat intelligence into our program.”
The AIM program provides a structured learning experience. Through monthly modules or workshops, participants dedicated approximately twelve hours per month to gain hands-on experience in various aspects of cyber threat intelligence. The curriculum is designed to address different facets of CTI, helping attendees to fortify their organizations’ cyber defenses.
Participants also engage in interactive workshops. These sessions focus on a range of topics including organizational challenges, workflows, and communication strategies. The goal? To refine existing CTI programs, align initiatives with business needs, and enhance systemwide communication. By examining current operations and exploring best practices, attendees develop actionable strategies for their CTI functions.
New Module
Upon request from UC students, a new module was introduced in this cohort with a focus on risks posed by integrating artificial intelligence into UC processes.
“Mandiant created a structured process for the UCs to consider applying each time a new technology becomes widely known,” the AIM Program Lead said. “The team focused specifically on examining the risks, rewards, and challenges with integrating artificial intelligence (AI) large language models (LLMs) into the UC environment, identifying what new attack surface security teams would need to consider pre- and post-roll out; the benefits LLMs could provide to improve existing cyber security workflows; and how criminal and state-sponsored cyber actors are also using LLMs to improve their cyber operations capabilities.”
AIM Program Candidates
Ideal candidates for AIM include those who manage or work in CTI functions, such as incident response, security operations, or risk management. Candidates should have a minimum of three years of experience in a related role and be prepared to represent their CTI team in discussions and activities.
To participate in the next AIM program cohort, candidates must be nominated by their UC location’s Chief Information Security Officer (CISO). After nomination, candidates need to complete an application outlining their motivation for joining and their commitment to the program’s time requirements. Applications are reviewed sequentially and distributed equally among UC locations. Accepted applicants and their managers will be notified accordingly.
For more information, visit the AIM webpage. For questions about applying, contact Jackie.Porter@ucop.edu.