Cyber Security Awareness Month

Cybersecurity Awareness Month - October 2023

A note from our CISO, April Sather

April SatherFrom its inception twenty years ago to today, Cybersecurity Awareness Month is an opportunity to pause, reflect and recommit to staying safe and secure online. UCOP continues to look ahead at emerging threats and take proactive measures to inform and protect our community.

A highlight this year has been the successful launch of UCOP's Unit Information Security Lead (UISL) as-a-service program. Today, all divisions across UCOP have named, trained, "go-to contacts" for Information Security. UISLs are familiar with the capabilities, systems and data in each division, and dedicated to ensuring cyber risk is managed and any gaps surfaced and addressed.

I hope you have a chance to get involved with Cybersecurity Awareness Month by registering to attend one of many Cybersecurity Awareness Month events taking place across the system. There are sessions covering topics including social engineering, artificial intelligence, health device security and zero trust architecture. Register for Cybersecurity Awareness Month activities.
April Sather signature

By the Numbers - UCOP

  • 50% reduction in system vulnerabilities
  • >400 supplier security risk assessments completed
  • 18 phishing simulations conducted
  • ~150K spam blocked/day (including phishing attempts)

Based on 2023 UCOP metrics

By the Numbers - Globally

  • 95% of breaches are financially motivated
  • 86% of web application attacks involve the use of stolen credentials
  • 74% of breaches involved a human element
  • 75% of ransomware attacks trace back to attack surface exposures

Source: Verizon 2023 Data Breach Investigations Report and Palo Alto Unit 42 Ransomware and Extortion Report

What can you do?

Here are three tips to #BeCyberSafe every day:

In Outlook, Report Message - Phishing

Tip #1 - Think before you click

While UCOP continues to enhance email security (see below interview with Bobby Cook), you are our strongest defense. If you receive a phishing or suspected phishing email, please report it by using the Report Message > Phishing option in Outlook.

Tip #2 - Protect your credentials.

Verify Duo screen86% of web application attacks involve stolen or compromised credentials. UCOP's DUO multi-factor authentication (MFA) solution is one tool to protect you from unauthorized use of your applications and data if your user ID and/or password becomes compromised.

Even with DUO, it is important to remain vigilant and not fall prey to a MFA fatigue attack. If you receive many DUO prompts in rapid succession "out of the blue," do not approve and report this to servicedesk@ucop.edu. Another way to report is to click the "I'm not logging in" button on the mobile device prompt window.

TIP #3 - Help Keep UC Data Secure

Send sensitive data securely to individuals in any organization using GoAnywhere (SecureShare).

Messages and files are encrypted, uploaded, and stored on a secure web server. Ensure data is backed up to a secure location, such as Box or OnBase. This is one of the strongest defenses against ransomware.

Another great way to keep UC data secure is to leverage data classifications in Box. These can be added manually or in some case automatically based on certain sensitive data type in files. The classification levels currently available are P3 and P4.

Take care not to download sensitive data to UCOP laptops; they are not backed up and data cannot be recovered if the device is lost, infected with malware, or stolen. Data should never be downloaded to personal devices or external drives. If you require support in securely moving data, please contact servicedesk@ucop.edu.

Behind the scenes with Security

Bobby Cook, Manager of Infrastructure Applications Support

Bobby CookBobby Cook first got involved in Information Technology in Silicon Valley at 19 years old.

"I started tinkering with the MVS mainframe at the time and started to love computers. Even before that, I was programming Commodore 64s when they first came out, and from that, it grew into a passion that I realized I could make a career out of."

Now a Manager of Infrastructure Applications Support at UCOP, it's been a lifelong journey and passion. In this current role, Bobby and his infrastructure application support team manages email, Box, Citrix, GoAnywhere Secure Messaging and File Transfer, and more. Bobby says he enjoys the complexity of his job, which is constantly evolving due to the ever-changing nature of cybersecurity.

"Just with email in general — which is something everyone in every department uses — you would be amazed by the metrics that we get regarding attacks that we're blocking, phishing attempts, and spam. UCOP receives 150,000 to 250,000 of these messages a day. Microsoft blocks 50% of those and UCOP blocks another 10% with policies that identify phishing attempts and spam."

Our priority is protecting our customers and ensuring good guardrails are in place so they can do their jobs while their data is being protected.

Bobby says he and his team have worked hard to implement improvements to ensure high-level cybersecurity for users. He is proud of the changes they have made over the last year to better protect users.

"My team and I started researching Microsoft CIS benchmarks [CIS benchmarks are internationally recognized as security standards for defending IT systems and data against cyberattacks]. From there, we outlined the best practices and made them policies. We have also been collaborating with other departments — like Security — behind the scenes to block phishing, malware, and bad actors in general."

Bobby highlighted other cybersecurity projects he and his team have been working on such as DMARC — a policy that warns users when an email received is from a domain that is not protected by modern email authentication methods. When this happens, a user will receive automated guidance on whether to reject the message or quarantine it. Another significant project this year was Box Shield, which scans content as it's uploaded, shared, previewed, edited, and downloaded (and more) and provides broader coverage for sophisticated malware, including ransomware.

As outside attacks and ongoing threats inevitably evolve, Bobby and his team will continue to work to stay on top of and adapt to the ever-changing landscape of cybersecurity to ensure safety for all at UCOP.