Summary: Navigating the murky waters of the threat landscape and mitigating phishing risks is treacherous. Our team is constantly looking for ways to stay afloat. Discover the myriad ways we provide anchors to protect UCSF and help our end users be on the lookout for sharks in the water. Learn about the tools and procedures we have implemented and how we teach our users not to play koi to keep them from becoming adrift in a stormy sea.  What we have done: 

• Implemented Proofpoint to block the overwhelming majority of phishing messages.  

• Implemented Phish Alarm so end users can easily report phish.  

• Run phishing campaigns.  
• Implemented anti-phishing training. 

• Published articles in various publications and on our website including information on the phish indicators of recent mock phish.  

• Created Real Phish Alert Page – ones received at UCSF and common ones reported by Proofpoint. 

• Marketed the program in Pulse, physical and electronic posters, on the MyAccess page, and in various other ways. 

Summary:  This Halloween, dive into the shadowy world of data security with UCSF’s thrilling new Data Security Compliance (DSC) Program. Designed to combat the ever-evolving cyber threats, our program stands as a fortress with its extensive library of security requirements, including administrative, technical, and physical controls. These robust safeguards are meticulously assembled from a myriad of sources such as laws, regulations, UC/industry/local policies, and contract stipulations. As the digital landscape morphs and expands, the challenge of tracking and managing compliance intensifies. Join the UCSF DSC Team on a spine-chilling journey to unravel the mysteries of cybersecurity compliance. Discover cutting-edge tools and resources that simplify the identification of pertinent requirements for specific systems or use cases. Learn the art of de-duplicating and consolidating safeguards to fortify your defenses.

But that’s not all—our alliance with the Cybersecurity Risk Foundation (CRF) brings decades of consolidated cybersecurity wisdom to your fingertips. Through comprehensive research, policy guides, frameworks, and an innovative online assessment tool, we empower you to enhance your cybersecurity posture dramatically. Prepare to be spellbound as you access expert advice and state-of-the-art solutions designed to shield your organization from the ghostly specters of cyber threats and ensure stringent compliance with industry standards. Don’t miss this chance to transform your cybersecurity strategy from a haunted maze into a commanding stronghold. Join us to safeguard your digital realm this Halloween and beyond!