IT Security provides security awareness training and education services to UCSF faculty, staff and learners.

The goals of these services include educating the UCSF community on:

• The risks associated with using, transmitting, and storing electronic information
• How to maintain the confidentiality, integrity, and availability of data
• The roles and responsibilities of each community member in protecting UCSF's data and systems

Training

All UC employees, faculty, staff, and learners must take the UC Systemwide Cybersecurity Awareness Course on the UCSF Learning Management System (LMS) upon hire and annually.

All UCSF Information Technology staff and all UCSF users with privileged access accounts must also take a course on the proper use of privileged access accounts.

People who click on real or two test mock phishing emails in a row must take the Introduction to Phishing course.

As part of the 6/7/24 UCSF Town Hall, Patrick Phelan, UCSF Chief Information Security Officer, presented on the importance of everyone completing the systemwide mandatory Cybersecurity Awareness Training. He explained how cybercrime has skyrocketed over the last five years, with no sign of slowing down. Globally, cyberattacks cause trillions of dollars in damages every year. Attacks on the University of California can interrupt clinical, research, and education activities, and cause financial harm. UCSF was the victim of a significant ransomware attack in 2020. He went on to explain the new UC-wide requirement to have a 100% compliance rate and the consequences for non-compliance.

Click here to watch the presentation on the importance of completing the UC Systemwide Cybersecurity Awareness Course

To check you status to ensure you have satisfied these requirements:

• Click the "UC Learning Center" link on your MyAccess page.
• Click on “UC Learning Center" under "Logins” from the UC Learning Center page
• Click on “My Required Training”
• Check the Status of  the courses listed

There are also many advanced cybersecurity courses to take and prepare you for advanced certifications. For information on advanced cybersecurity courses available on the LMS, please go to the Advanced IT Security Training Offerings Page. 

There are courses for employees who work with credit cards on campus or within the medical center. To find them, search for Payment Card Industry or PCI.

Periodically, we also provide live training to users with elevated privileges, such as system developers, system administrators, and executives. To find out about the current offerings, contact the IT Security Training and Awareness Program Manager at [email protected].

Security Awareness Campaign

IT Security has rolled out a security awareness program to promote safer information security practices at UCSF. This campaign includes an interactive campaign site. 

Visit the IT Security Awareness Campaign site now and take the IT Security Challenge.  

Learner and Department Orientation Presentations

UCSF IT and the Technical Commons can come to your department to present an overview of UCSF's IT Security Requirements and Resources. To request a presentation, contact the IT Security Awareness Program at [email protected].

To view a presentation we did in the past, go to The SON Learner Orientation Video.

IT Security Ad-hoc Educational Meetings and Webinars

From time to time, UCSF IT Security and many other UC organizations host authoritative speakers on relevant topics as well as other educational events. To view material from past meetings or see what's coming up,  go to our IT Security Educational Meetings Page.  

IT Security tip sheets

Tip sheets include critical information about security topics in one easy-to-read document. UCOP has created an Information Security Tips and Fact Sheets page that lists many great tip sheets from authoritative sources in the following categories: 

| Protect Your Computer | Mobile Devices | Social Media | Two-Factor Authentication | Ransomware | General Cybersecurity | Protect Your Home Network | Identity Theft Resources |

IT Security Awareness Champion Program

This program is designed to strengthen UCSF’s culture of cybersecurity by engaging and empowering individuals throughout the organization to help ensure safe computing. For more information, go to the IT Security Awareness Champion Program Overview and Resources page.

For more information, contact the IT Security Training and Awareness Program at [email protected]