March 1, 2023

UCSF IT Security

Awareness News You Can Use

Monthly Articles, Contests, and Upcoming Events

View as a webpage

March's Quiz is on UCSF IT Security Tools

Please read "Stay Secure with IT Security Tools" and take the monthly quiz. All UCSF faculty, staff, contractors, students, and affiliates who take the quiz will be entered in a drawing for one of six $50 Amazon gift cards.

Remember, you can also visit our previous security awareness articles and take the quizzes. Visit our past campaigns at the UCSF Awareness Site.

Get Your Emails and Newsletters Read!

Did you know that if a person thinks an email or newsletter is phishy they will most likely delete it? Any valuable information you are trying to convey may not be read.

 

Read the article "Make Your Emails Less Phishy" and learn how to get your communications read!

New and Improved Required UC Cybersecurity Awareness Course

The next time you complete your annual mandatory UC Cyber Fundamentals Awareness Course on the UC Learning Management System (LMS), you will see a new and improved course - and you could win a $50 Amazon gift card. Find out more about the course and see the new contest below!

See the Latest Phishing Scams and Know

What To Do! 

In the last year, cyber criminals delivered a wave of cyber-attacks that were not just highly coordinated, but far more frequent and advanced than ever before seen. Many of them began with a phishing email. To help everyone be more aware of the current widespread and impactful phishing scams, IT Security has created a page New Phishing Threat Alerts. It lists the prevalent phishing campaigns and provide additional information on:

  • What to watch out for
  • Key actions to take
  • Tips to remember

Please bookmark the page and check back often. IT Security will be updating it frequently.

 

Ongoing Monthly Contests

 

Everyone Can Win a Prize!

1. Refer your UCSF friends and colleagues to the UCSF Awareness Site and ask them to:

  • Read the latest article and take the quiz.
  • Ask them to enter your email address as the referrer.
  • State they are new to the site on the last page of the monthly quiz.

For each 20 people you refer, you will win a $25 Amazon gift card (limit 2/year, referrals do not expire).

 

2. Each month we will be selecting one person to win a $50 gift card from everyone who uses the Phish Alarm Button to report suspicious emails. They will win a $50 gift card. This important security tool analyzes the email and lets you know if it is an actual phish. No need to contact the Service Desk or IT Security when you get something suspicious. For more information, please visit the Phish Alarm Overview Page.

 

3. Each month we will be randomly selecting five people from everyone with “current” status on their UC Cyber Fundamentals Awareness Course assignment to win a $50 Amazon Gift Card. Here’s how to check your status on the annual training requirement:

  • Click on the UC Learning Center link in MyAccess
  • Click on “UC Learning Center Login” from the UC Learning Center page
  • Click on “Required Training”
  • Check the Status of “eCourse: UC Cyber Security Awareness Fundamentals”

Winners Circle

February Awareness Quiz Winners

Dina Wallin

Ronald Labuguen

Michael Douglas

Lauren Rehbein

Immadonna Delacruz

Evangeline Pampilo

 

February Phish Alarm Winner

Isaac Sato

 

February LMS Cybersecurity

Awareness Course Winners

Simon Truong

Hyewon Suh

Nancy Arnold

Ofer Yizharbarnea

Mark Rauschuber

 

February Top Quiz Referrers

Millo Pasquini

Eve Phong (Dinh)

Cristina Morrison

Khin Nyunt

Jennifer Camacho

Julie Erich

Matthew Lau

Casey Nelson

Thea Dela Cruz

John Hasper

Gato Gourly

Jason Dong

 

Reached 20 Referrals

Khin Nyunt

Future Events

Tuesday, March 7, 2023, 9:00AM-4:30PM

Women in Data Science (WIDS) at UC Berkeley

Sponsored by CITRIS and the Banatao Institute; Computing, Data Science, and Society; Berkeley Research, Teaching, and Learning; and the Berkeley School of Information

The Global Women in Data Science (WiDS) Conference is an annual technical conference based at Stanford University, which brings together data scientists and professionals in adjacent fields from around the globe to discuss the latest research and applications of data science in a broad set of domains. Participants learn how leading-edge companies are leveraging data science for success and connect with potential mentors, collaborators, and others in the field. In partnership with the main conference, WiDS Berkeley features on-location events with distinguished speakers from the Bay Area in academia and industry and a student poster session highlighting ongoing student projects. All genders are invited to participate in the conference, which features exclusively female speakers. The event will also be live streamed.

Click Here to Register for the WIIDS Conference

 

Thursday, March 16, 2023, 9:00AM-10:00AM

A Fireside Chat on FDA Updates on Medical Device Cybersecurity

Matthew Hazelett, Cybersecurity Policy Analyst, U.S. Food and Drug Administration

In this fireside chat with Dr. Kevin Fu, Matthew Hazelett will be discussing FDA updates on medical device cybersecurity.

Matthew started at the FDA as a biomedical engineer within the Implantable Electrophysiology Devices Branch (IEDB) at the Center for Devices and Radiological Health (CDRH). His review areas included pacemakers, defibrillators, leads, and supporting devices (programmers, home monitors, etc.). Since starting at FDA, he developed a review focus in cybersecurity, participates in cybersecurity guidance development, and supports cybersecurity vulnerability assessments and premarket reviews across CDRH. He started his position as the Cybersecurity Policy Analyst in the Office of Product Evaluation and Quality (OPEQ) in February 2020. His role is focused on premarket and postmarket cybersecurity policy development and implementation across the clinical review offices. He also serves as a Digital Health Center of Excellence Program Director for the OPEQ Cybersecurity Focal Point Program.

Matthew earned a B.S. in biomedical engineering from the University of Rochester where he focused in electrical signals and systems. After graduation, he worked for a medical device research and development company in New Hampshire as a Test Engineer and then Test Manager overseeing device verification and validation testing.

Click Here to Register for the Fireside Chat on FDA Updates on Medical Device Cybersecurity

 

Past Events

October 1, 2022-October 31 2022

UC Cybersecurity Awareness Month 2022

October is UC Cybersecurity Awareness Month (UCCAM), an annual effort to increase cybersecurity awareness and provide resources for people to stay safer and more secure online. The Systemwide Cyber Champions held events throughout the month.

Recordings will be added as they become available

Click Here to View October 2022 Cybersecurity Awareness Month Events

 

*****************************Spotlighted Events************************************

 

Tuesday, October 4 2022, 11:00AM-12:00 PM

Accessibility and Security Panel Discussion

Panel Members:

Scott Hollier, CEO & Co-founder Centre for Accessibility

Yue-Ting Siu, TVI PHD, Teacher of Students with Visual Impairments

Jiatyan Chen, Online Accessibility Program Manager, Stanford

Nicholas Borton, Chief Information Security Officer UCD

Lucy Greco, Web Accessibility Evangelist UCB

Diane Tyo, IT Operational Continuity Analyst UCLA

Moderator:

Cecile Puretz, Assistant Director of Disability Access & Inclusion at University of California San Francisco

Accessibility and Cybersecurity are both important considerations, particularly in inclusive yet cyber-vulnerable environments like those in the University of California system. Typically, conversations on these two topics are completely separate, but this event brought them together in a panel discussion to increase understanding and awareness of both sets of needs. With some effort and collaboration, it's possible to make technology both more accessible and more secure.

Click Here to Watch the Accessibility and Security Panel Discussion Webinar

 

Monday, October 24, 2022, 10:00-11:00 AM

Social Engineering

Rosa Smothers, Senior Vice President of Cyber Operations at KnowBe4

Social engineering, in the context of information security, refers to the use of psychological manipulation to trick people into divulging sensitive information (information gathering) or performing actions (fraud, unauthorized system access.) Rosa Smothers discussed these types of approaches and ways to be a “human firewall” for UCSF and your digital life.

Click Here to Watch the Social Engineering Webinar

Tuesday May 17, 2022 1:00-2:00 PM

QB3 Webinar: Cybersecurity: What You Need to Know in 2022

Elvis Chan, FBI; Allison Henry, UC Berkeley; Patrick Phelan, UCSF

Cybersecurity is a key issue for us in our private lives — think identity theft — and at the national scale — such as federal elections. For scientists in academic & commercial labs, threats include IP theft, ransomware, and hacktivism. Where are we vulnerable to those who want to disrupt or steal from us? How can we do the best possible job of protecting ourselves and the organizations we serve? Join us to learn best practices from the FBI's Elvis Chan, who manages San Francisco’s Cyber Branch, which is responsible for cyber investigations and digital forensics, and Allison Henry and Patrick Phelan, chief information security officers at UC Berkeley and UCSF respectively.

Co-sponsored by the UCSF Cyber-Champion Team.

Click Here to Watch to QB3 FBI Webinar

Tuesday, June 21, 2022 10:00-11:00 AM

Advanced Persistent Threats (APTs) and their use of social engineering to target your organization

James R. McQuiggan, Security Awareness Advocate

APTs often utilize social engineering, the psychological manipulation to trick people into divulging sensitive information (information gathering) or performing actions (fraud, unauthorized system access.) Various approaches by APT groups and ways to be a “human firewall” for UCSF will be discussed.

Click Here to Watch the APT Webinar