November 1, 2022

UCSF IT Security

Awareness News You Can Use

Monthly Articles, Contests, and Upcoming Events

November's Quizz is on Safe Online Holiday Shopping

Please read "Don't Let the Bad Guys Steal Your Holidays" and take the monthly quiz. All UCSF faculty, staff, contractors, students, and affiliates who take the quiz will be entered in a drawing for one of six $50 Amazon gift cards.

Remember, you can also visit our previous security awareness articles and take the quizzes. Visit our past campaigns at the UCSF Awareness Site.

New and Improved Required UC Cybersecurity Awareness Course

The next time you complete your annual mandatory UC Cyber Fundamentals Awareness Course on the UC Learning Management System (LMS), you will see a new and improved course - and you could win a $50 Amazon gift card. Find out more and see the new contest below!

October 2022 UCSF-wide Duo Mock Phish

Congratulations to the over 3600 people who reported the Duo mock phish from via Phish Alarm!

If you missed the "red flags" from our latest mock phish, they are displayed at the bottom of our page "Protect UCSF and Myself from Phishing and Other Similar Scams".

If an email seems at all strange, report it via Phish Alarm. You will find out almost instantly how to further interact with the email. Over-reporting is not an issue! Better safe than sorry!

 

Ongoing Monthly Contests

 

Everyone Can Win a Prize!

1. Refer your UCSF friends and colleagues to the UCSF Awareness Site and ask them to:

  • Read the latest article and take the quiz.
  • Ask them to enter your email address as the referrer.
  • State they are new to the site on the last page of the monthly quiz.

For each 20 people you refer, you will win a $25 Amazon gift card (limit 2/year, referrals do not expire).

 

2. Each month we will be selecting one person to win a $50 gift card from everyone who uses the Phish Alarm Button to report suspicious emails. They will win a $50 gift card. This important security tool analyzes the email and lets you know if it is an actual phish. No need to contact the Service Desk or IT Security when you get something suspicious. For more information, please visit the Phish Alarm Overview Page.

 

3. Each month we will be randomly selecting five people from everyone with “current” status on their UC Cyber Fundamentals Awareness Course assignment to win a $50 Amazon Gift Card. Here’s how to check your status on the annual training requirement:

  • Click on the UC Learning Center link in MyAccess
  • Click on “UC Learning Center Login” from the UC Learning Center page
  • Click on “Required Training”
  • Check the Status of “eCourse: UC Cyber Security Awareness Fundamentals”

Winners Circle

October Awareness Quiz Winners

Thea Dela Cruz

Charlyn Dames

Samuel Mendoza

Alma Agorilla

Joanne Petersen

Eunice Wan

 

October Phish Alarm Winner

Toni Fuzzie

 

October LMS Cybersecurity

Awareness Course Winners

Nikki Lanshaw

Bing Espiritu

Laura Quill

Shenliang Vu

Veronica Salas

 

October Top Quiz Referrers

Millo Paquini

Eve Phong (Dinh)

Cristina Morrison

Jennifer Camacho

Khin Nyunt

Matthew Lau

Julie Erich

Jason Dong

John Hasper

Thea Dela Cruz

 

Past Events

October 1, 2022-October 31 2022

UC Cybersecurity Awareness Month 2022

October is UC Cybersecurity Awareness Month (UCCAM), an annual effort to increase cybersecurity awareness and provide resources for people to stay safer and more secure online. The Systemwide Cyber Champions held events throughout the month.

Recordings will be added as they become available

Click Here to View October 2022 Cybersecurity Awareness Month Events

 

*****************************Spotlighted Events************************************

 

Tuesday, October 4 2022, 11:00AM-12:00 PM

Accessibility and Security Panel Discussion

Accessibility and Cybersecurity are both important considerations, particularly in inclusive yet cyber-vulnerable environments like those in the University of California system. Typically, conversations on these two topics are completely separate, but this event brought them together in a panel discussion to increase understanding and awareness of both sets of needs. With some effort and collaboration, it's possible to make technology both more accessible and more secure.

Watch the Accessibility and Security Panel Discussion Webinar

 

Monday, October 24, 2022, 10:00-11:00 AM

Social Engineering

Social engineering, in the context of information security, refers to the use of psychological manipulation to trick people into divulging sensitive information (information gathering) or performing actions (fraud, unauthorized system access.) Rosa Smothers, Senior Vice President of Cyber Operations at KnowBe4, discussed these types of approaches and ways to be a “human firewall” for UCSF and your digital life.

Watch the Social Engineering Webinar

 

Tuesday, June 21, 2022 10:00-11:00 AM

Advanced Persistent Threats (APTs) and their use of social engineering to target your organization

James R. McQuiggan, Security Awareness Advocate

 

APTs often utilize social engineering, the psychological manipulation to trick people into divulging sensitive information (information gathering) or performing actions (fraud, unauthorized system access.) Various approaches by APT groups and ways to be a “human firewall” for UCSF will be discussed.

 

Watch the APT Webinar 

Tuesday May 17, 2022 1:00-2:00 PM

QB3 Webinar: Cybersecurity: What You Need to Know in 2022

Elvis Chan, FBI; Allison Henry, UC Berkeley; Patrick Phelan, UCSF

 

Cybersecurity is a key issue for us in our private lives — think identity theft — and at the national scale — such as federal elections. For scientists in academic & commercial labs, threats include IP theft, ransomware, and hacktivism. Where are we vulnerable to those who want to disrupt or steal from us? How can we do the best possible job of protecting ourselves and the organizations we serve? Join us to learn best practices from the FBI's Elvis Chan, who manages San Francisco’s Cyber Branch, which is responsible for cyber investigations and digital forensics, and Allison Henry and Patrick Phelan, chief information security officers at UC Berkeley and UCSF respectively.

 

Co-sponsored by the UCSF Cyber-Champion Team.

Watch to QB3 FBI Webinar