Cybersecurity Awareness Events

Tuesday, October 15, 2024 / 2 PM

Hosted by UC Los Angeles Health

This is the phishing training the bad guys don’t want you to see. In this session, UCLA Health Cybersecurity Researcher Michael Taggart will review and demonstrate some of the newer forms of phishing attackers are using to steal your data. For each demonstration, we’ll explore the motivations and techniques of the attackers, and what you can do to protect against these all-too-common attacks.

Michael Taggart is a Senior Cybersecurity Researcher at UCLA Health. That means he moves ahead of automated defenses, looking for potential threats before they have a chance to impact our mission of healing humankind one patient at a time. Some days that means analyzing malware samples; some days that means pretending to be an attacker and testing defenses with the same tools used by threat actors.

When not defending UCLA Health, Miichael uses his background as a teacher to educate others about technology and cybersecurity skills through streaming video and written courses.

Register to attend

Guest Speaker: Andrea Greene-Horace, MHA, EMCS is Senior Advisor, Cybersecurity/Deputy Program Manager-COOP-Business Continuity; The Affordable Care Act (ACA); Centers for Medicare & Medicaid Services (CMS); Centers for Consumer Information & Insurance Oversight (CCIIO) 

Thursday, October 17, 2024, TBD

Hosted by UCSF and CERSI

Moderated by UCSF-Stanford Center of Excellence in Regulatory Science and Innovation (CERSI)

The healthcare industry is at a crossroads due to cyberattacks.  Specifically, the hospital industry is viewed as being overwhelmed in its attempts to protect itself from cybersecurity attacks. As compared to other industry sectors, the healthcare sector is, in fact, more vulnerable.  However, the reason why the hospital sector is not as cyber resilient as other sectors is not due to their lack of awareness or interest. Admittedly the healthcare industry’s awareness has improved, giving credit to these organizations. However, this improvement may be also largely due to ransomware attackers” following the money by turning their attention to better capitalized industries”.  For sustained impactful longevity and success, partnerships between an array of stakeholders are immediately required to strengthen the industry’s resiliency. How this can be accomplished will be explored, as well as the reasons why hospitals remain vulnerable, despite heightened awareness. The focus is on the enactment of a comprehensive solution, as failure in the hospital industry can have infinite and catastrophic consequences in terms of patient safety and access, as well as long-term national security cyber resilient as other sectors is not due to their lack of awareness or interest. Admittedly the healthcare industry’s awareness has improved, giving credit to these organizations. However, this improvement may be also largely due to ransomware attackers” following the money by turning their attention to better capitalized industries”.  For sustained impactful longevity and success, partnerships between an array of stakeholders are immediately required to strengthen the industry’s resiliency. How this can be accomplished will be explored, as well as the reasons why hospitals remain vulnerable, despite heightened awareness. The focus is on the enactment of a comprehensive solution, as failure in the hospital industry can have infinite and catastrophic consequences in terms of patient safety and access, as well as long-term national security implications.  Further, emerging AI and quantum computing use both further complicate this scenario but can set up hospitals for huge successes with key partnerships established and plans executed. The healthcare industry is at a crossroads due to cyberattacks.  Specifically, the hospital industry is viewed as being overwhelmed in its attempts to protect itself from cybersecurity attacks. As compared to other industry sectors, the healthcare sector is, in fact, more vulnerable.  However, the reason why the hospital sector is not as cyber resilient as other sectors is not due to their lack of awareness or interest. Admittedly the healthcare industry’s awareness has improved, giving credit to these organizations. However, this improvement may be also largely due to ransomware attackers” following the money by turning their attention to the healthcare industry is at a crossroads due to cyberattacks.  Specifically, the hospital industry is viewed as being overwhelmed in its attempts to protect itself from cybersecurity attacks. As compared to other industry sectors, the healthcare sector is, in fact, more vulnerable.  However, the reason why the hospital sector is not as cyber resilient as other sectors is not due to their lack of awareness or interest. Admittedly the healthcare industry’s awareness has improved, giving credit to these organizations. However, this improvement may be also largely due to ransomware attackers” following the money by turning their attention to better capitalized industries”.  For sustained impactful longevity and success, partnerships between an array of stakeholders are immediately required to strengthen the industry’s resiliency. How this can be accomplished will be explored, as well as the reasons why hospitals remain vulnerable, despite heightened awareness. The focus is on the enactment of a comprehensive solution, as failure in the hospital industry can have infinite and catastrophic consequences in terms of patient safety and access, as well as long-term national security implications. Further, emerging AI and quantum computing use both further complicate this scenario but can set up hospitals for huge successes with key partnerships established and plans executed. The healthcare industry is at a crossroads due to cyberattacks. Specifically, the hospital industry is viewed as being overwhelmed in its attempts to protect itself from cybersecurity attacks. As compared to other industry sectors, the healthcare sector is, in fact, more vulnerable. However, the reason why the hospital sector is not as cyber resilient as other sectors is not due to their lack of awareness or interest. Admittedly the healthcare industry’s awareness has improved, giving credit to these organizations. However, this improvement may be also largely due to ransomware attackers” following the money by turning their attention to better capitalized industries”. For sustained impactful longevity and success, partnerships between an array of stakeholders are immediately required to strengthen the industry’s resiliency. How this can be accomplished will be explored, as well as the reasons why hospitals remain vulnerable, despite heightened awareness. The focus is on the enactment of a comprehensive solution, as failure in the hospital industry can have infinite and catastrophic consequences in terms of patient safety and access, as well as long-term national security implications. Further, emerging AI and quantum computing use both further complicate this scenario but can set up hospitals for huge successes with key partnerships established and plans executed.

Ms. Greene-Horace is a Health Care and IT Leader with over 25 years of experience in healthcare and IT program development for the private sector, as well as federal and state governments. She has advised Federal and State Executives on strategies to ensure secure and timely opening of Health Care Marketplaces under the Affordable Care Act (ACA). Ms. Greene-Horace created and managed the first federal cybersecurity and privacy office for the ACA to ensure that federal cybersecurity and privacy requirements were built into IT development and program governance for 17 Health State Based Care Marketplaces. She advised the Secretary of the Maryland Department of Health in instituting Health Plan Management requirements for the ACA. Her other program and/or start-up experiences have included program development at the Marriott Corporation (Senior Living Services), the New Jersey Primary Care Association (Network Management Services), and at several federal agencies and in establishing Program Offices or new business services. She is currently establishing the Artificial Intelligence (AI) Compliance Framework within the AI Governance Framework for the ACA Program. A lifelong learner, she loves learning about the potential impact of emerging technology. Ms. Greene-Horace is a graduate of Penn State (BA), Cornell (MHA), and Brown University (Cyber). She is also a member of Delta Sigma Theta Sorority, Inc. In her free time, she loves to spend time with her family, taking time planning events for children, and listening and strategizing with young adults to pursue and achieve their passions.

Register to attend

With Morgan Adamski, Executive Director, United States Cyber Command

Thursday, October 17, 2024 / 11:30 AM - Noon

Hosted by UC Irvine

Moderated by Michelled Luttrell, UCI

Come hear from Morgan Adamski, the Executive Director of U.S. Cyber Command, about the latest cyber threats to national security and your role in protecting yourself and the U.S.!

Ms. Morgan Adamski was previously the Chief of the Cybersecurity Collaboration Center for NSA’s Cybersecurity Directorate where she led the Agency’s open private sector relationships to secure the Defense Industrial Base and its service providers. During her time there, she revitalized the way NSA collaborates with the private sector to harden billions of endpoints against nation-state cyber threats. Ms. Adamski also served as the Deputy Strategic Mission Manager for NSA’s Cybersecurity Directorate and was responsible for leading complex and groundbreaking initiatives for the agency specifically aimed at gaining insights against nation-state cyber actors and collaborating with the private sector.

For more than a decade, Ms. Adamski has been at the forefront of NSA’s Computer Network Defense, Computer Network Exploitation, and Cyber analysis missions. Prior to her position in CSD, she served as a senior Cyber Policy Advisor to the Deputy Assistant Secretary for Defense (DASD) for Cyber Policy. Ms. Adamski acted as technical and operational subject matter expert to the DASD for Cyber Policy, specializing in operational issues in the Middle East and Eurasia area of responsibility. She was a primary contributor to the 2018 DoD Cyber Strategy and was responsible for orchestrating the Department’s new approach to cyber deterrence.

Ms. Adamski served as a Chief Operating Officer for NSA’s offensive cyber mission from 2016-2018, responsible for planning and executing operations against some of the agency’s hardest intelligence targets. Prior to serving in NSA’s offensive mission, she served as the NSA Deputy Director’s executive assistant (2014-2016) and as a senior SME for the Middle East cyber analysis office (2010-2014).

Ms. Adamski received the Director of National Intelligence Merit Unit Citation in 2019 and the Meritorious Civilian Service Award in 2016.

Ms. Adamski graduated from Mercyhurst University with a Master’s of Science in Strategic Intelligence. She earned her Bachelors of Art in Peace, War, and Defense with a specialization in National Security from the University of North Carolina-Chapel Hill. 

A native of Baltimore, Maryland, she is an avid sports fan and enjoys traveling as well as spending time with family and friends.

Register to attend

Guest Speakers:

Lee Zelyck, Senior Data Security Comp Analyst
PRIVACY OFFICE HEALTH EDUC, UCSF

Mary Morshed, Data Security Compliance Director, UCSF

James Tarala, Cybersecurity Researcher and Advisor, Cyverity, SANS Institute

Tuesday, October 22, 2024 / 11 AM

  

Hosted by UC San Francisco

This Halloween, dive into the shadowy world of data security with UCSF’s thrilling new Data Security Compliance (DSC) Program. Designed to combat the ever-evolving cyber threats, our program stands as a fortress with its extensive library of security requirements, including administrative, technical, and physical controls. These robust safeguards are meticulously assembled from a myriad of sources such as laws, regulations, UC/industry/local policies, and contract stipulations. As the digital landscape morphs and expands, the challenge of tracking and managing compliance intensifies. Join the UCSF DSC Team on a spine-chilling journey to unravel the mysteries of cybersecurity compliance. Discover cutting-edge tools and resources that simplify the identification of pertinent requirements for specific systems or use cases. Learn the art of de-duplicating and consolidating safeguards to fortify your defenses.

But that’s not all—our alliance with the Cybersecurity Risk Foundation (CRF) brings decades of consolidated cybersecurity wisdom to your fingertips. Through comprehensive research, policy guides, frameworks, and an innovative online assessment tool, we empower you to enhance your cybersecurity posture dramatically. Prepare to be spellbound as you access expert advice and state-of-the-art solutions designed to shield your organization from the ghostly specters of cyber threats and ensure stringent compliance with industry standards. Don’t miss this chance to transform your cybersecurity strategy from a haunted maze into a commanding stronghold. Join us to safeguard your digital realm this Halloween and beyond!

Lee Zelyck is a cybersecurity professional with 20 years of experience. He joined UCSF Health in November 2023 as a Senior Data Security Compliance Analyst. Prior to joining UCSF, Lee worked as a consultant to cloud providers and clients in various industries, including oil, gas, and government. For the past 5 years, Lee has worked in cybersecurity operations for academic healthcare providers and holds several information security technical and professional certifications.

Mary Morshed is the UCSF Director of Data Security Compliance. Mary joined UCSF Health in November 2022. She previously served 16+ years in the role of Chief Information Security and Privacy Officer for various state of California entities, CSU, and Sacramento Municipal Utility District (SMUD). She has over 33 years of experience in the field of information security and also currently holds several industry security, privacy, and healthcare professional certifications.

James Tarala is a managing partner with Cyverity based out of Venice, Florida, and a SANS Senior Instructor. As a consultant, he has spent the past several years designing large enterprise security and infrastructure architectures, helping organizations to perform security assessments, and communicating enterprise risk to senior leadership teams. He is the author of LDR419: Performing a Cybersecurity Risk Assessment, the brand new LDR519: Cybersecurity Risk Management and Compliance course, as well as a number of previous SANS courses.

Register to attend

Friday, October 25, 2024 / Noon - 1 PM

Hosted by UC Santa Barbara

In our increasingly digital world, the convergence of privacy, cybersecurity, and artificial intelligence has reshaped how we approach data protection and governance. This presentation by Reema Moussa, J.D. (USC Gould School of Law) and UC Santa Barbara Alumnus will explore the evolving legal frameworks surrounding AI technologies, data privacy, and cybersecurity measures. We'll cover existing laws, key challenges, and ethical considerations in safeguarding personal data as well as how the development of both AI technology and new laws to regulate it factor into these challenges and considerations. Through examining regulatory trends and case studies alike, this session will give a high level view of privacy, AI, and cyberlaw basics.

Reema Moussa is a recent J.D. graduate from the University of Southern California, Gould School of Law, focusing her studies and upcoming practice on cybersecurity, privacy, artificial intelligence, and trust and safety. She graduated from UC Santa Barbara in 2020 with degrees in Communication and Global & International Studies, and completed her Master in Technology Management at UCSB in 2021. During a study abroad program at the University of Geneva, she launched her career in technology at the United Nations’ International Telecommunication Union (later returning to coordinate the 10th anniversary of Girls in ICT Day). Upon her return to UCSB from abroad in 2019, she joined UCSB's Office of the CIO as the campus' Cybersecurity Awareness Coordinator.

During her legal studies she held positions with a number of different types of stakeholders across the globe, interning at the Federal Trade Commission's Division of Privacy and Identity Protection, VMCA Advogados (São Paulo, Brazil), Goodwin Procter, the Electronic Frontier Foundation, the Future of Privacy Forum, and SentinelOne. She has spoken on her experience and knowledge of interdisciplinary tech policy issues at several international conferences, including Women in Cybersecurity (WiCyS), the IAPP Global Privacy Summit, the California Lawyers Association’s annual Privacy Summit, and the American Bar Association’s inaugural Consumer Protection and Data Privacy Conference, among others. She previously served as the Vice-President and West Coast Regional Chair of the Internet Law and Policy Foundry, where she was a Senior Fellow and the host/executive producer of the Tech Policy Grind podcast. She has also been a member of the Young Lawyers Advisory Panel for the Privacy and Information Security Committee of the American Bar Association's Antitrust Section since 2021.

Register to attend

Presented by Matthew Hall, Vice President of Information Technology and CIO at Texas State University

Wednesday, October 30, 2024 / Noon - 1 PM

Hosted by UC Santa Barbara

You Didn’t See It Coming: Cyber Risk in Higher Education delves into the rapidly evolving landscape of cyber threats facing universities and colleges. Over the course of 45 minutes, it highlights how institutions are increasingly vulnerable to data breaches, ransomware attacks, and other cyber risks due to their vast digital infrastructures and sensitive data repositories. The presentation explores the challenges in higher education, including underfunded security initiatives and decentralized IT environments. It provides an in-depth analysis of ISO risk frameworks such as ISO 31000 and ISO 27001, demonstrating how these standards can build robust risk management strategies. Through case studies and best practices, it offers actionable insights into identifying, mitigating, and managing cyber risks, emphasizing the need for proactive governance, continuous monitoring, and aligning cybersecurity with institutional goals. Participants will leave with a clearer understanding of the urgency of cyber risk management and practical steps for implementing adequate safeguards within their institutions.

Register to attend

Thursday, November 14, 2024 / 1 PM

Sponsored by UC San Francisco and the Rosenman Institute

Moderator: Herminio Neto, Associate Director, Marketing & Communication, Rosenman Institute

Cybersecurity is a critical concern not only for individuals facing risks like identity theft but also on a national level, influencing elements as significant as federal elections. Within the healthcare sector, the complexity of challenges has expanded for startups, lab scientists, and IT professionals. Risks from exploiting generative artificial intelligence now join threats like IP theft, ransomware, and hacktivism.

This webinar aims to empower participants by deepening their understanding of these evolving threats and highlighting how to forge robust cyber-resilience strategies. You will learn how to defend against these risks and develop resilient systems that continue to function effectively even during cyber incidents.

Join us to gain expert insights from the FBI's Elvis Chan, who leads San Francisco’s Cyber Branch in cyber investigations and digital forensics, and UCSF’s Chief Information Security Officer, Patrick Phelan. Together, they will share valuable strategies to enhance your defensive capabilities and build resilience that protects both individuals and the organizations you serve. This is an essential session for mastering the complexities of cybersecurity in today's interconnected world.

About the Speakers:

Elvis Chan is an Assistant Special Agent in Charge (ASAC) assigned to FBI San Francisco. ASAC Chan manages the field office’s Cyber Branch, which is responsible for cyber investigations, digital forensics, technical operations, community engagement, and public affairs. With over 16 years in the Bureau, he is a decorated agent who is recognized within the Intelligence Community as an election cybersecurity and cyberterrorism expert. ASAC Chan was the lead agent on significant cyber investigations and managed joint counterterrorism operations with domestic and foreign law enforcement agencies. Prior to joining the Bureau, ASAC Chan was a process development engineer in the semiconductor industry for almost 12 years. He holds two U.S. patents, presents at many technical and law enforcement symposiums, and published multiple articles in journals. ASAC Chan earned his bachelor’s degrees in chemical engineering and chemistry from the University of Washington and his master’s degree in homeland security studies from the Naval Postgraduate School.

Patrick Phelan is the Chief Information Security Officer of UCSF, one of the premier academic medical centers in the country. He is responsible for the security strategy and operations that protect systems supporting the research, education, and clinical missions of the institution. A 25-year IT veteran, he is a member of several professional organizations, holds CISSP, CEH, CISM certifications, and a B.S. in computer science from UCLA.

Register to attend

Additional Resources and Information To Explore

National Cybersecurity Alliance

Making it easy for everyone to learn more about cybersecurity and staying safe online. View a collection of easy-to-follow resources and guides for youself and to share with others.

WiCyS - Women in Cybersecurity

A global community of women, allies and advocates dedicated to the recruitment, retention and advancement of women in cybersecurity.

Cybersecurity & Infrastructure Security Agency (CISA)

• Parent and Educators Tip Card
• Chatting with Kids about Being Online Booklet
• Student Tip Cards
  • K-8 Students
  • 9-12 Students
  • Undergraduate

Savvy Cyber Kids (3-7 year olds)

Federal Communications Commission