NCSAM Events

October 1-31, 2020 -- On Demand Movie, User-led & Moderator-led Games brought to us by livingsecurity

Cinema Event 

Video Modules

CIP - Synthetic Identity Theft from Living Security on Vimeo.

Cyber Hygiene - How to Securely Work from Home during COVID-19

CIP - Vendor Email Compromise from Living Security on Vimeo. 

Games

Security Feud

Escape Room

Figure out what happened at Gizmo! Suspicious behavior at Gizmo Corp. leads one team of remote investigators on a heart-pounding pursuit to stop cyber criminal heist that, if successful, could leak millions!

This online team-based cyber security training creates an engaging gamified experience for all levels of employees. An entirely virtual Escape Room will guide your team to uncover clues to identify and locate the insider threat. See the trailer here. (Contact cybersecurity@ucsd.edu to schedule your team's play.)

Infographic

Seven Deadly Sins of Working From Home

Electronic Records Management – Now, More Than Ever!

October 1, 2020 10-11 a.m. - Hosted by UCOP

Are you concerned about all of the things you are using to create and receive records while you are working from home? Do you know what you need to manage and how?

The UC Records Management Committee is celebrating Electronic Records Day by hosting the event Electronic Records Management – Now, More Than Ever! 

UC panelists will include experts in Archives, Records Management, Privacy, and Information Security. The experts will focus on their areas of electronic records management and provide tools to help us all manage the electronic records we create and retain in our work. After the presentations, there will time available to address questions from the audience.

Password Security - Hate Passwords? You're Not Alone: Why We Still Have Passwords in 2020

October 5, 2020 12-1 p.m. - Hosted by UCSB

There are few things in the world more ubiquitously despised than passwords. How many times have you tried to login to a website, only to realize that you “forgot your password,” or tried to create a new password only to have every attempt rejected because it is not secure enough? And then, after satisfying all of these requirements, you get a text with a “security code” that you have to type in -- not ideal. How did we get ourselves in this situation, and does any of this even help from a security point-of-view?

This talk is a brief history of passwords and the evolution of authentication will be discussed.  It will include details of real-world attacks against passwords to provide insights as to when the various security measures (e.g., strict passwords requirements and text messages) do and do not help. The goal is to pull the curtain back on the various forms of password-based authentication and let you be the judge if you should be frustrated with or grateful for the various “security” hops that you must jump through on a daily basis.

Q & A with SANS Director of Emerging Security Trends with John Pescatore

October 6, 2020 10-11 a.m. - Hosted by UCSF

During this session SANS’ John Pescatore will start things off by highlighting the top 3 security issues hitting organizations in 2020/2021. Ken Newton, UCSF IT Security Operations Manager, will then ask questions to drill down in areas of interest in particular to the USCF community and will then select questions from the audience.

Zoom Security & Cool New Features

October 7, 2020 10-11 a.m. - Hosted by UCSB

Cybersecurity & Safety for Families

October 7, 2020 1-2 p.m. - Hosted by UCOP

By Ric Messier, CCSP, GCIH, GSEC, CEH, and CISSP, Author, Educator, Senior Security Consultant at FireEye Mandiant.

The fully connected, digital world has made it a lot easier for the bad guys to attack us in ways we have never had to deal with before. It’s not just email anymore. It’s Snapchat and Facebook and Twitter and text messages and so many other communications avenues. It’s important for all families to understand how criminals are trying to get at them through these pathways that have allowed for unprecedented levels of communication between humans around the world. This presentation will cover the following topics:

• Who is after you?
• What do these attacks look like?
• How do you protect yourself from them?
• Email
• Social networking
• Voice and messaging

Living Security's Family First Series: Webinar 1 - Keeping your Kids Safe in an Online World

October 8, 2020 10-11 a.m.

Social media connects us with friends and gives us a platform to share our lives. But a friend of a friend doesn’t necessarily equal someone you can trust, especially when it is someone that you haven’t met personally. Just think of how much rapport and experience it takes for you to give someone from your own workplace a recommendation.

Join us for this powerful and informative webinar to learn more about:

• Why your kids should only connect with and interact only with people they’ve met and trust personally
• Why they should never meet up in person with someone that they have only met only through social media
• Why it is critical to keep even innocent information private (someone finding out what school you attend can easily identify your address)
• The dangers of posting inappropriate photos or sharing anyone else’s.

Barrett Lyon Presents: Understanding Security Through Visualization of the Metaphysical

October 8, 2020 2-3 p.m. - Hosted by UCSF

The internet - the largest network of all - is abstract and hard to visualize. But it has been made more visually approachable by the Opte Project, an open-source initiative to create a visual representation of the metaphysical spaces of the internet. Created by Barrett Lyon, Opte visually showcases how each connection works, and its influence along with the rise and fall of networks and even countries over time.  

Box Security & Usability Tips

October 9, 2020 9-10 a.m. - Hosted by UCSB

Smartcard Security - How "Smart" are Smartcards? A Hacker's Perspective on Those Plastic Cards

October 12, 2020 12-1 p.m. - Hosted by UCSB

We all carry smartcards in our wallets. We use them to purchase things (credit cards), gain access to buildings (employee ids), identify who we are (passwords). What is this black magic that gives these pieces of plastic so much power? Why do some cards have little metal pads on them, and the others just require you to “tap?” Are any of these actually secure? How was my credit card number stolen? Maybe these are questions that you’ve asked yourself regularly, or are facing them for the first time right now. Either way, aren’t you curious?

This talk will provide a broad overview of the field of smartcards (and RFID) and attempt to highlight why these technologies exist, what they were intended for, and what their security architectures are like. Then, you will put our security hats -- black if you prefer -- and attack these various technologies. You will be walked through various attacks and demonstrations to bring you up to speed with smartcard security measures. Swipe, insert, or chip+PIN? After this presentation, you will be able to speak intelligently about the security of these mysterious cards and will likely never want to “swipe” or “tap” your card again.

UC Fall Cyber Security Summit

October 14, 2020 1-2 p.m.

The Fall UC Cyber Security Summit will be held online on October 14th. We are excited about sharing our collective expertise in order to better safeguard UC’s mission of teaching, research, and public service.

[Note: registration for this event is closed]

Election Safety with Jon Ford

October 15, 2020 1-2 p.m. - Hosted by UCOP

Election Safety with Jon Ford, Mandiant, Cybersecurity Expert, and Professor.

Cyber criminals and bad actors can create chaos in state and local voting and election systems. Mandiant provides election security to over 100 jurisdictions across the United States to better prepare against election security threats. To develop solutions and security programs to counter cyber threats to elections, government agencies have leaned on industry experts with frontline experience to protect our democratic elections.

Securing the New Normal: How Cyber AI Learns on the Job   

October 15, 2020 1-2 p.m. - Hosted by UCSB

The future of work remains unpredictable and uncertain. More than ever before, business leaders need to remain confident that their operations can continue securely in the face of global or even regional crises, and while sections of the economy are slowly re-opening, cyber-attackers are ramping up their campaigns.

As businesses look set to rely on cloud and SaaS tools for the long term, our digital environments are going to be more dynamic than ever. Yet organizations are finding themselves undergoing a delicate balancing act—each new work practice and technology that is introduced also brings unforeseen risk. Static, legacy approaches have become redundant, both unintelligent and ill-equipped to adapt.  

Organizations must rethink their approach to security ,and rely on new technologies like AI to achieve much-needed adaptability and resilience. Darktrace is the world leader in cyber AI technology, and leverages unsupervised machine learning to seamlessly adapt and integrate into changing environments, and to detect and respond to attacks in the earliest moments.

In the face of an uncertain present and future, Cyber AI enables businesses to continue communicating, operating, and innovating. 

Hacker Stories with Chris Hadnagy

October 16, 2020 1-2 p.m. - Hosted by UCOP

Real-life hacker stories from the trenches about the risks (and consequences) that real companies have had to face. Chris discusses his goal to secure companies by educating them on the methods used by attackers, identifying vulnerabilities, and mitigating issues through appropriate levels of awareness and security.

Doing Our Part to Stay CyberSafe with Joseph Oregon, DHS

October 16, 2020 1-2 p.m. - Hosted by UCI

As we adjust our personal, professional and educational lives around COVID-19, we need to be mindful about the threats that still lurk online. Join us and our guest Mr. Joseph Oregon from the Department of Homeland Security’s newly created agency to address cyber and physical risk, the Cyber Security Advisor for the Cybersecurity and Infrastructure Security Agency (CISA) as we discuss how to do our Part to stay cyber-safe.

Binary Exploitation - What is "Hacking," Really? Insights into Breaches

October 19, 2020 12-1p.m. - Hosted by UCSB

“Hackers” have become emblazoned in our society. They dominate news headlines, are featured in prominent Hollywood movies, and have become larger than life -- instilling fear in IT professionals and awe in many young computer scientists. Who are these people, what does it mean “hack” something, and what the heck is a binary? Surely, you have seen a news headline that talks about hackers stealing data, taking over cars, or disrupting power plants and thought to yourself, “how did they do that; is that even possible?”

In this talk, the goal is to convince you that “hacking” isn’t that hard and try to tease apart fact from fiction with respect to hackers. It will highlight some hacking techniques and show you how to “own” a computer. We will explore some of the technical limitations of our current computing systems and why they are exploitable. Finally, you will be asked to walk you through a simple example of binary exploitation, and how you can make a program do things it wasn’t intended to do. At the end of this talk, you should be able to read news headlines with sufficient skepticism and, in some rare cases, considerable respect for the hacker’s skills.

State of California Virtual Cybersecurity Education Summit 2020

October 20, 2020 9 a.m.-1 p.m. & October 21, 2020 9 a.m.-1 p.m.

The 2020 Virtual Summit is hosted by California State University, Sacramento (Sac State) in conjunction with four state partners: California Department of Technology, California Governor’s Office of Emergency Services, The California Military Department, and California Highway Patrol.

The 2020 Virtual Summit is designed to engage the entire spectrum of California's cybersecurity professionals, whose job functions and expertise range from highly technical to executive. Attendees will have the opportunity to meet the nation's leading solution providers and discover the latest products and services for enterprise cyber defense. The Summit will be content-rich with proven strategies and practical tools and templates for transforming your Information Technology and Information Security operations to effective government Security Operation Centers of tomorrow.

Elevate: Cybersecurity & Diversity in the C-Suite and the Boardroom

October 20, 2020 1-2 p.m. - Hosted by UCOP

Alexa King, Executive Vice President, Corporate & Legal Affairs at FireEye, discusses diversity in the C-suite and opportunities that exist for women in cybersecurity, diversity in the boardroom, and the importance of mentorship.

  Women in Cybersecurity Panel

October 20, 2020 1-2 p.m. - Hosted by UC Merced

This year, the highlight of the NCSAM at UC Merced will be our "Women in Cybersecurity" panel moderated by AVC and CIO, Ann Kovalchick. Panelists will give their unique perspectives on the triumphs and challenges women face in the world of cybersecurity. The discussion will  be followed by a Q&A session to answer your questions. Register as soon as possible to attend!

Panelists:

•    Sureyya Tuncel, Information Security Analyst UC Riverside
•    Trinh Ngo, Senior Manager IT Compliance Blue Shield of California
•    Kathleen Bodi, Information Security Analyst UC Merced

Moderator: 

•    Ann Kovalchick, Associate Vice Chancellor and Chief Information Officer at University of California, Merced.

Living Security - Keeping Children Safe Online - Social Media Safety - Threats Around the Corner and in our Homes

October 21, 2020 10-11 a.m. - Hosted by UCOP 

Social media connects us with friends and gives us a platform to share our lives. But a friend of a friend doesn’t necessarily equal someone you can trust, especially when it is someone that you haven’t met personally. Just think of how much rapport and experience it takes for you to give someone from your own workplace a recommendation.

Join us for this powerful and informative webinar to learn more about:

• Why your kids should only connect with and interact onlywith people they’ve met and trust personally
• Why they should never meet up in person with someone that they have only met only through social media
• Why it is critical to keep even innocent information private (someone finding out what school you attend can easily identify your address)
• The dangers of posting inappropriate photos or sharing anyone else’s.

Cyber Threatscape with FBI Special Agent, Michael Sohn 

October 22, 2020 2-3 p.m. - Hosted by UCI

Understanding what the cyber threats are to UCI Faculty and Students. The FBI will share its perspectives on the cyber threat landscape, and will provide tips to protect for protecting ourselves fom them.

The State of Authentication with Chad Spensky

October 22, 2020 4-5 p.m. - Hosted by UCSB

The State of Authentication with Chad Spensky, Founder & CEO of Allthenticate.

 

 

Box Security & Usability Tips

October 23, 2020 10-11 a.m. - Hosted by UCSB

Current Trends in K-12 and Higher Education Cybersecurity Issues and Risk Mitigation

October 23, 2020 10-11 a.m. - Hosted by UCSF

Current Trends in K-12 and Higher Education Cybersecurity Issues and Risk Mitigation with Joseph Oregon, Cybersecurity Advisor, Region IX, for the Cybersecurity Division. Department of Homeland Security (DHS) & Cybersecurity & Infrastructure Security Agency (CISA) 

Joe Oregon will present on the cybersecurity issues plaguing K-12 and Higher Education Institutions and the resources available to help them stay safe and secure.

Joe serves as the Cybersecurity Advisor, Region IX, for the Cybersecurity Division (CSD), Cybersecurity and Infrastructure Security Agency (CISA). He supports the Department of Homeland Security (DHS) mission of strengthening the security and resilience of the nation's critical infrastructure. His program coordinates cyber preparedness, risk mitigation, and incident response, and provides cyber security resources, including assessments, to the nation’s sixteen critical infrastructure sectors and state, local, tribal, and territorial government entities.

Fish Sticks Comedy - Security Improv

October 23, 2020 1-2 p.m. - Hosted by UCOP

Fish Sticks Comedy is one of the largest, always all age appropriate improv comedy teams in the US. Their mission — to bring people closer to each other and their communities through comedy improv. They will make our cheeks hurt from laughing and do more than entertain. They will create a UC community experience through their unique cybersecurity improv! (FishSticksComedy.com)

Embedded System Security - Are My (Internet of) Things Vulnerable? A Look at the Security of Embedded Systems 

October 26, 2020 12-1 p.m. - Hosted by UCSB

Embedded systems, little single-purpose computers, have entrenched themselves into every aspect of modern life. While this is mostly good news because it enables amazing functionality (e.g., self-driving cars, smart homes, and the world’s information at our fingertips), it does raise one major question, “Is this stuff secure?” Conspiracies abound with Smart Assistants, “Hey Siri, are you eavesdropping on me?” “Hey Google, are you collecting my data?” And almost mythical stories have arisen of hackers taking over refrigerators, power plants, and even planes. Are any of these outlandish claims even possible?

This talk will explain how embedded systems are built, and what kind of security concerns they face. Then, we will discuss some interesting real-world attacks and learn how difficult it really is to build a “secure” embedded system. Finally, we will walk through a few real attacks and see what is being done to defend these systems in practice. Ideally, after this presentation you will understand that these embedded systems are not-so-different from your laptop, but how these subtle differences radically change the game from a security perspective.

Living Security's Family First Series: Webinar 2 - Social Media Safety

October 21, 2020 10-11 a.m.

Social media connects us with friends and gives us a platform to share our lives. But a friend of a friend doesn’t necessarily equal someone you can trust, especially when it is someone that you haven’t met personally. Just think of how much rapport and experience it takes for you to give someone from your own workplace a recommendation.

Join us for this powerful and informative webinar to learn more about:

• Why your kids should only connect with and interact only with people they’ve met and trust personally
• Why they should never meet up in person with someone that they have only met only through social media
• Why it is critical to keep even innocent information private (someone finding out what school you attend can easily identify your address)
• The dangers of posting inappropriate photos or sharing anyone else’s.

Zoom Security & Cool New Features

October 28, 2020 10-11 a.m. - Hosted by UCSB

  UC Berkeley's DayLight Lab Adversary Personas Game

October 28, 2020 12-1:30 p.m. - Hosted by UC Berkeley

Host your own game & learn to identify security risks! 

You've probably taken security trainings. Do this, don't do this. But why? Get 3 or more teammates together and participate in this interactive game where you'll learn how to determine who might be trying to attack you. With a simple practice, developed at UC Berkeley, you'll learn the "why" behind the advice you've been getting.

Adversary Personas is an improvisational role-playing game designed to help teams think broadly and creatively and identify their potential cybersecurity threats.

Get the game here!

Living Security's Family First Series: Webinar 3 - Security, Privacy and Predator Risks

November 5, 2020 10-11 a.m.

Online gaming through console, PC or mobile device provides a fun and interactive experience for kids, of all ages. Therein lies one of the more dangerous aspects of online gaming. It is one forum where even a large variance in age is not unusual and provides an avenue for people your kids would know to avoid in-person to have contact with them in a setting that lowers their defenses.

Join us for this informative webinar to learn more about:

• Cybersecurity best practices in keeping accounts private
• Not talking to strangers. Play with people you know. If you play with unknown individuals, do not share personal information nor trust that they are who they say they are
• How to look out for and avoid in-game chat dangers (phishing) – often embedded in links
• Why your kids should avoid in-game purchases (identity theft and privacy)
• How to recognize and deal with cyberbullying – never be afraid to report it.