Skip to main content

System Status: 

  1. Home
  2. Technology
  3. Security
  4. Secure Connect
  5. About Secure Connect

About Secure Connect

Last Updated: October 14, 2024 10:33:23 AM PDT
Give feedback

Learn about the Secure Connect program structure, governance and more.

About the Program

Strategic Vision

Safeguarding Our Communications, Networks and Devices

Secure Connect is a cybersecurity initiative focused on safeguarding our campus and Health email communications, networks, and computing devices. The program builds on existing practices, all designed to ensure the security of our intellectual property; research data; and student, personnel, and patient records. Secure Connect includes a suite of measures to educate and empower our people and leverage technical solutions to protect our infrastructure and resources. Implementation will proceed in phases, with a required completion date of May 2025. While the program objectives are expected to be realized by May 2025, Secure Connect is one step in an ongoing effort to improve our cybersecurity posture at UC San Diego.

Who’s Impacted?

Cybersecurity is a shared responsibility among all members of the UC San Diego community. Academics and staff across campus, Health Sciences, and Health will be called on to complete educational requirements and follow enhanced cybersecurity protocols. 

Program Summary and Goals

Secure Connect relies on a mix of people education and empowerment and technical solutions. Broad program objectives include:

  • 100% completion of UC Cyber Security Awareness Fundamentals for eligible campus staff and academics
  • Expanding multi-factor authentication protection to all campus email systems
  • Equipping computing devices with threat-detection software
  • Identifying all computing devices connected to university trusted networks in a centralized configuration management database (CMDB)

Scope & Projects

Secure Connect brings UC San Diego cybersecurity practices into alignment with systemwide standards and expectations established by President Drake in February 2024. The standards apply to all UC locations and all employees, including faculty. UCOP has set a deadline of May 2025 for full implementation.
UCOP Standard UC San Diego Project and Status
Ensure cyber security awareness training for 100 percent of location employees.  Ensure completion of online training; enable single sign-on (SSO) intercept for overdue personnel that redirects to the UC Learning Center.
Ensure timely cyber escalation of incidents in alignment with UC Incident response and cybersecurity escalation standards. UC San Diego's cyber escalation meets the UC Incident response and cybersecurity escalation standards; UC San Diego will monitor this requirement to ensure continued alignment.
Ensure identification, tracking and vulnerability management of all computing devices connected to the university trusted networks. Continue the process of entering all devices connecting to the university trusted networks into a centralized configuration management database (CMDB).
Deploy and manage UC-approved Endpoint Detection and Recovery (EDR) software on 100 percent of university-owned devices. Technical teams to equip in-scope devices with Qualys and Trellix, applications that assist UC San Diego cybersecurity teams with threat response and vulnerabilities management. Appropriate mitigating measures will be required of BYOD devices accessing univesity trusted networks.
Deploy, enable, and configure multi-factor authentication (MFA) on 100 percent of campus email systems in conformance with established UC MFA configuration standards. Core Campus email systems have been secured by Duo for several years. Security teams will now apply Duo to any remaining systems and accounts. 

Leadership

The Secure Connect program is a joint effort that includes:

  • UCOP
  • All UC locations
  • UC San Diego leadership
  • Campus IT Services
  • Health Information Services
  • Cybersecurity Operations Group (CSOG)
  • Distributed IT teams serving schools, divisions, and other units

Governance

We Value Shared Governance

Secure Connect commits to shared governance in cybersecurity, valuing the expertise and diverse perspectives of stakeholders across academic departments, administrative units, and IT teams. By involving all key parties in decision-making processes, we ensure that our cybersecurity strategies are comprehensive and aligned with both academic and administrative needs. This collaborative approach fosters accountability and enhances our ability to protect sensitive data and digital assets effectively. Through shared governance, we demonstrate our dedication to security and the collective responsibility of safeguarding our university's information infrastructure.

Committees Involved

These committees are currently involved in the Secure Connect program, each playing a crucial role in its success:

  • Cybersecurity Governance Committee
  • Cybersecurity Operations Group
  • Faculty Steering Committee

Cybersecurity Governance Committee

The Cybersecurity Governance Committee provides broad leadership and oversight for Secure Connect. Governance members make certain the project is operating within stated constraints (budget, schedule, scope, etc.) and monitors risks and associated mitigation efforts.The members are:

  • Arlene Yetnikoff, Chief Information Security Officer (co-chair)
  • Scott Currie, Chief Information Security Officer, UCSD Health (co-chair)
  • Christa Perkins, Assoc. Director– Audit and Management Advisory Services
  • Christian Dameff, Medical Director of Cybersecurity, Health Sciences
  • Cindy Lyons, University Registrar
  • Dan Park, Chief Campus Counsel
  • Faith Hawkins, Asst. Vice Chancellor, Office of Research Affairs
  • Jeff Tully, Co-Director Center for Healthcare Cybersecurity
  • Jennifer Ford, Director Research Compliance and Integrity
  • Patrick Callaghan, Asst. Vice Chancellor – Scripps Institution of Oceanography
  • Pegah Parsi, Chief Privacy Officer
  • Stefan Savage, Professor – Computer Science and Engineering
  • Winston Armstrong, Information Security Officer, San Diego Supercomputer Center
  • Open, Faculty Senate Rep

Cybersecurity Operations Group

The Cybersecurity Operations Group serves as an advisory and working group for Secure Connect. The members are:

Leadership Group (quarterly):

  • Vince Kellen, Chief Information Officer (Chair)
  • Kevin Chou, Deputy Chief Information Officer
  • Arlene Yetnikoff, Chief Information Security Officer
  • Scott Currie, Chief Information Security Officer, UC San Diego Health
  • Unit Heads
  • Academic and Research Leadership

Working Group (biweekly):

  • Arlene Yetnikoff, Chief Information Security Officer (Chair)
  • Unit Information Security Leads (UISLs)

Faculty Steering Committee

The Faculty Steering Committee provides strategic guidance, risk management assessment, academic stakeholder engagement and implementation oversight for Secure Connect. The members are:

  • Jelena Bradic, Professor, Mathematics, UC San Diego
  • John Hildebrand, Professor, Scripps Institution of Oceanography
  • Stefan Savage, Professor, Computer Science and Engineering, UC San Diego
  • Frank Wuerthwein, Professor, Halıcıoğlu Data Science Institute

For more information, contact secureconnect@ucsd.edu.