![Page 1: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/1.jpg)
Changing The Cybersecurity Culture: UC Cyber Champion Program
Monte Ratzlaff, CISSP, CISADirector, Cyber-Risk ProgramUniversity of California Office of the President
![Page 2: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/2.jpg)
Cyber-Risk Coordination Center
(C3) Overview
![Page 3: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/3.jpg)
8/16/2018 3
C3 Overview - Portfolio
• Threat Detection and Identification (TDI) Coordination
(FireEye live or in implementation phase at 14 locations)
• Biannual Cybersecurity Summits• Quarterly CRGC Meeting Coordination• Monthly and Quarterly Cyber-risk Reporting
• Cyber Threat Intelligence
• Systemwide Cyber Project Coordination(RFPs and Information Security Workplans)
• UC Health Initiatives Coordination(Affiliate Risk Assessments, Phishing Simulation)
• Cyber Champions Program
![Page 4: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/4.jpg)
Challenges with traditional security awareness approaches
![Page 5: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/5.jpg)
Traditional Security Awareness Challenges
• Can be inappropriate for the audience
• Limited follow-up/evaluation of trainee comprehension
• Treating security awareness as purely a compliance activity
• Computer Based Training• “One size fits all”• Individual learning styles
8/16/2018 5
![Page 6: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/6.jpg)
Cyber Champion/Ambassador Concept
![Page 7: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/7.jpg)
Cyber Champion/Ambassador Concept
• Network of individuals embedded throughout your organization who help you spread the word
• Scale/Force Multiplier• Instead of just one person communicating a message you literally can have hundreds
• Cost• Financial cost is minimal, the greatest cost is in time
• Engagement• Ambassadors/Champions understand the challenges and cultures of the local
units/groups they work with• Often far more effective at engaging and reaching their colleagues/constituencies• Especially true of organizations that have numerous locations or very diverse cultures
or generations
8/16/2018 7
Source: Lance Spitzner – “The Power of a Security Ambassador Program”, SANS, November 8, 2017
![Page 8: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/8.jpg)
Cyber Champion/Ambassador Concept
• “Eyes and ears”• Creates a communications network• Not only pushing out information, but collecting information
and sending it back to you– Information such as what are the biggest risks they are
seeing in their local office, what topics are the most popular
• Changing Culture• Behaviors are an artifact of underlying beliefs, values, and
assumptions
8/16/2018 8
Source: Lance Spitzner – “Building A Security Awareness Ambassador Program”, RSA presentation, April, 2018
![Page 9: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/9.jpg)
UC Cyber Champion Program
![Page 10: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/10.jpg)
UC Cyber Champion Program
• The program is designed to strengthen UC’s culture of cybersecurity through a systemwide network of Cyber Champions
• Cyber Champion programs help to achieve security awareness and culture at scale
8/16/2018 10
![Page 11: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/11.jpg)
UC Cyber Champion Program
• C3 partners with, and supports, locations who have existing Cyber Champion programs and assists locations with establishing programs
• Cyber Champion programs recruit individuals from a variety of levels and departments to participate in outreach and educational activities
8/16/2018 11
![Page 12: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/12.jpg)
UC Cyber Champion Program
• C3 provides the Cyber Champion programs with tools and resources to promote and support activities at their respective locations
• C3 regularly reports on program activities to stakeholder groups including CISOs, ITPS, ITLC, and CRCG
8/16/2018 12
![Page 13: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/13.jpg)
UC Cyber Champion Program
• Examples of Cyber Champion activities• Cyber Champion events, calls, and training sessions• Providing input into the development of cyber initiatives and
programs• Assisting in identifying strategies and common approaches to
promote cyber initiatives and programs• Promoting cyber initiatives and programs via local channels and
teams• Sharing lessons learned from outreach efforts and brainstorming
new ideas for improvement
8/16/2018 13
![Page 14: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/14.jpg)
Cyber Champion Events
• Cyber Champions Partners Forum at UCSF
• Champions Spotlight• Cyber Champion Challenge• Live feedback polling
– Attendees responded to questions with live polling results displayed
8/16/2018 14
![Page 15: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/15.jpg)
Cyber Champion Events
• Cyber Security Checkup Training• C3 and UCSF hosted the training for the UCSF Cyber Champions• Sam Horowitz, CISO for UC Santa Barbara, developed and presented the
training– Tips on how to keep your information safe and secure online– A “train the trainer” approach was taken so attendees could train their
colleagues
8/16/2018 15
![Page 16: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/16.jpg)
Cyber Champion Events
8/16/2018 16
![Page 17: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/17.jpg)
Join Us!
![Page 18: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/18.jpg)
Join Us! How You and Your Location Can Engage
• Join Your Existing Location Program
• Encourage Your Location to Start a Program• Contact your Location Chief Information Security Officer (CISO)• Volunteer to help• Become a Cyber Champion!
• Unit Information Security Leads (new IS-3 role)• Built-in Cyber Champion!
8/16/2018 18
![Page 19: Changing The Cybersecurity Culture: UC Cyber Champion …...•Can be inappropriate for the audience •Limited follow-up/evaluation of trainee comprehension •Treating security awareness](https://reader033.vdocuments.net/reader033/viewer/2022050408/5f84ee17754ed16bc7248af0/html5/thumbnails/19.jpg)
Questions from you!
8/16/2018 19