2023 Annual Report Web Version
Welcome to the web version of the 2023 UC Cyber Risk Program Annual Report! We've made the stories from the report available here for you to read and share with others. You can also read the report in its entirety in PDF form.
"UC is leading the way in higher education by looking beyond cybersecurity risk management to embrace and uniquely define a vision centered on digital risk management. While the breadth of activities is extensive, digital risk management remains rooted in the shared building blocks of effective cybersecurity risk management, encompassing people, processes, tools, and governance."
—Van Williams, Vice President of IT and Chief Information Officer, University of California
In the Cyber-Risk Coordination Center, our team approach to cybersecurity includes five pillars: governance, management, technology, environment, and culture. Together, we strive to establish strong partnerships, strategically align with UC locations, and foster a learning environment. Our team, collectively comprising more than 50 years of cybersecurity experience, includes Cecelia Finney, Farrokh Khodadadi, Adrian Mohuczy-Dominiak, Jackie Porter, and Wendy Rager.
This year’s annual report shines a light on the people throughout the University of California and the initiatives they’re spearheading to make UC, and all of us, more cyber safe. For example, UC has been growing its pipeline of human resources, nurturing a diverse and informed workforce, conducting risk assessments across the university, and promoting cyber safe training and events.
We also introduced the concept of digital risk in 2023, which we define as risk posed by areas such as cyber security, digital accessibility, data privacy, IT third-party risk management, and emerging technology—these are interlocking pieces of a larger digital risk landscape. We began introducing the concept during the new UC Tech Academy: Cyber Leadership Program for UC leaders. Look for future opportunities to learn more about digital risk in the coming year.
Thank you for contributing to our success as a university!
—Monte Ratzlaff, Director, Cyber Risk Program and Interim Systemwide Chief Information Security Officer
Office of the President