Thursday, October 2, 2025 / 12:00 - 1:00 PM
Speakers: Kristan Beynon, Sr. Security Analyst, Incident Response Team Lead & Kevin Simmons, IT Security Analyst
Hosted by UCSF

Cybercrime continues to rise globally, causing trillions of dollars in damage each year. Notably, healthcare and higher education institutions are among the most frequent targets. To help prevent cybercrime, everyone at UCSF is responsible for reporting suspected cybersecurity incidents. 

Key takeaways include:
-Why and how to report every suspected incident
-Types of incidents to be on the lookout for
-What happens after you report
-Additional resources for building cybercrime awareness and vigilance

Register to attend

Tuesday, October 7, 2025 / 2:00 - 3:00 PM
Speaker: Kerry Tomlinson, Emmy Award-Winning Cyber News Reporter
Hosted by Cecelia Finney, University of California Office of the President

What are the newest AI-fueled attacks you face at work and at home? You'll see real-life video and audio deepfakes that attackers are currently using to try to trick people into giving up passwords, data and money. Learn how and when cyber criminals are deploying this AI-generated content and the latest methods on how to defend yourself against the fakes.

Register to attend

Tuesday, October 14, 2025 / 12:00 PM - 1:00 PM
Speakers: Reema Moussa, Associate Attorney & Peter Mantra, Partner
Hosted by UC Santa Barbara

In our increasingly complex and interdependent digital world, the convergence of privacy, cybersecurity, and artificial intelligence has reshaped how we approach enterprise risk management, data protection, and governance. This presentation will explore the evolving legal frameworks surrounding AI technologies, data privacy, and cybersecurity measures. We'll cover existing laws, key challenges, and ethical considerations in safeguarding personal data as well as how the development of AI technology and (new laws to regulate it) factor into these challenges and considerations. Through examining regulatory trends and case studies alike, this session will give a high-level view of privacy, AI, and cyberlaw basics and new directions for this rapidly changing field.

Register to Attend

Speaker: John Young, ISC2 Representative and COO of Quantum eMotion America

Hosted by UCI

What is Q-Day, and why is the government preparing for it now? The day that quantum computers can crack current digital encryption, and plainly read our most valuable secrets, has been tagged as Q-Day. Every government, business, and individual on Earth can be negatively affected, and the question is, even if there are post-quantum solutions available, is there time to put them in place?

Register to attend

Tuesday, October 23, 2025 / 1:00 - 2:00 PM
Speaker: Giovanni Vigna, Distinguished Professor in the Department of Computer Science at the UCSB
Hosted by UC Santa Barbara

The software components that support critical infrastructure are riddled with vulnerabilities, whose exploitation could cause service disruption, financial damage, and possibly loss of life. 

Although there are efforts, such as OSS-Fuzz, to continuously analyze these components for vulnerabilities, some categories of security bugs are still hard to detect. In addition, the creation of testing harnesses and the generation of effective patches still require substantial effort from human experts.To address these issues, researchers and practitioners alike have focused on automating the vulnerability analysis and repair process.

In particular, DARPA has supported these research efforts with two challenges: the DARPA Cyber Grand Challenge (CGC) in 2016 and the AI Cyber Challenge (AIxCC) in 2025. In these two challenges, participants had to create Cyber Reasoning Systems (CRS) that, in different contexts, had to identify vulnerabilities, exploit them, and provide patches without any human involvement.

In this talk, we take a historical look at these efforts that span a decade, especially in light of the recent advances in Large Language Models (LLMs), and highlight the lessons learned from participating in these competitions, as well as the challenges that still need to be addressed to achieve a completely autonomous vulnerability analysis, triaging, and repair process.

Register to attend

Thursday, October 23, 2025 / 2:00 - 3:00 PM
Speakers: 
 - Helena Mezgova, UCSF Sr. Data Compliance Specialist in Academic Research Services
 - Kim Ramero, UCSF Associate Director of Process Management & Compliance in Academic Research Services
 - Jennifer Cressman, Clinical Informatics Manager Academic Research Services
Hosted by UCSF

This session will include an overview of the Enterprise Data Request Process for Research (Enterprise Data Request Process: Research | Scuba), the standard process utilized by Data Service Providers to fulfill requests for the extraction of de-identified, limited, and PHI data sets from UCSF Health clinical data sources. This process ensures that the requirements of UCSF and UC policies and state and federal laws are met for the granting of access to, release, and sharing of health data sets. An overview of the policies governing these areas will be provided.

We will also introduce the Federated Research Data Steward Program, a federated version of the Enterprise Data Request Process, launched in July 2025 to expand UCSF’s data extraction services for scientific research. The program was designed to address the growing complexity and volume of research-related data requests by enabling analysts outside of UCSF IT, who already have privileged access to patient health data for quality improvement and operational purposes, to also support scientific research.

This presentation will help both analysts and researchers understand their roles, responsibilities, and next steps for effectively and securely supporting scientific research through the program.

Register to attend

Tuesday, October 28, 2025 / 11:00 AM - 12:00 PM
Speaker: Dave Lewis, 1Password Global Advisory CISO
Hosted by UCI

Artificial intelligence has quickly shifted from a promising tool to a disruptive toddler running with scissors. While AI enables defenders to detect threats faster and automate response, it also gives attackers new ways to deceive, manipulate, and exploit. From deepfake audio convincing an employee to transfer millions, to AI-written phishing campaigns that bypass filters, the game has changed.

This session will explore the intersection of AI and social engineering, revealing how threat actors leverage machine learning to craft convincing attacks and where defenders can push back. We’ll also examine the emerging cybersecurity trends to watch in the coming year, from the rise of synthetic identities to AI-driven security operations. Most importantly, we’ll ground the discussion in practical advice: how individuals and organizations can stay vigilant, adapt defenses, and avoid becoming the next case study.

By the end of the talk, participants will walk away with a deeper understanding of the risks and opportunities AI presents, as well as actionable strategies to build resilience in an age where the line between human and machine manipulation is increasingly blurred.

Register to attend

Tuesday, October 28, 2025 / 12:00 - 1:00 PM
Speaker: Becky Steiger, Policy Coordinator, Campus Privacy Officer, and ADA Compliance Officer
Hosted by UC Santa Barbara

Get ready to protect your personal information with UCSB's Privacy Officer Becky Steiger! This presentation isn't just about boring data rules; it's about your human right to be left alone, why protecting your privacy is important and tips on how to manage your digital life. You will learn about key privacy laws and policies like FERPA, the California Information Practices Act, the UC Electronic Communications Policy (ECP) and the UC Privacy and Information Security Initiative (PISI Report). Learn how to protect your digital privacy and keep your personal business to yourself.

Register to attend

Thursday, October 30, 2025 / 10:00 - 11:00 AM
Speakers:
 - Lee Zelyck, UCSF Senior Data Security Compliance Analyst
 - Mary Morshed, UCSF Data Security Compliance Director
 - Cynthia Howell, Data Security Compliance Analyst
 - Sean Patterson, Interim Manager, UCSF IT Security Risk Management
Hosted by UCSF

Deep within the labyrinth of UCSF’s digital defenses, where GPUs and CPUs howl and hard drives hum their eldritch songs, the specter of compliance, once manifested as mere phantasmal checkboxes, became something more; an omnipresent horror - a thousand-eyed beast whose regulatory tentacles could reach into every database, every network packet, and every line of code, waiting to drag the non-compliant into the depths of audit despair. Like a many-headed hydra, UC’s IS-3 policy intertwined with countless regulatory beasts and security frameworks, each demanding their pound of flesh from the academic medical center’s soul. The Data Security Compliance team gazed into the abyss of costly consultants, whose gilded promises threatened to drain the institution’s lifeblood, and chose instead to confront the demons themselves.

Armed with ServiceNow IRM, a digital blade forged in silicon fires, and the Cybersecurity Risk Foundation’s mystical mapping tools, these brave warriors began their dark crusade. They wove UC policies into the fabric of external frameworks, binding them with threads of NIST standards to seal the shadowy rifts where policies dared not tread. From their arcane labors emerged a forbidden library - a grimoire of common controls that whispered secrets of power over multiple regulations and frameworks. Even the lost souls of internal policies, once wandering aimlessly beyond the pale of cybersecurity’s light, found their place in this unhallowed concordance.

Register to attend

May 12-13, 2026 - Information Security Symposium