October is Cybersecurity Awareness Month! This year’s theme is ZotDefend: Protecting UCI’s Digital World. The month was originally created through a collaboration with the National Cyber Security Alliance and the Department of Homeland Security. Feel free to check out the events and resources listed below.
Events
Executive Director, U.S. Cyber Command: Morgan Adamski – Hot Tips for Being Cyber Safe in Today’s Threat Environment (10/17 @ 11:30am)
Description: Come hear from Morgan Adamski, the Executive Director of U.S. Cyber Command, about the latest cyber threats to national security and your role in protecting yourself and the U.S.!
Previously, Ms. Morgan Adamski was the Chief of the Cybersecurity Collaboration Center for NSA’s Cybersecurity Directorate where she led the Agency’s open private sector relationships to secure the Defense Industrial Base and its service providers. During her time there, she revitalized the way NSA collaborates with the private sector to harden billions of endpoints against nation-state cyber threats. Ms. Adamski also served as the Deputy Strategic Mission Manager for NSA’s Cybersecurity Directorate and was responsible for leading complex and groundbreaking initiatives for the agency specifically aimed at gaining insights against nation-state cyber actors and collaborating with the private sector.
For more than a decade, Ms. Adamski has been at the forefront of NSA’s Computer Network Defense, Computer Network Exploitation, and Cyber analysis missions. Prior to her position in CSD, she served as a senior Cyber Policy Advisor to the Deputy Assistant Secretary for Defense (DASD) for Cyber Policy. Ms. Adamski acted as technical and operational subject matter expert to the DASD for Cyber Policy, specializing in operational issues in the Middle East and Eurasia area of responsibility. She was a primary contributor to the 2018 DoD Cyber Strategy and was responsible for orchestrating the Department’s new approach to cyber deterrence.
Ms. Adamski served as a Chief Operating Officer for NSA’s offensive cyber mission from 2016-2018, responsible for planning and executing operations against some of the agency’s hardest intelligence targets. Prior to serving in NSA’s offensive mission, she served as the NSA Deputy Director’s executive assistant (2014-2016) and as a senior SME for the Middle East cyber analysis office (2010-2014).
Ms. Adamski received the Director of National Intelligence Merit Unit Citation in 2019 and the Meritorious Civilian Service Award in 2016.
Data Disposal Day (10/23, 8am – 12pm)
Cyber@UCI Hacking Demonstration (10/30 @ 1:00 PM)
Presented by UCI’s cybersecurity club, Cyber@UCI
Cyber@UCI is the premier club on campus for applied cybersecurity education. Their mission is to help students learn about and engage in cybersecurity, regardless of prior experience. Whether you are completely new to cybersecurity, have already chosen it as your field, or just want to learn enough to pair with another profession, they can help get you to where you want. You can get involved through attending their weekly workshops, hanging out at their dedicated lab space, and joining their various sub-teams, including their Collegiate Cyber Defense Competition team (which got 4th place at Nationals last year!) Check out their Discord for more information: discord.cyberuci.com.
In collaboration with the UCI Information Security team for Cybersecurity Awareness Month, Cyber@UCI is delivering a live hacking demonstration! We often hear about the potential to be “hacked” and go through security training because of it, but what does an end-to-end attack look like? Join us for an exciting, hands-on session where we’ll showcase real-world cybersecurity vulnerabilities and exploitation techniques. Don’t miss out on this chance to see cybersecurity in action!
Cybersecurity Starbucks Drink (10/1 – 10/31)
The featured UCI Cybersecurity Awareness Month Starbucks drink, the “Java Chip Securi-ccino”, will be available at all three Starbucks locations on Campus during the month of October.
Security Quiz Raffle (10/1 – 10/31)
Complete the security quiz and be entered into a drawing for one of three $25 Amazon gift cards! Winners will be picked at random at the end of the October and contacted through email. Participants must input a UCI email address and can only enter in once. You do not have to get all the questions right in order to participate in the drawing and you must be UCI-affiliated to win.
Security Topics
Email Protection
Reports have been received from individuals on campus receiving job scam emails promising offers of employment and work benefits. Be wary of these offers and do not respond to these scammers with any information (e.g. bank account numbers, phone number(s), email addresses, etc.)
Cybersecurity Training
If you are employed by UCI, please remember to complete the yearly cybersecurity training. The training offers useful information on how to protect yourself online, at home, and at work.
Data Loss Prevention & Access Controls
Store your information in a safe and secure location making sure the access controls are adjusted with security in mind. This helps protect your data from only being accessed by those who need to access it and that a malicious individual doesn’t gain access to it.
Timely escalation of cybersecurity incidents
Report any suspicious security events or possible breaches to OIT Security, timing is critical! The sooner a cybersecurity incident is reported, the faster the issue can be resolved.
Personal Information Redaction
There is a lot of information online that you may want to remove. If you wish to remove information from any personal accounts, make sure to figure out what site(s) the information is located on, and review what you wish to make public. For more information, please visit How to Redact Your Personal Information Online.
Listed below are some security resources available from UCI:
- Visit the IT Security website “How To…” page for guidance on security practices.
- 1Password – password management tool to securely store passwords and personal information.
- Use PhishAlarm to report suspicious emails to IT Security.
- Securely shred sensitive electronic and paper data at Data Disposal Day.
- Identity Theft Protection, UC provides free identity protection for UC employees, retirees and their dependent children up to age 18.
- Report potential information security incidents to security@uci.edu
Zoom Backgrounds
Quote Wall
Security Media List
Books
- Spam Nation: The Inside Story of Organized Cybercrime – Brian Krebs
- Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World – Bruce Schneier
- Social Engineering: The Science of Human Hacking – Christopher Hadnagy
- Infosec Rock Star: How to Accelerate Your Career Because Geek Will Only Get You so Far – Ted Demopoulos
- Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker – Kevin Mitnick
- The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data – Kevin Mitnick
- Ready Player One – Ernest Cline
- The Hacker’s Playbook
- ISC2 CISSP Official Study Guide
- CEH Certified Ethical Hacker All-in-One Exam Guide
- Black Hat Python: Python Programming for Hackers and Pentesters
- IT Security Metrics New!
- Offensive Countermeasures: The Art of Active Defense New!
Movies/Shows
- The Matrix (Rated R, viewer discretion is advised)
- The Matrix Reloaded (Rated R, viewer discretion is advised)
- Blackhat (Rated R, viewer discretion is advised)
- Snowden (Rated R, viewer discretion is advised)
- Mr. Robot (Rated TV-Mature Audiences, viewer discretion is advised)
- Swordfish (Rated R, viewer discretion is advised)
- WarGames (Rated PG)
- Hackers (Rated PG-13)
- Sneakers (Rated PG-13)
- Ghost in the Shell (Rated TV-Mature Audiences, viewer discretion is advised)
- The Net (Rated PG-13)
- Mission: Impossible – Dead Reckoning Part One (Rated PG-13)
- Leave the World Behind (Rated R) New!
Podcasts
Gamified Cybersecurity
Other Resources
- UC-wide Cybersecurity Awareness Month Events
- CISA: National Cyber Security Awareness Month
- DHS: Department of Homeland Security Be Cyber Smart
- NIST: National Institute of Standards and Technology (Cybersecurity)
- SANS: SysAdmin, Audit, Networking, and Security
- SANS: Artificial Intelligence – What to Tell Your Workforce
- AI Password Cracker Checker
- Krebs on Security
- FTC Recognizing and Avoiding Phishing Scams
- Secure Our World Cybersecurity Puzzles