Information Security Investment Program

Safeguard UC Berkeley: Protect Data, Preserve Excellence

UC Berkeley’s reputation for excellence in research and academic integrity depends on the reliability and security of our data. By committing to cybersecurity best practices, each of us helps to protect groundbreaking research, preserve student privacy, and maintain the integrity and availability of our academic and administrative services. Our cybersecurity program enables UC Berkeley to continue innovating while complying with UC System-mandated safeguards. 

Benefits to Campus

UC Berkeley is committed to enhancing cybersecurity measures to safeguard our data and research. Through the Information Security Investment Program, we are focused on protecting research integrity and funding opportunities, enabling seamless teaching and learning experiences, and upholding our institutional mission and reputation. 

The combined benefits of these efforts will include increased protection of our vital information and systems, a strengthened cybersecurity posture, and a mitigated cybersecurity risk profile. 

Goals of the Program

We aim to increase the completion rate of mandatory cybersecurity awareness training for all employees, to ensure the installation and management of security software on university-owned computers, to strengthen multi-factor authentication (MFA) protocols, and to ensure that all health email systems have a Data Loss Prevention solution.

The future of our program will involve implementing comprehensive asset and compliance tracking tools, enhancing the adoption of security software via client health checks, integrating security into network access controls, and collaborating with HR and Procurement to standardize institutional device policies and security software deployment.

Technology Scope

Technology IN SCOPE Technology OUT OF SCOPE
  • University-owned laptops, desktops, & servers
  • Includes Administration, Instruction, Research
  • MacOS, Windows, some Unix operating systems
  • Personally-owned computers & servers
  • Mobile devices (phones, tablets, e-readers, etc)
  • IoT devices (cameras, sensors, etc)
  • Chrome OS
  • Computers with approved exceptions 

Program Timeline

Improving our overall cybersecurity posture involves coordinating our projects, carefully considering project dependencies, and sequencing rollout to minimize disruption to the campus community.

Detailed Milestones & Timeline

Important dates and major milestones for this program will be listed here. 

Team Members & Roles

Primary contacts

Sam Griffin, Program Manager

Casey Hennig, Organizational Change Management and Communications Lead

Program Sponsors

Tracy Shinn, Associate Vice Chancellor for Information Technology & Chief Information Officer

Allison Henry, Chief Information Security Officer

Anthony Joseph, Chancellor's Professor in Electrical Engineering and Computer Science, and Cyber-risk Responsible Executive

Sharon Inkelas, Deputy Compliance Officer