On February 22, 2024, President Drake instructed UC campuses to prepare a comprehensive information security investment plan designed to strengthen cybersecurity and mitigate potential risks. Our campus has been working diligently to develop and implement strategies to improve standards and controls compliance, network infrastructure, and crucial upgrades to our IT systems. 

We are writing now to announce Secure UCSB, a major initiative to invest in mandatory technology updates during the upcoming academic year. We have an obligation to safeguard the privacy of our students, faculty, and staff in the face of both current and emerging cybersecurity threats. Sophisticated tools and conscientious business practices are required to protect our community’s personal information, financial accounts, academic and research data, and a variety of other areas crucial to our academic mission. 

Between now and May 2025, our colleagues in Information Technology Services (ITS) will work collaboratively with groups across campus to implement changes in accelerated phases:

  • Network: We must modernize the campus network to provide a uniform experience for students, faculty, and staff. Our current network infrastructure is decentralized across campus buildings. To bring the University to a modern, secure level of connectivity, we need to shift to a network that is centrally-managed with standardized equipment in all buildings. This work may result in planned internet outages in a limited number of buildings throughout the year. Advance notice will be given.
  • Protecting UC Devices: We must improve and expand protections to our networks by enabling all university affiliated devices with software to detect and respond to cyber-attacks. A new device management platform will manage all UC-owned desktops, laptops, and mobile devices to ensure compliance, security, and performance.
  • Consultation and Governance: We will work closely with leaders across campus and the Academic Senate to meet 100 percent participation in UC Cybersecurity Awareness training, as required by the Regents. Consultation with the Information Technology Board, senior leaders, the Academic Senate, and the IT community has begun. We will establish an Advisory Group to assist with the deployment, maximize adoption, and review and recommend operational activities, as well as help develop standards for data, policies and processes.

While the accelerated timeline and stringent requirements of Secure UCSB are driven by a new University of California systemwide mandate, this project is needed to protect our community from digital risks to business continuity, personal information, student data, and research data in an increasingly threatening global environment. It also will allow us to modernize both infrastructure and services that will improve other services for staff, faculty, and students. 

You will receive more details about the timeline and impacts of these projects in the weeks ahead, as well as key changes and actions that will be required, and opportunities to engage and learn more. We ask for your cooperation as new requirements are introduced to make all devices and practices compliant with best cybersecurity practices. We are grateful to our ITS colleagues and IT professionals across campus for their support and assistance as we work collaboratively to protect our vital information and systems. 

Please visit the Secure UCSB page to learn more, and contact secure-ucsb@it.ucsb.edu with any questions. Thank you. 

David Marshall, Executive Vice Chancellor 
Josh Bright, Associate Vice Chancellor for IT & CIO