UC San Diego Campus Notice
OFFICE OF THE VICE CHANCELLOR FOR RESEARCH  

OFFICE OF THE CHIEF INFORMATION OFFICER  

OFFICE OF THE CHIEF INFORMATION OFFICER, UC SAN DIEGO HEALTH
June 14, 2021
Geisel library at sunset
ALL ACADEMICS AND STAFF AT UC SAN DIEGO (Including UC San Diego Health)

Cybersecurity Certification for Research Program
We are pleased to announce UC San Diego’s formal Cybersecurity Certification for Research (CCR) program. This is the result of a  commitment we made last year  to implement a program to minimize the likelihood and impact of research data ransomware attacks.   

To ensure the continued success of UC San Diego’s research mission requires acknowledging and responding to the modern cyber threat landscape. This landscape includes highly sophisticated attacks by individuals and organizations seeking financial gain  by stealing research data, intellectual property and other information in areas including vaccine research and national security, among others. These attacks present a serious threat to your research efforts.   

Program Basics and Benefits
All faculty members and researchers will be required to implement simple but fundamental cybersecurity practices, then certify that they’ve done so. The practices are designed to be implemented by researchers themselves or with the help of laboratory personnel, graduate students or local information technology (IT) staff. For complex cases, the Office of Information Assurance (OIA) and Research IT Services are both available for assistance.   

CCR takes the guesswork out of protecting your laboratory or work environment. It is designed to secure infrastructure, devices and accounts, and ensures readiness if an attack does occur.    

There are three main actions for faculty and researchers: 
  1. Enact practices to protect devices and accounts, including installing anti-malware and vulnerability identification software 
  2. Document your data backup plan and other basic information about your research 
  3. Provide contact information so that OIA can quickly get in touch if an attack occurs  
Higher-risk Labs 
Additionally, we have identified 300 “higher-risk” laboratories whose work includes Department of Defense (DOD) funding, Controlled Unclassified Information (CUI) data, COVID-19 research, or a significant amount of funding. The information submitted for these laboratories will be reviewed by a team of IT and security professionals with recommendations for enhancing the security of the research data.   

Deadlines and Requirements
We are asking faculty and researchers to complete the installation of cybersecurity practices and the certification by September 1, 2021.  Such practices will be expected for new and renewing grants and contracts. 

Resources and Help 
Visit  assure.ucsd.edu  for information about the program and how to implement cybersecurity practices, gain access to the software packages, and complete the certification. For assistance campus researchers may email ccr-support@ucsd.edu, while Health Sciences researchers can email 3help@health.ucsd.edu.  

Securing our systems and data is critical to maintaining the integrity of our first-in-class research enterprise and is a shared responsibility across UC San Diego. We appreciate your cooperation and commitment to this important matter. 
Sandra A. Brown 
Vice Chancellor for Research 
UC San Diego 
  
Vince Kellen 
Chief Information Officer 
UC San Diego 
 
Christopher Longhurst
Chief Information Officer and Associate Chief Medical Officer
UC San Diego Health 
University of California San Diego, 9500 Gilman Drive, La Jolla, CA, 92093