Key Priority 1: Identify

Annual NIST assessments of the campus information assurance standing identify risks and opportunities for improvement. Simultaneously, other aspects of the UCSB IT Strategy, e.g., Service Quality, Mission-Focused IT, and Cloud, will explicitly support the Identify activity.

Key Priority 2: Protect

We will apply Multi-Factor Authentication (MFA) to critical infrastructures such as UCPath, high-value individual user accounts, and G Suite accounts. We will evaluate emerging network-based protection technologies such as network segmentation, virtual private network technologies, and zero trust. We will begin planning for DevSecOps the integration of security into the initial phases of system development and selection activities. 

Key Priority 3: Detect

The successful Vulnerability Management program will continue to mature and expand to Detect threats before they become a reality. We will address improved data logging, monitoring, and correlation. We will also evaluate emerging detection technologies that employ artificial intelligence (AI) and deep learning.

Key Priority 4: Respond

We will leverage aspects of Service Quality to ensure timely, effective, and appropriate Responses to security incidents. We will evaluate emerging automated-response technologies.

Key Priority 5: Recover

Aspects of Service Quality, Mission-Focused IT, and Cloud will explicitly support Recovery activity to ensure we achieve full recovery with any security incident.