Skip to Main Content

Security Transformation

Securing What Matters

UCLA’s cybersecurity transformation is designed to strengthen campuswide capabilities and establish a secure digital environment in support of the university’s mission. The goal is to leverage a risk-based approach to protect and empower the Bruin community.

Overview

UCLA’s cybersecurity transformation is designed to strengthen campuswide capabilities and establish a secure digital environment in support of the university’s mission. The goal is to leverage a risk-based approach to protect and empower the Bruin community. We’ll do this by matching standardized controls and practices with a security-minded culture while enhancing the university’s ability to anticipate cybersecurity threats.  

Upon completing the security transformation, UCLA will benefit from: 

  • Increased transparency and reduced friction in cybersecurity controls throughout campus community
  • Enhanced protection of confidential and sensitive data, records, and systems 
  • Consistent and standardized cybersecurity practices implemented campuswide 
  • Reduced risk through a comprehensive view of the campus IT landscape 
  • Greater visibility to threats and faster, more coordinated responses to incidents 
  • More clearly defined approaches to risk management and our security operating model 

Business Case

The security transformation efforts build on existing practices, all designed to further protect our most sensitive data, records, and systems. The program includes a suite of measures to educate and empower our people and leverage technical solutions to protect our infrastructure and resources. As UCLA grows, cybersecurity practices need to evolve accordingly. Some of the current risks we face include: 

  • Potential security exposures and insufficient threat visibility – risks not properly detected, assessed, and mitigated  
  • Fragmented and inconsistent maintenance approach – devices not centrally or protected consistently; technology debt posing significant cyber threat
  • Process and governance gaps – varied detection and response times, training shortfalls, unclear roles and responsibilities  
  • Need to comply with current and future federal, state and UC systemwide regulations and policies 

The BCS cybersecurity component addresses these issues and more while building a security-minded culture.