Office of the Chief Information Security Officer

The Security Operations team provides and operates the tactical and functional tools of cybersecurity in an organized approach to identify, protect, respond, and mitigate cyber-security threats for UCLA. Consisting of three major functional roles—Incident Response, Threat Hunting and Testing, and Security Engineering—the team works with multiple departments to deploy, configure, and consume security services to protect the organization. 

• Our Incident Response team provides an organized approach to address and manage the aftermath of potential cyber-security related incidents and events. Incident Response formalizes the response process by assisting in identification, recording, and analysis of cyber security threats in real-time. The team also provides guidance and assistance when necessary in recovering from an event.
• Our Threat Hunting and Testing team provide security oversight in the monitoring, discovery, and prioritization of threats throughout the campus. The team is part of a continuous cycle focused on improving security and proactively. minimizing the security risk of UCLA assets. 
• Our Security Engineering and Services team help to deploy and manage enterprise security tools utilized by the organization. Working with multiple departments, they assist in the support and integration of these tools into each unit’s respective environment.

The CISO defines and reviews University-wide policies, procedures, standards, and functions spanning IT Governance, Network Security, Application Security, Risk Management, Identity and Access Management. 

The UCLA Information Security Office is a group that operates within UCLA IT Services and has campus-wide input and oversight on a variety of technical and policy matters relating to protecting the University's information resources. Broadly, the UCLA Information Security Office exists to facilitate the following:

• Security incident response planning and notification procedures
• Risk assessment strategies to identify vulnerabilities and threats to departmental information resources as well as major enterprise systems
• Executing a UCLA IT security plan, including recommending administrative, technical, and physical security measures to address identified risks relative to their sensitivity or criticality

The Identity Management team (IAMUCLA) provides the community with safe, simplified, and streamlined access to electronic resources at UCLA and across the higher learning community.

IAMUCLA operates UCLA's Web single sign-on service, enabling access to over 400 UCLA and UC web application and services with one Logon ID and password (UCLA Logon ID). It provides a unified campus identity registry and enterprise access management tools that simplify and strengthen an application's ability to manage user access to protected resources. The team also collaborates with campus data stewards to manage fine-grained data release to applications and ensure user privacy and data security.