Triennial Cybersecurity Review Pilot Concludes - Digital Futures

The Chancellor’s Office Digital Innovation & Infrastructure Technology Assistance Program Team (DII TAP Team) conducted four successful Triennial Cybersecurity Review pilots between November 2022 and January 2023. This effort was intended to improve security across the system and is connected to Assembly Bill 178, which provides on-going funds to help address local- and system-level disparities in information technology (IT) and security infrastructure..

The Triennial Review includes two deliverables: the security review report covers operational aspects such as knowledge and documentation according to the same CIS framework encountered in the recent self-assessment, while the penetration testing report covers technical security controls with a heavy focus on ransomware defense.

A penetration test is an extensive term that covers everything from a multi-hundred-page vulnerability scan report to a focused red team action emulating a threat actor. The Penetration Test Report provided to CCCs:

Includes a walkthrough of the major components of a ransomware attack concerning the discovered weaknesses and strengths of the district
Includes relevant, proven, and actionable security findings broken into an immediate, one-year, and three-year roadmap
Includes security hardening guidance from the Chancellor’s Office around accounts and passwords
Does not include ‘fluff’ findings like weak certificate encryption or theoretical attacks with no known way in which an attacker could exploit them
Does not include hundreds of pages of vulnerability scanning results from an automated tool

Based on self-assessment results and district history, the 25 first-round participant districts have been contacted for the 2023 pentesting and triennial review, with 21 already confirmed. The Chancellor’s Office is currently discussing when the second-round Triennial Review testing will begin.

Also, due to request and interest, the Chancellor’s Office DII TAP Team is now beginning to consolidate the 13 pages of account hardening guidance, included in the Penetration Testing Report, for a stand-alone release to all districts soon.

Registration for 2023 Online Teaching Conference is Now Open

Details for the 2023 Online Teaching Conference are available for the event that will be held at the Long Beach Convention Center from June 21 – 23, 2023.

Transforming Education: The Rise of AI in the California Community Colleges

Like many faculty members in the California Community Colleges, the faculty at Lake Tahoe Community College has initiated important discussions about AI (Artificial Intelligence) and its impact on teaching, information services, and professional life.

A Model for Proactive Accessibility and Accommodation

The California Community Colleges Accessibility Center is developing a framework for proactive accessibility under Section 508 of the U.S. Rehabilitation Act, and will begin working with colleges and districts to implement the new model in the 2023-24 fiscal year.

Course Management System Update: Sharing Video, Audio, and Files with Students

We want to inform you of a recent change in the user interface of the Grades section in the course management system. The interface has been updated and students can no longer see video, audio, or file comments when they click on the comment icon.

Course Exchange: Helping Students Accelerate Their Studies

The Course Exchange helps students by leveraging the online schedule of the 115 credit-bearing colleges. This resource provides students with a listing of online courses that meet their schedule, leverages notation of Zero Textbook Cost and burden-free material programs, and simply supports flexibility.

New Research Collaboration with ARCC Network Studying CCC Pandemic Recovery

Chancellor’s Office researchers are partnering with Wheelhouse: The Center for Community College Leadership and Research and the Public Policy Institute of California to lead the “Evidence to Inform Improvement: Supporting California Community Colleges in Pandemic Recovery” research project.

Similar Posts

What is Digital Futures?