We use the Internet at work, home, for enjoyment, and to connect with those close to us. However, being constantly connected brings increased risk of theft, fraud, and abuse. Universities, which are characterized by their openness based on academic freedom, are among the most widely attacked targets. The University takes steps to ensure the security of our infrastructure and systems, but cybersecurity is a shared responsibility, and everyone can take a few simple steps to make the Internet more secure!


Cyber Security Awareness Month: MFA

Multi-factor authentication (MFA) is defined as a system that requires more than one distinct authentication factor for successful login. Simply stated, a factor is something you have like a cell phone or something you know like a password. UCSB has recently been in the process of rolling out MFA for various applications, like UCPath and Kronos Timekeeping, with plans to use MFA for more applications over the next year.

Learn more



Security For Faculty & Staff

Find more information for important security topics such as data backups and storage, phishing scams and information technology security best practices specifically relevant to faculty and staff at UC Santa Barbara.

Read more


Security For Students

Discover relevant security information for topics such as social media and password management best practices to help you be safe and prepared to handle IT security situations as a UC Santa Barbara student.

Read more

Security for IT Professionals

Find IT services and information specifically tailored to UC Santa Barbara IT professionals including Password Management Applications, Inventories, Web Application Security, and the UC Security Policy.

Read more

UCSB library students using technology white lights

General Security Resources

Find information about identifying and avoiding phishing scams, managing passwords, or tips to secure your personal information. 

Read more

Visit here if you have Ransomware on your device or if you would like additional Ransomware resources!


Report Harassing or Unwanted Email

We encourage UCSB computer and network users to report email abuses as well as computer intrusions and other hostile activity.

Report Incident

Report Scanning, Hacking, and Other Hostile Activity

We take matters of hacking and other hostile activity seriously and will investigate all reports of abusive activity.

Report Incident

Report Lost or Stolen Computer Device

Complete this form to report your lost or stolen device to the Network Security Team. If this is an emergency, please contact the local authority.

Report Incident

News & Events

Cyber Security Awareness Month: Social Engineering

Social engineering in the context of IT security is “any act that influences a person to take actions that may or may not be in their best interest.” It is often a confidence trick done to obtain access to systems and confidential data that can be part of a bigger scheme. It is still on the rise and is now the number one cause of cyber security breaches.

Read more »

Cyber Security Awareness Month: Phishing

Phishing is an attempt, usually by email, to obtain your personal information in order to commit fraud. Cybercriminals use phishing to manipulate people into doing what they want.” Social engineering is at the heart of all phishing attacks, especially those conducted via email. These days technology makes phishing easy.

Read more »

Data Privacy and You

It is important to ensure that the digital “you” matches what you intend to share. It is also important to keep what’s private, private, for yourself and when you share about others. Owning your online presence will help to protect your identity, finances, and reputation – both now and in the future!

Read more »

Beware of Potential Tax Fraud, Identity Theft

With the holidays over and a new academic year underway, early February is prime time for criminals to commit identity theft by filing fraudulent tax returns.

Read more »

Beware of COVID-19-Related Phishing Emails

Any time you see an email related to COVID-19, take extra precautions. Look carefully at the source. Is it a real address or something designed to mislead you into thinking it's real?

Read more »

New Login Screen to Access Campus Resources

On March 7, 2020, UCSB Enterprise Technology Services (ETS) will release the upgraded Single Sign-On (SSO) service. SSO is the service that enables our community to log in to many campus systems including Electronic Timekeeping and UCPath. The SSO upgrade prepares the Identity infrastructure for future modernization. 

Read more »

Back to School Cybersecurity

Over 200,000 UC students will be starting classes over the next couple of months. The new school year is an exciting time for students, faculty, and staff. It’s also an exciting time for hackers, identity thieves, and other unscrupulous types who take advantage of people during this busy time of year.

Read more »

Phishing for Gift Cards

In the past few weeks, the campus experienced a rash of phishing attacks.  The most common form is a short message that starts with something like, "quick help needed," "are you in the office?," or "available?" - Anything to attract a response. The messages often appear to come from vice chancellors, deans, and department chairs.

Read more »

Cyber-Smart Traveling

Traveling today is so much easier with technology -- whether it’s to the coffee shop around the corner or to a café in Paris. Unfortunately, traveling with devices can mean increased cyber risks for keeping your personal and University information private, as well as the potential for device theft.

Read more »

Don't Take the Bait

Google incorporates user feedback to train its algorithms to recognize new phishing attacks. Both Horowitz and Lovan recommend reporting a message to Google if you suspect it is a phishing attack. You can do this directly from your online Gmail box. 

Read more »

Phishing Scams

They use clever techniques to induce a sense of urgency on your part so that you don't stop to think about whether they are legitimate or not. Some even target a select group of users and tend to be more specific and include information more detailed and familiar to the recipient.

Read more »

Password Best Practices

Passwords are the key to almost everything you do online, and you probably have multiple passwords that you use throughout the day. Choosing hard-to-hack passwords and managing them securely can sometimes seem inconvenient.

Read more »

Online Phishing and Scams

Spear phishing emails are a special type of phishing email targeted to a select group of users. These emails tend to be more specific than a regular phishing email, including information more detailed and familiar to the recipient.

Read more »


See All News

Security Personnel On Campus

Information Security at UCSB is a distributed effort shared among IT teams and individuals across campus. You can find key resources in your divisions, departments, and in ETS. Here are some places to start.


Office of the CIO

Sam Horowitz, CISO  samh@ucsb.edu

Core IT (Enterprise Technology Services)

Kevin Schmidt, SOC manager  kps@ucsb.edu

Security Operations Center (SOC) security@ucsb.edu

Administrative and Residential IT (ARIT)

Kip Bates, Associate CISO  kip.bates@ucsb.edu

Student Affairs, SIS&T

Tom Lawton, ISO  thomas.lawton@sa.ucsb.edu

UCSB Cyber Security Checkup

What better way to make sure you're secure with a cyber security checkup? View the documents below to follow best practices for securing your devices on or off-campus. 

UCSB Cyber Security Checkup

UCSB Cyber Security Checkup (Off-Campus)