Recap: UBC IT at BCNET Connect 2024

Last week, many of our UBC IT colleagues attended BCNET Connect 2024 both as attendees and presenters. We’d like to congratulate all the presenters who represented our team and briefly highlight some of their work. Presenting at BCNET Connect 2024 allows for subject matter experts to offer a condensed—yet comprehensive—summary that demonstrates the innovative work that takes place at UBC IT and beyond. By sharing some brief summaries of these amazing presentations, we hope to inspire further collaboration, spark new ideas, and foster a culture of continuous learning within our team and across the broader UBC community. 

 

Revamping E-Communications to Gain More Readership/Engagement for Important Events and Announcements  Zahra Tudor 

This presentation was not only about how to write a good email or what new social media channels UBC IT should be using. It was about how to successfully communicate major changes that require community wide engagement and participation.  Examples of such changes include major version upgrades to UBC IT’s APIs, outages to critical systems, and Workday regression testing. The presentation called for AHA – A Holistic Approach – that stresses the importance of gaining trust, as leaders of major change, by getting our own house in order first (preparation), phased e-communication alongside a pilot program and, after the change is deployed, closing the loop with our clients (technical application owners) to discuss lessons learned and how to continue winning their support.   

The presentation touched on a lot of relevant topics of interest to IT staff, who are challenged with the art of transitioning from project to sustainment modes, identifying business and technical application owners, and communicating with each other from different perspectives (eg. technical vs non-technical, process-driven vs delivery-driven, etc). 

 

What Do You Do When Your "Secure" Research Facility Gets Breached – Larry Carson & Matthew Ellis 

This session posed a multitude of questions to attendees: Do you have any areas at your institution that are "more" secure than others? Maybe even a "High Security" lab or other facility? What would you do if you received a call about an impending deployment of ransomware in that facility? Would you believe it? Could it be true? The security is supposed to be so High that it shouldn't happen. This session aimed to convey what happened at UBC, how they responded to it, and what they learned along the way. Further, this presentation aimed to equip attendees with key lessons that they could apply at their own institution. This session was TLP:AMBER. 

 

A Glimpse Into the World of a CISO  Panel featuring Don Thompson 

The CISO panel discussion featured: 

  • Two experts from BC (Sunny Jassal, CISO & Interim CIO - BCIT and Dave Kubert, CISO - UNBC) and Curtis Blais, Shared CISO – Cybera in Alberta 
  • Discussion about the BC Government Mandate letters sent to each institution and the focus on cybersecurity at the Board level 
  • Discussion about reporting lines and relationships at each institution and the trend towards having Cybersecurity reporting separately from IT 
  • Helpful aspects of AI for defending against cyber attacks including advanced behavioural analysis and machine learning analysis to identify trends 
  • Harmful aspects of AI with respect to cybersecurity including better constructed phishing attacks as well as unique, tailored attacks based on AI analysis 
  • Things that “Keep a CISO up at night” including the treat of attacks from more advanced AI and limited budgets that limit effectiveness 

 

STRA Is Just Another Roadblock To Research, Or Is It?  Jessica Galo and Luc Letarte 

Research environments are a gold mine for sensitive information which may include PI, PHI, novel techniques, and national defense data.  Assessing the security posture of research environments is essential yet, they often fall through the cracks due to lack of awareness or fear of another roadblock.  Jessica and Luc presented the Advanced Research Computing Security Threat and Risk Assessment (ARC STRA) process for research and the use of a triage model that is informed by data sensitivity and system criticality.  They discussed the challenges specific in research environments and research STRA including the impact of funding constraints on privacy and security reviews, the impact of unharmonized legislation on data governance, and the technical, scope and information gathering constraints. Tips were provided for research support staff and researchers to help facilitate the STRA process.  This includes training on the importance of privacy and security in research, seeking security consultations, and taking the time to select the appropriate solution.   

 

Again, we’d like to congratulate all our UBC IT presenters for their tremendous effort presenting for BCNET Connect 2024. For more information about this event and BCNET, visit the BCNET website

 

Article by Aisia Ismail & Yvonne Hopkins.