Panel on UC Endpoint Detection and Response (EDR)

A faculty panel was held via Zoom on June 10 to discuss cybersecurity through Endpoint Detection and Response (EDR). Concern has been expressed about the security involved in the use of EDR by Trellix and whether there could be information leaks. The panel discussed growing cyber threats and referenced UC's Accellion breach. The argument was that EDR via the Trellix system doesn't record and store data but looks for anomalies that might be dangerous and provides alerts for IT staff. 

One argument made was that users should compartmentalize their online UC work from their private work and have separate devices - laptops, etc. - for each. Whether this is realistic for the thousands of UC employees and students is unclear. Is UC going to provide faculty, staff, and students with a set of UC-only devices? 

In any case, you can hear the discussion at the link below: (audio with still picture)

https://ia800107.us.archive.org/25/items/becerra-announces-for-governor-4-2-2025/UC%20Endpoint%20Detection%20and%20Response%20%28EDR%29%20Faculty%20Panel%206-10-2025.mp4.

Description of program: 

The panel features Anthony Joseph, Chancellor’s Professor of Electrical Engineering and Computer Sciences at UC Berkeley; Stefan Savage, Professor of Computer Science and Engineering at UC San Diego; and Giovanni Vigna, Distinguished Professor of Computer Science at UC Santa Barbara. Panelists address concerns about the impact of EDR on scholarly work. The session was hosted by Van Williams, UC Vice President of IT, and moderated by Monte Ratzlaff, UC Systemwide Chief Information Security Officer.