PRIVACY AND CYBERSECURITY

BASICS OF CYBERSECURITY: THREATS AND VULNERABILITIES

Cyber threats can originate from any individuals whose goal is to steal data or cause
damage to computer systems.

• Malware Attacks: "Malicious software" is a common type of cyberattack. This includes

viruses, worms, trojans, spyware, and ransomware. Malware attacks usually occur via
links on untrusted websites or unwanted software downloads. The effects of this threat
include collecting sensitive data, manipulating and blocking access to network
components, or destroying data.

• Social Engineering Attacks: These threats involve tricking and manipulating individuals
to provide entry for malware. The effect of this is that the victim may unknowingly provide
sensitive information, such as passwords. The main types of social engineering attacks
are phishing, baiting, pretexting, vishing, smishing, piggybacking, and tailgating.

• Supply Chain Attacks: This type of attack is considered severe because it is used to
infect legitimate applications .The software vendor may not be aware that its
applications or updates are infected with malware.

• Man-in-the-Middle Attack: This attack can eavesdrop on communication between two

endpoints and can impersonate any party participating in the communication. This
includes Wi-Fi eavesdropping, email hijacking, DNS spoofing, and HTTPS spoofing.

• Denial-of-Service Attack: This attack can hinder the ability of a system to function
normally by overwhelming it with a large volume of traffic. Some techniques include
HTTP flood DDoS and SYN flood DDoS.

• Injection Attacks: This type of attack can insert malicious input directly into a web
application, potentially exposing sensitive information. An example of this is Cross-Site
Scripting (XSS).

TYPES OF CYBERSECURITY VULNERABILITIES:

• System Misconfigurations: Network assets can cause system mistakes with

incompatible security settings or restrictions. Cybercriminals frequently search
networks for vulnerabilities and misconfigurations in the system that they can exploit.

• Outdated or Unpatched Software: Attackers often exploit unpatched vulnerabilities to

steal confidential data. Organizations should have a patch management strategy to
ensure that recent system updates are applied.

• Missing or Weak Authorization Credentials: Attackers may guess employee passwords

to gain access to systems and networks.

• Malicious Insider Threats: Attackers can infiltrate the network through the data sharing
of employees who have access to vital systems. Insider threats are challenging to
identify because they can manipulate their actions to appear genuine.

• Missing or Poor Data Encryption: Weak encryption can lead to the exposure of
misleading information on a server. Attackers can intercept system communications.
 • Zero-Day Vulnerabilities: These are flaws in software that attackers are aware of but
that users have not yet identified. Attackers may use this advantage to infiltrate systems
while the vulnerabilities remain unknown.

DATA PRIVACY AND PROTECTION

Data privacy focuses on who has access to certain data, which is often controlled by the user. In

contrast, data protection refers to the responsibility of the company that holds your data to ensure that it

remains private. Data privacy defines the policies that data protection tools and processes employ.

Data Privacy

is a guideline for how data should be collected and handled. This applies to all sensitive
information that the company manages. Such information plays a vital role in business
operations, development, and finances. Data privacy ensures that sensitive data is only
accessible to approved parties, typically controlled by the user or customer.

Data Protection

signifies the strategic and procedural steps that organizations take to protect the
sensitive data they collect and process, as well as to prevent its loss. Additionally, the goal of
data protection is to ensure that information remains accessible and reliable while maintaining
its protection.

Data Protection Principles

• Data Availability: Ensuring users can access and use the data required to perform
business functions, even when this data is lost or damaged.
• Data Lifecycle Management: Involves automating the transmission of critical data
to offline and online storage.
• Information Lifecycle Management: Involves the valuation, cataloging, and
protection of information assets from various sources

LEGAL AND ETHICAL CONSIDERATIONS IN CYBER SECURITY

• Data Privacy and Protection Laws: Compliance with laws like GDPR and CCPA to
safeguard personal data.

• Intellectual Property (IP) Protection: Prevent unauthorized access and ensure IP rights
are respected

• Legal Liability: Organizations may face penalties for security negligence.

• Ethical Hacking: Ethical hackers must have permission; unauthorized hacking is illegal.

• Cybersecurity Professional Ethics: Follow codes of conduct to maintain integrity and

responsibility.

• Surveillance and Monitoring: Balance security with privacy rights and inform
individuals.
 • Incident Reporting Obligations: Timely reporting of data breaches is required by
regulations.

• Cybercrime Legislation: Laws exist to combat hacking, identity theft, and other
cybercrimes.

The following are the key cybersecurity laws and regulations in the Philippines:

• Internet Transactions Act (RA No. 11967)

• Electronic Commerce Act (RA No. 8792)
• Anti-Online Sexual Abuse or Exploitation of Children and Anti-Child Sexual Abuse or
Exploitation Materials Act (RA No. 11930)
• Access Devices Regulation Act (RA No. 8484)
• Anti-Photo and Video Voyeurism Act (RA No. 9995)
• Subscriber Identity Module (SIM) Registration Act (RA No. 11934)
• Mobile Number Portability Act (RA No. 11202)
• Anti-Child Pornography Act of 2009 (RA No. 9775)
• Data Privacy Act of 2012 (RA No. 10173)

RA No. 10175

also known as the Cybercrime Prevention Act of 2012, enacted of September 12, 2012, is a
piece of legislation in the Philippines that addresses cybercrime and promotes cybersecurity within the
country.

Any person found guilty Sections 4 (a) and 4 (b) - (PhP200,000.00)

Any person found guilty Section 4(a)(5) - (PhP500,000.00)

Any person found guilty Section 4(c)(1) (PhP200,000.00) - (PhP1,000,000.00)

Any person found guilty Section 4(c)(2) penalty to be imposed shall be one (1) degree

higher than that provided for in Republic Act No. 9775,

Any person found guilty Section 4(c)(3) (PhP50,000.00) - (PhP250,000.00)

Any person found guilty Section 5 (PhP100,000.00) - (PhP500,000.00)

ADVANTAGES

• Cybersecurity Enhancement:
• Protection of Individuals:
• Legal Framework

ISSUE

• Privacy Concerns
IT AND SOCIETY

DIGITAL DIVIDE: ACCESS AND INEQUALITY

The digital divide refers to the gap in access, use, and skills related to information and
communication technologies (ICT). It extends beyond mere connectivity and encompasses
disparities in digital literacy, accessibility of devices, and ability to leverage technology
effectively.

FACTORS CONTRIBUTING TO THE DIGITAL DIVIDE

• Geographical and Infrastructure Disparities: Rural and remote areas often

lack high-speed internet due to inadequate infrastructure, affecting essential
services like telemedicine and e-learning.
• Economic Barriers : High costs of devices and internet subscriptions limit
accessibility among lower-income families
• Education and Digital Literacy : Limited digital literacy, particularly among
older generations and marginalized communities, restricts meaningful use of
technology.
• Cultural and Language Barriers: Digital platforms might not cater to all
languages or cultural contexts, limiting accessibility in multilingual or
indigenous communities.

IT IN EDUCATION AND LEARNING

Technology in education extends beyond online classes to include gamified learning, AI-driven
personalization, immersive virtual reality (VR) environments, and data analytics for tracking student
progress.

INNOVATIONS IN E-LEARNING

• Massive Open Online Courses (MOOCs) : Platforms like edX and Coursera democratize
education, offering access to courses from top institutions. This challenges traditional
education models by emphasizing lifelong learning and flexibility.
• Virtual Classrooms and Collaboration Tools : Microsoft Teams, Google Classroom,
and Edmodo enable real-time collaboration and enhance accessibility for student with
special needs.
• AI in Education : Adaptive learning systems like DreamBox and Khan Academy
personalize lessons based on individual learning speeds and styles, increasing retention
rates.

OPPORTUNITIES

Digital tools promote inclusivity, allowing students from diverse backgrounds to engage. They also
support teacher-student interactions and provide global exposure.

CHALLENGES

Data privacy, digital fatigue, and inequality in access are ongoing issues. Schools in lower-income
countries, for example, may lack the resources for equitable online learning experiences.
IMPACT OF IT ON CULTURE AND SOCIAL INTERACTIONSIMPACT OF IT ON CULTURE AND SOCIAL
INTERACTIONS

Cultural Transformation through IT

• Digital Communication Platforms : The rise of platforms like WhatsApp, Instagram, and
Twitter has reshaped social norms, values, and behaviors. Global communication and
instant information exchange have expanded social circles and cultural exchange.
• POSITIVES :
o Increased awareness of global issues
o greater connectivity,
o opportunities for self- expression,
o democratization of information.
• NEGATIVES :
o Cyberbullying
o spread of misinformation
o polarization due to echo chambers
o mental health impacts from social media overuse
• Emergence of Digital Communities : From niche forums to large social media groups,
digital communities allow individuals to connect over shared interests, identities, and
goals. These platforms offer new forms of support and activism but also challenge
traditional notions of identity and privacy.

EMERGING TECHNOLOGIES

Emerging technology is a term generally used to describe a new technology, but it may also refer
to the continuing development of an existing technology; it can have slightly different meaning when used
in different areas, such as media, business, science, or education.

ARTIFICIAL INTELLIGENCE (AI)

Artificial Intelligence is the field of developing computers and robots that are capable of
behaving in ways that both mimic and go beyond human capabilities. AI-enabled programs can analyze
and contextualize data to provide information or automatically trigger actions without human
interference.

TYPES OF ARTIFICIAL INTELLIGENCE

• Narrow AI: Also known as Weak AI, this system is designed to carry out one
particular job. Weak AI systems include video games like personal assistants
like Amazon's Alexa and Apple's Siri.
• General AI: This type includes strong artificial intelligence systems that carry on
the tasks considered to be human-like. They tend to be more complex and
complicated and can be found in applications like self-driving cars or hospital
operating rooms.

4 KINDS OF AI

• Reactive machines perceive the world in front of them and react. They can
carry out specific commands and requests, but they cannot store memory or
rely on past experiences to inform their decision making in real time. This makes
reactive machines useful for completing a limited number of specialized duties.
Examples include Netflix’s recommendation engine and IBM’s Deep Blue (used
to play chess).
• Limited memory AI has the ability to store previous data and predictions when
gathering information and making decisions. Essentially, it looks into the past
 for clues to predict what may come next. Limited memory AI is created when a
team continuously trains a model in how to analyze and utilize new data, or an
AI environment is built so models can be automatically trained and renewed.
Examples include ChatGPT and self-driving cars.

• Theory of mind is a type of AI that does not actually exist yet, but it describes
the idea of an AI system that can perceive and understand human emotions,
and then use that information to predict future actions and make decisions on
its own.

• Self-aware AI refers to artificial intelligence that has self-awareness, or a sense

of self. This type of AI does not currently exist. In theory, though, self-aware AI
possesses human-like consciousness and understands its own existence in the
world, as well as the emotional state of others.

AI BENEFITS AND DISADVANTAGES

BENEFITS

• Automating Repetitive Tasks

• Solving Complex Problems
• Improving Customer Experience
• Advancing Healthcare and Medicine
• Reducing Human Error

DISADVANTAGES

• Job Displacement
• Bias and Discrimination
• Hallucinations
• Privacy Concerns
• Ethical Concerns
• Environmental Costs

AI APPLICATIONS AND EXAMPLES

APPLICATIONS

• Healthcare
• Retail
• Customer Service
• Manufacturing
• Finance
• Marketing
• Gaming
• Military

EXAMPLES

• Generative AI Tools
• Smart Assistants
• Self-Driving Cars
• Wearables
• Visual Filters
MACHINE LEARNING (ML)

Machine learning is the science of teaching computers to learn from data and make decisions
without being explicitly programmed to do so.

Deep learning, a subset of machine learning, uses sophisticated neural networks to perform
what is essentially an advanced form of predictive analytics.

4 CATEGORIES OF MACHINE LEARNING

SUPERVISED LEARNING : trains models on labeled data sets, enabling them to accurately
recognize patterns, predict outcomes or classify new data.

UNSUPERVISED LEARNING : trains models to sort through unlabeled data sets to find
underlying relationships or clusters.

REINFORCEMENT LEARNING : takes a different approach, in which models learn to make

decisions by acting as agents and receiving feedback on their actions.

SEMI-SUPERVISED LEARNING : which combines aspects of supervised and unsupervised

approaches. This technique uses a small amount of labeled data and a larger amount of
unlabeled data, thereby improving learning accuracy while reducing the need for labeled data,
which can be time and labor intensive to procure.

ML BENEFITS AND RISKS

BENEFITS

• Decreased operational costs

• Improved operational efficiency and accuracy
• Improved insights

RISKS

• Job layoffs
• Lack of human element
• Ingrained biases

ML APPLICATIONS

• Speech recognition
• Customer service
• Computer vision
• Recommendation engines
• Robotic process automation (RPA)
• Automated stock trading
• Fraud detection
BIG DATA

Big data refers to extremely large and complex data sets that cannot be easily managed or
analyzed with traditional data processing tools, particularly spreadsheets. Big data includes structured
data, like an inventory database or list of financial transactions; unstructured data, such as social posts
or videos; and mixed data sets, like those used to train large language models for AI.

WHAT ARE THE FIVE “VS” OF BIG DATA?

• Volume
• Velocity
• Variety
• Veracity
• Value

BIG DATA BENEFITS AND APPLICATIONS

BENEFITS

• Better insights
• Decision-making
• Personalized customer experiences
• Improved operational efficiency.

USE CASES

• Retail and ecommerce

• Healthcare
• Financial services
• Manufacturing
• Government and public services

DATA ANALYTICS

Data analytics is the process of collecting, transforming, and organizing data in order to draw
conclusions, make predictions, and drive informed decision making. It can be used by different entities,
such as businesses, to optimize their performance and maximize their profits. This is done by using
software and other tools to gather and analyze raw data.

TYPES OF DATA ANALYTICS

• Descriptive analytics
• Diagnostic analytics
• Predictive analytics
• Prescriptive analytics

THE ROLE OF DATA ANALYTICS

• Gathering Data
• Data Management
• Statistical Analysis
 • Data Presentation

BLOCKCHAIN TECHNOLOGY

Blockchain technology is defined as a ledger of decentralized data that is securely shared.

Blockchain technology enables a collective group of select participants to share data. With blockchain
cloud services, transactional data from multiple sources can be easily collected, integrated, and shared.

In a blockchain system, fraud and data tampering are prevented because data can’t be altered
without the permission of a quorum of the parties. If someone tries to alter data, all participants will be
alerted and will know who make the attempt.

BENEFITS

• More Security
• Improved Accuracy
• Higher Efficiency

CHALLENGES

• Transaction Limitations
• Energy Consumption
• Scalability Issues
• Regulation Concerns

CRYPTOCURRENCIES

Cryptocurrency is a digital payment system that doesn't rely on banks to verify transactions. It’s
a peer-to-peer system that can enable anyone anywhere to send and receive payments. Instead of being
physical money carried around and exchanged in the real world, cryptocurrency payments exist purely as
digital entries to an online database describing specific transactions. When you transfer cryptocurrency
funds, the transactions are recorded in a public ledger. Cryptocurrency is stored in digital wallets.

ADVANTAGES

• Removes single points of failure

• Easier to transfer funds between parties
• Removes third parties
• Can be used to generate returns
• Remittances are streamlined

DISADVANTAGES

• Transactions are pseudonymous

• Pseudonymity allows for criminal uses
• Have become highly centralized
• Expensive to participate in a network and earn
• Off-chain security issues
• Prices are very volatile

FINTECH

Financial Technology refers to the use of technology and innovation to improve, automate, and
enhance the delivery of financial services. It encompasses a wide range of applications, from digital
banking and mobile payments to cryptocurrencies, decentralized finance (DeFi), robo-advisors, and
blockchain. Fintech aims to make financial transactions more accessible, secure, and efficient for
consumers and businesses alike.

WHAT ARE EXAMPLES OF FINTECH?

• Robo-advisors are apps or online platforms that optimally invest your money
automatically, often for little cost, and are accessible to ordinary individuals.

• Investment apps like Robinhood make it easy to buy and sell stocks, exchange-traded
funds (ETFs), and cryptocurrency from your mobile device, often with little or no
commission.

• Payment apps like PayPal, Venmo, Block (Square), Zelle, and Cash App make it easy to
pay individuals or businesses online and in an instant.

• Personal finance apps such as Mint, YNAB, and Quicken Simplifi let you see all of your
finances in one place, set budgets, pay bills, and so on.

• Peer-to-peer (P2P) lending platforms like Prosper Marketplace, LendingClub, and

Upstart allow individuals and small business owners to receive loans from an array of
individuals who contribute microloans directly to them.

• Crypto apps, including wallets, exchanges, and payment applications, allow you to hold
and transact in cryptocurrencies and digital tokens like Bitcoin and non- fungible tokens
(NFTs).

• Insurtech is the application of technology specifically to the insurance space. One

example would be the use of devices that monitor you’re driving in order to adjust auto
insurance rates.