GEE11 MIDTERM PDF

PRIVACY AND CYBERSECURITY BASICS OF CYBERSECURITY: THREATS AND VULNERABILITIES Cyber threats can originate from any individuals whose goal is to steal data or cause damage to computer systems. Malware Attacks: "Malicious software" is a common type of cyberattack. This includes viruses, worms, trojans, spyware, and ransomware. Malware attacks usually occur via links on untrusted websites or unwanted software downloads. The effects of this threat include collecting sensitive data, manipulating and blocking access to network components, or destroying data. Social Engineering Attacks: These threats involve tricking and manipulating individuals to provide entry for malware. The effect of this is that the victim may unknowingly provide sensitive information, such as passwords. The main types of social engineering attacks are phishing, baiting, pretexting, vishing, smishing, piggybacking, and tailgating. Supply Chain Attacks: This type of attack is considered severe because it is used to infect legitimate applications.The software vendor may not be aware that its applications or updates are infected with malware. Man-in-the-Middle Attack: This attack can eavesdrop on communication between two endpoints and can impersonate any party participating in the communication. This includes Wi-Fi eavesdropping, email hijacking, DNS spoofing, and HTTPS spoofing. Denial-of-Service Attack: This attack can hinder the ability of a system to function normally by overwhelming it with a large volume of traffic. Some techniques include HTTP flood DDoS and SYN flood DDoS. Injection Attacks: This type of attack can insert malicious input directly into a web application, potentially exposing sensitive information. An example of this is Cross-Site Scripting (XSS). TYPES OF CYBERSECURITY VULNERABILITIES: System Misconfigurations: Network assets can cause system mistakes with incompatible security settings or restrictions. Cybercriminals frequently search networks for vulnerabilities and misconfigurations in the system that they can exploit. Outdated or Unpatched Software: Attackers often exploit unpatched vulnerabilities to steal confidential data. Organizations should have a patch management strategy to ensure that recent system updates are applied. Missing or Weak Authorization Credentials: Attackers may guess employee passwords to gain access to systems and networks. Malicious Insider Threats: Attackers can infiltrate the network through the data sharing of employees who have access to vital systems. Insider threats are challenging to identify because they can manipulate their actions to appear genuine. Missing or Poor Data Encryption: Weak encryption can lead to the exposure of misleading information on a server. Attackers can intercept system communications. Zero-Day Vulnerabilities: These are flaws in software that attackers are aware of but that users have not yet identified. Attackers may use this advantage to infiltrate systems while the vulnerabilities remain unknown. DATA PRIVACY AND PROTECTION Data privacy focuses on who has access to certain data, which is often controlled by the user. In contrast, data protection refers to the responsibility of the company that holds your data to ensure that it remains private. Data privacy defines the policies that data protection tools and processes employ. Data Privacy is a guideline for how data should be collected and handled. This applies to all sensitive information that the company manages. Such information plays a vital role in business operations, development, and finances. Data privacy ensures that sensitive data is only accessible to approved parties, typically controlled by the user or customer. Data Protection signifies the strategic and procedural steps that organizations take to protect the sensitive data they collect and process, as well as to prevent its loss. Additionally, the goal of data protection is to ensure that information remains accessible and reliable while maintaining its protection. Data Protection Principles Data Availability: Ensuring users can access and use the data required to perform business functions, even when this data is lost or damaged. Data Lifecycle Management: Involves automating the transmission of critical data to offline and online storage. Information Lifecycle Management: Involves the valuation, cataloging, and protection of information assets from various sources LEGAL AND ETHICAL CONSIDERATIONS IN CYBER SECURITY Data Privacy and Protection Laws: Compliance with laws like GDPR and CCPA to safeguard personal data. Intellectual Property (IP) Protection: Prevent unauthorized access and ensure IP rights are respected Legal Liability: Organizations may face penalties for security negligence. Ethical Hacking: Ethical hackers must have permission; unauthorized hacking is illegal. Cybersecurity Professional Ethics: Follow codes of conduct to maintain integrity and responsibility. Surveillance and Monitoring: Balance security with privacy rights and inform individuals. Incident Reporting Obligations: Timely reporting of data breaches is required by regulations. Cybercrime Legislation: Laws exist to combat hacking, identity theft, and other cybercrimes. The following are the key cybersecurity laws and regulations in the Philippines: Internet Transactions Act (RA No. 11967) Electronic Commerce Act (RA No. 8792) Anti-Online Sexual Abuse or Exploitation of Children and Anti-Child Sexual Abuse or Exploitation Materials Act (RA No. 11930) Access Devices Regulation Act (RA No. 8484) Anti-Photo and Video Voyeurism Act (RA No. 9995) Subscriber Identity Module (SIM) Registration Act (RA No. 11934) Mobile Number Portability Act (RA No. 11202) Anti-Child Pornography Act of 2009 (RA No. 9775) Data Privacy Act of 2012 (RA No. 10173) RA No. 10175 also known as the Cybercrime Prevention Act of 2012, enacted of September 12, 2012, is a piece of legislation in the Philippines that addresses cybercrime and promotes cybersecurity within the country. Any person found guilty Sections 4 (a) and 4 (b) - (PhP200,000.00) Any person found guilty Section 4(a)(5) - (PhP500,000.00) Any person found guilty Section 4(c)(1) (PhP200,000.00) - (PhP1,000,000.00) Any person found guilty Section 4(c)(2) penalty to be imposed shall be one (1) degree higher than that provided for in Republic Act No. 9775, Any person found guilty Section 4(c)(3) (PhP50,000.00) - (PhP250,000.00) Any person found guilty Section 5 (PhP100,000.00) - (PhP500,000.00) ADVANTAGES Cybersecurity Enhancement: Protection of Individuals: Legal Framework ISSUE Privacy Concerns IT AND SOCIETY DIGITAL DIVIDE: ACCESS AND INEQUALITY The digital divide refers to the gap in access, use, and skills related to information and communication technologies (ICT). It extends beyond mere connectivity and encompasses disparities in digital literacy, accessibility of devices, and ability to leverage technology effectively. FACTORS CONTRIBUTING TO THE DIGITAL DIVIDE Geographical and Infrastructure Disparities: Rural and remote areas often lack high-speed internet due to inadequate infrastructure, affecting essential services like telemedicine and e-learning. Economic Barriers : High costs of devices and internet subscriptions limit accessibility among lower-income families Education and Digital Literacy : Limited digital literacy, particularly among older generations and marginalized communities, restricts meaningful use of technology. Cultural and Language Barriers: Digital platforms might not cater to all languages or cultural contexts, limiting accessibility in multilingual or indigenous communities. IT IN EDUCATION AND LEARNING Technology in education extends beyond online classes to include gamified learning, AI-driven personalization, immersive virtual reality (VR) environments, and data analytics for tracking student progress. INNOVATIONS IN E-LEARNING Massive Open Online Courses (MOOCs) : Platforms like edX and Coursera democratize education, offering access to courses from top institutions. This challenges traditional education models by emphasizing lifelong learning and flexibility. Virtual Classrooms and Collaboration Tools : Microsoft Teams, Google Classroom, and Edmodo enable real-time collaboration and enhance accessibility for student with special needs. AI in Education : Adaptive learning systems like DreamBox and Khan Academy personalize lessons based on individual learning speeds and styles, increasing retention rates. OPPORTUNITIES Digital tools promote inclusivity, allowing students from diverse backgrounds to engage. They also support teacher-student interactions and provide global exposure. CHALLENGES Data privacy, digital fatigue, and inequality in access are ongoing issues. Schools in lower-income countries, for example, may lack the resources for equitable online learning experiences. IMPACT OF IT ON CULTURE AND SOCIAL INTERACTIONSIMPACT OF IT ON CULTURE AND SOCIAL INTERACTIONS Cultural Transformation through IT Digital Communication Platforms : The rise of platforms like WhatsApp, Instagram, and Twitter has reshaped social norms, values, and behaviors. Global communication and instant information exchange have expanded social circles and cultural exchange. POSITIVES : o Increased awareness of global issues o greater connectivity, o opportunities for self- expression, o democratization of information. NEGATIVES : o Cyberbullying o spread of misinformation o polarization due to echo chambers o mental health impacts from social media overuse Emergence of Digital Communities : From niche forums to large social media groups, digital communities allow individuals to connect over shared interests, identities, and goals. These platforms offer new forms of support and activism but also challenge traditional notions of identity and privacy. EMERGING TECHNOLOGIES Emerging technology is a term generally used to describe a new technology, but it may also refer to the continuing development of an existing technology; it can have slightly different meaning when used in different areas, such as media, business, science, or education. ARTIFICIAL INTELLIGENCE (AI) Artificial Intelligence is the field of developing computers and robots that are capable of behaving in ways that both mimic and go beyond human capabilities. AI-enabled programs can analyze and contextualize data to provide information or automatically trigger actions without human interference. TYPES OF ARTIFICIAL INTELLIGENCE Narrow AI: Also known as Weak AI, this system is designed to carry out one particular job. Weak AI systems include video games like personal assistants like Amazon's Alexa and Apple's Siri. General AI: This type includes strong artificial intelligence systems that carry on the tasks considered to be human-like. They tend to be more complex and complicated and can be found in applications like self-driving cars or hospital operating rooms. 4 KINDS OF AI Reactive machines perceive the world in front of them and react. They can carry out specific commands and requests, but they cannot store memory or rely on past experiences to inform their decision making in real time. This makes reactive machines useful for completing a limited number of specialized duties. Examples include Netflix’s recommendation engine and IBM’s Deep Blue (used to play chess). Limited memory AI has the ability to store previous data and predictions when gathering information and making decisions. Essentially, it looks into the past for clues to predict what may come next. Limited memory AI is created when a team continuously trains a model in how to analyze and utilize new data, or an AI environment is built so models can be automatically trained and renewed. Examples include ChatGPT and self-driving cars. Theory of mind is a type of AI that does not actually exist yet, but it describes the idea of an AI system that can perceive and understand human emotions, and then use that information to predict future actions and make decisions on its own. Self-aware AI refers to artificial intelligence that has self-awareness, or a sense of self. This type of AI does not currently exist. In theory, though, self-aware AI possesses human-like consciousness and understands its own existence in the world, as well as the emotional state of others. AI BENEFITS AND DISADVANTAGES BENEFITS Automating Repetitive Tasks Solving Complex Problems Improving Customer Experience Advancing Healthcare and Medicine Reducing Human Error DISADVANTAGES Job Displacement Bias and Discrimination Hallucinations Privacy Concerns Ethical Concerns Environmental Costs AI APPLICATIONS AND EXAMPLES APPLICATIONS Healthcare Retail Customer Service Manufacturing Finance Marketing Gaming Military EXAMPLES Generative AI Tools Smart Assistants Self-Driving Cars Wearables Visual Filters MACHINE LEARNING (ML) Machine learning is the science of teaching computers to learn from data and make decisions without being explicitly programmed to do so. Deep learning, a subset of machine learning, uses sophisticated neural networks to perform what is essentially an advanced form of predictive analytics. 4 CATEGORIES OF MACHINE LEARNING SUPERVISED LEARNING : trains models on labeled data sets, enabling them to accurately recognize patterns, predict outcomes or classify new data. UNSUPERVISED LEARNING : trains models to sort through unlabeled data sets to find underlying relationships or clusters. REINFORCEMENT LEARNING : takes a different approach, in which models learn to make decisions by acting as agents and receiving feedback on their actions. SEMI-SUPERVISED LEARNING : which combines aspects of supervised and unsupervised approaches. This technique uses a small amount of labeled data and a larger amount of unlabeled data, thereby improving learning accuracy while reducing the need for labeled data, which can be time and labor intensive to procure. ML BENEFITS AND RISKS BENEFITS Decreased operational costs Improved operational efficiency and accuracy Improved insights RISKS Job layoffs Lack of human element Ingrained biases ML APPLICATIONS Speech recognition Customer service Computer vision Recommendation engines Robotic process automation (RPA) Automated stock trading Fraud detection BIG DATA Big data refers to extremely large and complex data sets that cannot be easily managed or analyzed with traditional data processing tools, particularly spreadsheets. Big data includes structured data, like an inventory database or list of financial transactions; unstructured data, such as social posts or videos; and mixed data sets, like those used to train large language models for AI. WHAT ARE THE FIVE “VS” OF BIG DATA? Volume Velocity Variety Veracity Value BIG DATA BENEFITS AND APPLICATIONS BENEFITS Better insights Decision-making Personalized customer experiences Improved operational efficiency. USE CASES Retail and ecommerce Healthcare Financial services Manufacturing Government and public services DATA ANALYTICS Data analytics is the process of collecting, transforming, and organizing data in order to draw conclusions, make predictions, and drive informed decision making. It can be used by different entities, such as businesses, to optimize their performance and maximize their profits. This is done by using software and other tools to gather and analyze raw data. TYPES OF DATA ANALYTICS Descriptive analytics Diagnostic analytics Predictive analytics Prescriptive analytics THE ROLE OF DATA ANALYTICS Gathering Data Data Management Statistical Analysis Data Presentation BLOCKCHAIN TECHNOLOGY Blockchain technology is defined as a ledger of decentralized data that is securely shared. Blockchain technology enables a collective group of select participants to share data. With blockchain cloud services, transactional data from multiple sources can be easily collected, integrated, and shared. In a blockchain system, fraud and data tampering are prevented because data can’t be altered without the permission of a quorum of the parties. If someone tries to alter data, all participants will be alerted and will know who make the attempt. BENEFITS More Security Improved Accuracy Higher Efficiency CHALLENGES Transaction Limitations Energy Consumption Scalability Issues Regulation Concerns CRYPTOCURRENCIES Cryptocurrency is a digital payment system that doesn't rely on banks to verify transactions. It’s a peer-to-peer system that can enable anyone anywhere to send and receive payments. Instead of being physical money carried around and exchanged in the real world, cryptocurrency payments exist purely as digital entries to an online database describing specific transactions. When you transfer cryptocurrency funds, the transactions are recorded in a public ledger. Cryptocurrency is stored in digital wallets. ADVANTAGES Removes single points of failure Easier to transfer funds between parties Removes third parties Can be used to generate returns Remittances are streamlined DISADVANTAGES Transactions are pseudonymous Pseudonymity allows for criminal uses Have become highly centralized Expensive to participate in a network and earn Off-chain security issues Prices are very volatile FINTECH Financial Technology refers to the use of technology and innovation to improve, automate, and enhance the delivery of financial services. It encompasses a wide range of applications, from digital banking and mobile payments to cryptocurrencies, decentralized finance (DeFi), robo-advisors, and blockchain. Fintech aims to make financial transactions more accessible, secure, and efficient for consumers and businesses alike. WHAT ARE EXAMPLES OF FINTECH? Robo-advisors are apps or online platforms that optimally invest your money automatically, often for little cost, and are accessible to ordinary individuals. Investment apps like Robinhood make it easy to buy and sell stocks, exchange-traded funds (ETFs), and cryptocurrency from your mobile device, often with little or no commission. Payment apps like PayPal, Venmo, Block (Square), Zelle, and Cash App make it easy to pay individuals or businesses online and in an instant. Personal finance apps such as Mint, YNAB, and Quicken Simplifi let you see all of your finances in one place, set budgets, pay bills, and so on. Peer-to-peer (P2P) lending platforms like Prosper Marketplace, LendingClub, and Upstart allow individuals and small business owners to receive loans from an array of individuals who contribute microloans directly to them. Crypto apps, including wallets, exchanges, and payment applications, allow you to hold and transact in cryptocurrencies and digital tokens like Bitcoin and non- fungible tokens (NFTs). Insurtech is the application of technology specifically to the insurance space. One example would be the use of devices that monitor you’re driving in order to adjust auto insurance rates.

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue