COMPUTER FUNDAMENTALS fundamental concepts that form the

AND PROGRAMMING foundation of effective cybersecurity.

L E SSON 5: CY BE R SE C UR I T Y : AN Key Areas of Cybersecurity

OVE R V I E W
1. Network Security – Addresses
Definition and Importance vulnerabilities in operating
systems, network architecture,
Cybersecurity is the practice of defending servers, firewalls, and network
computers, servers, mobile devices, protocols.
electronic systems, networks, and data 2. Cloud Security – Secures data,
from malicious attacks. It is also known as applications, and infrastructure in
information technology security or the cloud.
electronic information security. 3. IoT (Internet of Things) Security
– Protects smart devices that
Cybersecurity applies in a variety of connect to the internet without
contexts, from business to mobile human intervention, such as fire
computing, and can be divided into alarms, thermostats, and lights.
several key categories: 4. Application Security – Focuses
on vulnerabilities in designing,
 Network Security – Securing a coding, and publishing software
computer network from or websites.
intruders, whether targeted
attackers or opportunistic Cybersecurity vs. Information Security
malware.
 Application Security – Keeping Cybersecurity is often confused with
software and devices free from information security:
threats by addressing
vulnerabilities at the design stage
 Cybersecurity – Focuses on
before deployment.
protecting computer systems
 Information Security – from unauthorized access or
Protecting the integrity and being damaged or made
privacy of data, both in storage inaccessible.
and in transit.
 Information Security – A broader
 Operational Security – Managing category that protects all
the processes and decisions information assets, whether in
related to handling and hard copy or digital form.
protecting data assets, including
user permissions and data
Challenges in Cybersecurity
storage policies.

Mitigating cybersecurity risks can be

Cybersecurity Basics
challenging, especially in remote work
environments where organizations have
Before diving into advanced security
measures, it is essential to understand the
less control over employee behavior and points for cybercriminals, making
device security. security essential.
3. Network Security – Conduct
Essential Security Concepts network penetration tests to
assess vulnerabilities and security
Understanding these basic principles is risks.
crucial for protecting an organization: 4. Leadership Commitment – Cyber
resilience requires top
 Authentication – Verifies a user's management to invest in
identity using: cybersecurity resources and
training.
o Something you know 5. Password Management –
(password). Enforce policies guiding
o Something you have employees to create strong
(security key). passwords and keep them secure.
o Something you are
(fingerprint). Basic Security Measures

 Authorization – Determines what Strong Password Practices

resources verified users can
access. o Create unique
 Confidentiality – Ensures passwords for each
sensitive data is accessible only account.
to authorized individuals using o Use at least 12 characters
encryption and access controls. combining letters,
 Integrity – Maintains the numbers, and symbols.
accuracy and completeness of o Enable multi-factor
data throughout its lifecycle. authentication
 Availability – Ensures that whenever possible.
information is accessible to o Use a password
authorized users when needed, manager for secure
while protecting against storage.
disruptions.
Regular Software Updates
Cybersecurity Checklist
o Enable automatic
Must-Have Security Measures updates where possible.
o Apply security patches
1. User Education – Employees immediately upon
must be trained to recognize release.
security threats and apply best o Maintain an inventory of
practices. software requiring
updates.
2. Application Security – Web
applications are common entry
 Data Backup Types of Cyber Threats

o Backup critical data at Cybersecurity threats fall into three main

least weekly. categories:
o Store backups in
multiple locations 1. Cybercrime – Individuals or
(including offline groups targeting systems for
backups). financial gain or disruption.
o Regularly test data
2. Cyber-Attack – Politically
recovery processes.
motivated attacks, often used for
espionage or sabotage.
Access Control
3. Cyberterrorism – Intended to
undermine systems to cause
o Grant users access only panic or fear.
as necessary for their
roles.
Common Cyber Threats
o Review access rights
quarterly.
o Remove access  Malware – Malicious software
immediately for like viruses and spyware.
departing employees.  Phishing – Fraudulent emails or
o Implement role-based messages tricking users into
access control. revealing sensitive information.
 Ransomware – Attackers encrypt
Warning Signs of Security Issues files and demand payment for
decryption.
Watch for these common indicators of
potential security problems: Cyber Safety Tips

 Systems running slower than 1. Update software and operating

usual. systems regularly.
 Unexpected pop-ups or 2. Use antivirus software and keep
password changes. it updated.
 Unusually high network traffic. 3. Use strong passwords that are
 Disabled security tools or difficult to guess.
antivirus. 4. Avoid opening email
 Unauthorized programs starting attachments from unknown
automatically. senders.
 Strange outbound network 5. Do not click on suspicious links in
connections. emails or websites.
6. Avoid using unsecured WiFi in
Implementing strong cybersecurity public places.
fundamentals can help protect against
common threats and support more
advanced security measures.
Why is Cybersecurity Important? Common Cybercrime Complaints in the
Philippines
Rising Costs of Cybersecurity Breaches
1. Online scams – Fraudulent
Organizations suffering cyber breaches schemes to steal money.
face financial penalties and reputational 2. Online libel – Spreading false
damage. information online.
3. Online threats – Sending digital
Increasingly Sophisticated Cyber Attacks threats.
4. Identity theft – Using someone’s
Attackers use a wide range of tactics, personal data without consent.
including social engineering, malware, 5. Photo and video voyeurism –
and ransomware. Sharing private media without
consent.
Cybersecurity as a Board-Level Issue
Cybercrime Offenses Under RA 10175
Regulations and compliance requirements
make cybersecurity a critical concern for  Illegal Access – Unauthorized
business leaders. system entry (hacking).
 Illegal Interception – Accessing
Cybercrime is a Growing Industry private communications.
 Data Interference – Modifying or
A study by McAfee and CSIS estimates deleting digital records.
that cybercrime causes over $1 trillion in  System Interference – Installing
global economic losses annually. viruses or disrupting operations.

Penalties: Prison terms of 6 to 12 years

and fines starting at ₱200,000.
Legal Framework: Cybersecurity Laws in
the Philippines 2. Republic Act No. 10173 – Data Privacy
Act of 2012
1. Republic Act No. 10175 – Cybercrime
Prevention Act of 2012  Protects personal data collected
by organizations and government
 Defines and penalizes cyber- agencies.
related offenses (hacking,  Establishes the National Privacy
identity theft, cyber libel, child Commission (NPC) to enforce
pornography). data privacy regulations.
 Establishes the Cybercrime
Investigation and Coordinating
Center (CICC).