IAS 102 | CYBERSECURITY

WEEK 1 and 2

WEEK 1
Course Objectives:

• Understand the fundamental concepts of cybersecurity

• Identify key cybersecurity challenges and threats
• Recognize different types of attacks and their impact.
Topics
1. Introduction to Cybersecurity
a. Definition of cybersecurity and its importance in modern-day technology
b. Key themes and concepts of cybersecurity
c. Overview of emerging cybersecurity threats and trends

A. What is Cybersecurity?

Cyber is derived from the ancient Greek word kubernetikos, which means "good at steering
or piloting." While Security, comes from the Latin securus, which means freedom from worry: se
(without) + cura (care, worry).
Cybersecurity is the practice of protecting critical systems and sensitive information from
digital attacks. Also known as information technology (IT) security, cybersecurity measures are
designed to combat threats against networked systems and applications, whether those threats
originate from inside or outside of an organization. (https://www.ibm.com/topics/cybersecurity)
It includes a variety of technologies, processes, and practices designed to ensure the
confidentiality, integrity, and availability of computer systems and data.
It also involves identifying, assessing, and preventing security threats and risks, as well as
detecting and responding to security incidents.
Examples of cybersecurity measures:
Firewalls, antivirus software, encryption, access controls, and incident response plans
As our world becomes increasingly connected and reliant on technology, cybersecurity is becoming
an increasingly important field to ensure the protection of individuals, businesses, and governments.
Importance of Cybersecurity
In the digital age, where technology is deeply integrated into our lives, the importance of cybersecurity
cannot be overstated. As our reliance on technology grows, so does the need to protect our sensitive
information from cyber threats. Here are some key reasons why cybersecurity is crucial:
1. Protection of Personal Data: Our personal data is now more vulnerable than ever. From
financial information to medical records and social media profiles, cybercriminals are
constantly seeking to exploit these valuable assets. Effective cybersecurity measures

1
 safeguard our personal data and prevent unauthorized access, identity theft, and other forms
of fraud.
2. Preserving Privacy: The digital landscape collects an enormous amount of personal
information, often without us even realizing it. Cybersecurity ensures that our online activities,
communications, and transactions remain private and protected from unauthorized
surveillance or tracking.

3. Safeguarding Businesses: Businesses of all sizes face cyber threats that can lead to
significant financial losses, reputational damage, and legal implications. Cybersecurity
measures, such as firewalls, encryption, and secure networks, defend businesses against
data breaches, ransomware attacks, and other cyber incidents.

4. Protecting Critical Infrastructure: Our modern society heavily relies on critical infrastructure,
including energy grids, transportation systems, and healthcare networks. Cyberattacks
targeting these systems can have severe consequences, endangering public safety and
disrupting essential services. Robust cybersecurity protocols are vital for protecting these
crucial systems from malicious actors.

5. Ensuring National Security: Cyber threats are no longer limited to individuals and
businesses. Nation-states and cyber-espionage groups constantly seek to exploit
vulnerabilities in critical government infrastructure, military systems, and intelligence
operations. Strong cybersecurity measures are essential for the protection of national security
interests and the safeguarding of sensitive information.

6. Maintaining Trust and Confidence: As technology continues to advance, trust and

confidence in the digital world become paramount. When individuals and businesses feel
secure in their online activities, they can fully embrace the benefits of technology and explore
new opportunities. Effective cybersecurity ensures the preservation of trust, which is vital for
the growth of the digital economy.

7. Protection from Emerging Threats: Cyber threats are constantly evolving, with new attack
vectors and techniques emerging regularly. Cybersecurity measures, including regular
updates, patches, and user education, help organizations stay one step ahead of
cybercriminals, protecting against both known and unknown threats.
In conclusion, cybersecurity plays a critical role in today's technology-driven world. It is
essential to protect personal data, preserve privacy, safeguard businesses and critical infrastructure,
ensure national security, maintain trust, and defend against emerging threats. By prioritizing
cybersecurity, we can fully harness the benefits of modern technology while mitigating the risks
associated with our interconnected digital lives.

B. Key Themes and Concepts of Cybersecurity

Cybersecurity encompasses a range of interconnected themes and concepts that form the
foundation of a robust and effective cybersecurity strategy. Here are some key themes and concepts
you should be familiar with:

2
1. Threats and Attack Vectors: Understanding the different types of cyber threats and attack
vectors is crucial for addressing cybersecurity challenges. These may include malware,
ransomware, phishing attacks, social engineering, insider threats, and advanced persistent
threats (APTs). Awareness of these threats helps identify vulnerabilities and implement
appropriate security measures.

2. Risk Management: Cybersecurity is primarily concerned with managing risks associated with
potential cyber incidents. Risk management involves identifying and assessing threats,
vulnerabilities, and potential impacts. It also includes implementing protective measures, risk
mitigation strategies, and incident response plans to minimize the consequences of cyber-
attacks.

3. Security Controls: Security controls, also known as safeguards or countermeasures, are

measures put in place to protect systems, networks, and data from unauthorized access,
alteration, or destruction. These controls include firewalls, antivirus software, encryption, multi-
factor authentication, intrusion detection systems (IDS), and security policies.

4. Data Protection: A core component of cybersecurity is ensuring the confidentiality, integrity,

and availability of data. Encryption, access controls, secure backups, and secure coding
practices are employed to protect sensitive information from unauthorized access,
modification or loss. Compliance with data protection regulations (such as GDPR or CCPA) is
also critical.

5. Security Awareness and Training: Human factors play a significant role in cybersecurity.
Educating individuals about cybersecurity best practices, such as password hygiene, safe
browsing habits, and recognizing social engineering tactics, is essential. Security awareness
and training programs help cultivate a security-conscious culture and empower individuals to
become the first line of defense.

6. Incident Response and Recovery: Despite preventive measures, cyber incidents can still
occur. Having a well-defined incident response and recovery plan is crucial. It involves
detecting and responding promptly to incidents, mitigating the impact, conducting forensic
investigations, and restoring normal operations. Learning from incidents helps strengthen
defenses and prevent future occurrences.

7. Continuous Monitoring and Threat Intelligence: Cybersecurity requires constant

monitoring of systems, networks, and data to detect and respond to potential threats in real-
time. Proactive monitoring includes implementing security solutions, conducting vulnerability
assessments, and leveraging threat intelligence to stay informed about emerging threats and
attack trends.

8. Privacy and Compliance: Respecting individual privacy and complying with relevant laws
and regulations is essential for maintaining trust and avoiding legal consequences.
Cybersecurity efforts need to align with privacy principles and comply with regulations, such
as GDPR, HIPAA, or PCI-DSS, depending on the industry and geographic location.

3
 9. Cybersecurity Governance: Effective cybersecurity requires clear governance structures
and policies to guide decisions, allocate resources, manage risk, and establish accountability.
Cybersecurity is a multi-stakeholder effort involving executives, IT professionals, legal and
compliance teams, and other relevant stakeholders within an organization.

10. Emerging Technologies and Threats: Cybersecurity is an ever-evolving field, shaped by

emerging technologies and new threat landscapes. Concepts like artificial intelligence (AI),
blockchain, Internet of Things (IoT), cloud security, and mobile device security are critical
areas of focus as they introduce new vulnerabilities and challenges that need to be addressed.
Understanding these key themes and concepts will help you navigate the complex world of
cybersecurity and develop a comprehensive understanding of the principles and practices necessary
to protect systems, data, and individuals from cyber threats.

C. Overview of Emerging Cybersecurity Threats and Trends

Cybersecurity threats and trends continue to evolve rapidly, driven by advancements in

technology and the increasing sophistication of cybercriminals. Here are some of the latest emerging
cybersecurity threats and trends globally and specifically in the Philippines:
Globally:
1. Ransomware Attacks: Ransomware attacks have become more targeted and sophisticated,
often involving double extortion tactics where cybercriminals steal data before encrypting it.
This trend has led to an increase in ransomware payments and significant disruptions for
businesses and organizations.

2. Supply Chain Attacks: Cybercriminals are targeting the software supply chain, exploiting
vulnerabilities in trusted software updates or inserting malicious code into legitimate software.
This approach aims to compromise multiple organizations simultaneously, making detection
and remediation more challenging.

3. Cloud Security Challenges: The expansion of cloud services has introduced unique
cybersecurity risks. Unauthorized access, misconfigurations, and insecure APIs can lead to
data breaches and unauthorized data exposure. As more organizations migrate their
infrastructure to the cloud, ensuring robust cloud security becomes crucial.

4. Zero-Day Exploits: Zero-day vulnerabilities, unknown to software developers, are exploited

by threat actors before a patch or fix is available. These exploits allow attackers to gain
unauthorized access or control of systems, highlighting the significance of vulnerability
management and prompt patching.
In the Philippines:
1. Business Email Compromise (BEC): The Philippines has experienced a rise in BEC attacks,
where cybercriminals impersonate executives or employees to deceive victims into
transferring funds or sharing sensitive information. BEC attacks often target businesses with
international trade or financial transactions.

4
 2. Online Scams and Fraud: Online scams and fraud remain prevalent in the Philippines,
targeting individuals through phishing emails, fake websites, and social media platforms.
These scams aim to steal personal and financial information, defraud victims, or distribute
malware.

3. Cyber Espionage: The Philippines has been a target of cyber espionage activities due to its
geopolitical importance. State-sponsored threat actors may target government agencies,
critical infrastructure, and the economic sector to gather intelligence or disrupt operations.

4. Data Privacy Compliance: The Philippines introduced the Data Privacy Act (DPA) in 2012,
emphasizing the protection of personal data and imposing obligations on organizations to
secure data and ensure privacy. Compliance with the DPA and international regulations like
GDPR is a key concern for businesses operating in the country.

5. Social Engineering and Identity Theft: Social engineering attacks, such as phishing and
pretexting, are widely used to exploit human vulnerabilities. Cybercriminals manipulate
individuals into revealing sensitive information or performing actions that put their online
security and privacy at risk.
Addressing these emerging cybersecurity threats and trends requires a multi-faceted
approach that includes robust security measures, employee education and awareness, regular
software updates and patching, incident response planning, and compliance with relevant regulations.
It's important for individuals, organizations, and governments to stay vigilant, adopt security
best practices, and collaborate to combat these evolving cyber threats.

5
WEEK 2
Course Objectives:

• Understand the various cybersecurity frameworks and standards

• Analyze the applicability of cybersecurity frameworks and standards in an organization
Overview of Cybersecurity Frameworks and Standards
Topics
2. Overview of Cybersecurity Frameworks and Standards
a. Understanding of different cybersecurity frameworks and standards: NIST, ISO, CIS,
COBIT, etc.
b. Implementation and applicability of cybersecurity frameworks and standards in different
organizations
c. Best practices for cybersecurity compliance and regulations

A. Understanding of different cybersecurity frameworks and standards: NIST, ISO, CIS,

COBIT, etc.

There are various cybersecurity frameworks and standards available, and each one has its
own set of guidelines and best practices. Here are some of the most commonly used frameworks
and standards:
1. NIST Cybersecurity Framework (CSF): Developed by the US National Institute of Standards
and Technology (NIST), the CSF is a voluntary framework aimed at improving cybersecurity
risk management in critical infrastructure sectors. It provides a set of guidelines for identifying,
protecting, detecting, responding, and recovering from cyber threats.

2. ISO 27001/27002: ISO 27001 is an international standard for information security

management systems (ISMS). It provides a systematic approach to managing sensitive
company information and creates a framework for implementing and managing information
security controls. ISO 27002 provides a code of practice for information security management.

3. Center for Internet Security (CIS) Controls: The CIS Controls are a set of guidelines
focused on basic cyber hygiene practices. These controls are designed to help organizations
mitigate the most common cyber threats. They provide practical guidance for implementing
security measures and managing vulnerabilities.

4. COBIT: The Control Objectives for Information and Related Technologies (COBIT) framework
provides a set of best practices for IT governance and management. It helps organizations
align their IT operations with their business goals and ensures that IT processes are consistent
and effective. The latest version, COBIT 2019, includes cybersecurity as a core component.

5. Payment Card Industry Data Security Standard (PCI DSS): PCI DSS is a standard
developed by the major credit card companies to protect cardholder information. It provides
guidelines for securing payment card data and ensuring that merchants and service providers
comply with the necessary regulations.

6
 6. General Data Protection Regulation (GDPR): GDPR is a regulation created by the
European Union that aims to protect the privacy and personal data of EU citizens. It provides
specific guidelines for organizations on how to collect, process, and store personal data, and
includes provisions for data breaches and non-compliance.
Each of these frameworks and standards provides best practices and guidance for
cybersecurity management and risk mitigation. Organizations should select the framework that best
meets their specific needs, depending on their industry, size, and business objectives, and integrate
it into their overall cybersecurity strategy.

B. Implementation and Applicability of Cybersecurity Framewroks and Standards in Different

Organizations

The implementation and applicability of cybersecurity frameworks and standards can vary
across different organizations depending on factors such as industry, size, and regulatory
requirements. Here are some key considerations:
1. Industry-specific Regulations: Organizations operating in regulated industries, such as
finance, healthcare, or government, may have specific cybersecurity requirements imposed
by regulatory bodies. These regulations often mandate the adoption of specific frameworks or
standards, such as PCI DSS for payment card industry compliance or HIPAA for healthcare
organizations.

2. Organization Size and Complexity: The size and complexity of an organization can influence
its approach to implementing frameworks and standards. Larger organizations with more
resources and a greater risk exposure may adopt comprehensive frameworks like NIST CSF
or ISO 27001/27002. Smaller organizations may opt for more streamlined frameworks like the
CIS Controls.

3. Risk Management Approach: Each organization has its own risk tolerance and risk
management approach. Some organizations may prioritize certain security controls or
compliance requirements based on their specific threats and vulnerabilities. Frameworks like
the NIST CSF provide flexibility for organizations to adapt their cybersecurity strategies based
on their risk appetite.

4. Resource Availability: Implementing and maintaining cybersecurity frameworks and

standards requires dedicated resources. Organizations need to allocate manpower, budget,
and time to assess their current state, implement control measures, conduct regular
assessments, and continuously improve their cybersecurity posture.

5. Third-Party Requirements: Organizations that work closely with partners, vendors, or clients
may be contractually obligated to align with specific frameworks or standards. For example, a
vendor may require ISO 27001 certification before partnering with an organization.

7
 6. Global Operations: Organizations with global operations may need to consider regional or
international frameworks and standards. GDPR is a prime example, as it applies to
organizations handling the personal data of EU citizens, regardless of their geographic
location.
In general, organizations should carefully assess their cybersecurity needs, regulatory
requirements, and operational context to select the most suitable framework or standard.
Implementing cybersecurity frameworks and standards should be viewed as an ongoing process
rather than a one-time effort, requiring continuous monitoring, evaluation, and adaptation to address
evolving threats and technology advancements. Employing a risk-based approach and leveraging the
expertise of cybersecurity professionals can greatly assist organizations in effectively implementing
and applying cybersecurity frameworks and standards.
In the Philippines, the implementation and applicability of cybersecurity frameworks and
standards in different organizations follow a similar pattern to other regions. However, there are some
factors specific to the Philippines that can influence their implementation:
1. Data Privacy Act of 2012: The Data Privacy Act (DPA) of 2012 is the primary legislation
governing the protection of personal data in the Philippines. Organizations that process
personal data are required to comply with the DPA's provisions. Implementing cybersecurity
frameworks and standards can help organizations meet the DPA's requirements for data
security and protection.

2. Bangko Sentral ng Pilipinas (BSP) Guidelines: The BSP issues guidelines for banks and
financial institutions to promote cybersecurity and protect financial information. These
guidelines mandate certain cybersecurity frameworks and standards, such as ISO 27001, for
banks and financial institutions.

3. National Privacy Commission (NPC) Guidelines: The NPC, the government agency
responsible for enforcing the DPA, provides guidelines on data protection and cybersecurity.
These guidelines offer recommendations on implementing cybersecurity frameworks and
standards to safeguard personal data.

4. Industry Regulations: Certain industries in the Philippines have specific regulations and
standards that organizations must comply with. For example, the telecommunications sector
has regulations set by the National Telecommunications Commission (NTC). Organizations
operating in healthcare, energy, or other critical infrastructure sectors may also have industry-
specific regulations that require compliance with cybersecurity frameworks and standards.

5. Cybersecurity Service Providers: The Philippines has a growing industry of cybersecurity

service providers that offer assistance with implementing frameworks and standards. These
providers can help organizations assess their cybersecurity posture, implement necessary
controls, and ensure compliance with relevant frameworks and standards.

6. Organizational Size and Capability: The size and capability of an organization play a role in
determining the extent to which they can implement cybersecurity frameworks and standards.
Large organizations with more resources may have greater capacity to adopt comprehensive

8
 frameworks like ISO 27001, while smaller organizations may opt for more streamlined
frameworks like the CIS Controls.

Organizations in the Philippines should consider these factors and tailor their approach to
cybersecurity frameworks and standards based on industry regulations, organizational needs, data
protection requirements, and available resources. It is also recommended to engage with
cybersecurity professionals and leverage their expertise to ensure effective implementation and
compliance.

C. Best Practices for Cybersecurity Compliance and Regulations

Best practices for cybersecurity compliance and regulations, both globally and in the
Philippines settings, involve several key elements:

1. Stay Informed: Stay updated with the latest cybersecurity regulations, standards, and
frameworks relevant to your industry and jurisdiction. This includes global standards such as
ISO 27001/27002, NIST CSF, and GDPR, as well as local regulations like the Data Privacy
Act in the Philippines.

2. Conduct Risk Assessments: Regularly assess your organization's cybersecurity risks and
vulnerabilities to identify areas that need improvement. This includes conducting internal and
external vulnerability assessments and penetration testing to identify potential weaknesses.

3. Develop a Cybersecurity Policy: Establish a comprehensive cybersecurity policy that sets

out clear guidelines and procedures for protecting data, systems, and networks. The policy
should cover areas such as access controls, incident response, data classification, and
employee awareness and training.

4. Follow Security Frameworks and Standards: Implement internationally recognized

cybersecurity frameworks and standards, such as ISO 27001/27002 or NIST CSF. These
frameworks provide a systematic approach to cybersecurity and help organizations establish
effective controls, manage risks, and demonstrate compliance.

5. Implement Defense-in-Depth: Adopt a multi-layered approach to cybersecurity, combining

different security controls such as firewalls, antivirus, intrusion detection and prevention
systems, encryption, and employee awareness training. This defense-in-depth strategy helps
mitigate the risk of a single point of failure.

6. Regularly Update and Patch Systems: Stay vigilant in installing security updates and
patches for all software and systems used within your organization. This helps address
vulnerabilities and reduces the risk of exploitation by cyber threats.

7. Monitor Network Activity: Implement robust network monitoring and real-time threat
detection systems to identify potential security incidents. Use security information and event

9
 management (SIEM) tools to collect, analyze, and correlate security events across the
network.

8. Incident Response Plan: Develop an incident response plan that outlines procedures for how
to respond to and recover from cybersecurity incidents. This includes clear roles and
responsibilities, communication protocols, and steps for containment, eradication, and
recovery.

9. Regular Training and Awareness: Conduct cybersecurity training and awareness programs
for all employees to educate them on the importance of cybersecurity, common threats, and
best practices. Regularly remind employees about their responsibilities in safeguarding
sensitive information and how to spot potential security threats.

10. Regular Testing and Audit: Conduct regular security assessments, penetration testing, and
audits to ensure compliance with cybersecurity frameworks and regulations. These
assessments help identify gaps, validate controls, and ensure ongoing effectiveness.
In the Philippines, organizations should also consider specific local requirements, such as
complying with the Data Privacy Act, following guidelines from regulatory bodies like the National
Privacy Commission (NPC) and the Bangko Sentral ng Pilipinas (BSP) for certain industries, and
engaging with local cybersecurity service providers for guidance and support.
Remember, cybersecurity compliance is an ongoing process, and organizations should
continuously evaluate and update their cybersecurity strategies to keep pace with evolving threats
and regulatory changes.

10