P O LY T E C H N I C U N I V E R S I T Y O F T H E P H I L I P P I N E S

WRITTEN REPORT

CYBER SECURITY

GEED 20133 LIVING IN AN IT ERA

PROF. FLORANTE ANDRES

-------

DELA CRUZ, THOR ANGELO

GONZALES, MARK ANDREW D.
LLANES, SEIGFREUD KYLE G.
RAMIREZ, MYRON

GROUP 9
BSA 2-11

2019
 P O LY T E C H N I C U N I V E R S I T Y O F T H E P H I L I P P I N E S

Cyber security is the state or process of protecting and recovering networks, devices, and

programs from any type of cyber attack.

Other definition: Cyber security refers to the body of technologies, processes, and practices

designed to protect networks, devices, programs, and data from attack, damage, or unauthorized

access. Cyber security may also be referred to as information technology security.

Brief History

In 1970’s, Robert (Bob) Thomas who was a researcher for BBN Technologies in Cambridge,

Massachusetts created the first computer worm (virus). He realized that it was possible for a

computer program to move across a network, leaving a small trail (series of signs) wherever it

went. He named the program Creeper, and designed it to travel between Tenex terminals on the

early ARPANET, printing the message “I’M THE CREEPER: CATCH ME IF YOU CAN.”

An American computer program named Ray Tomlinson, the inventor of email, was also working for

BBN Technologies at the time. He saw this idea and liked it. He tinkered (an act of attempting to

repair something) with the program and made it self-replicating “the first computer worm.” He

named the program Reaper, the first antivirus software which would found copies of The Creeper

and delete it.

After Creeper and Reaper, cyber-crimes became more powerful. As computer software and

hardware developed, security breaches also increase. With every new development came an

aspect of vulnerability, or a way for hackers to work around methods of protection.

Three major categories of cyber threats/attacks:

1. Attacks on Confidentiality – personal identifying information and your bank account or credit card

information.

2. Attacks on Integrity – personal or enterprise sabotage, often called “ leaks.”

ii
 P O LY T E C H N I C U N I V E R S I T Y O F T H E P H I L I P P I N E S
3. Attacks on Availability – to block users from accessing their own data until they pay a fee or

ransom.

Some types of cyber threats

i. Social Engineering (an example of Attack/s on Confidentiality) – the process of psychologically

manipulating people into performing actions or giving away information.

ii. APTs (Advanced Persistent Threats: an example of Attack on Integrity) – attacks in which an

unauthorized user infiltrates a network undetected and stays in the network for a long period of

time.

iii. Malware (Attack on Availability) – software that is specifically designed to gain access or

damage a computer without the knowledge of the owner.

Elements of Cyber Security

 Application Security – general practice of adding features of functionality to software to

prevent a range of different threats. These prevent a range of different threats. These

include denial of service attacks and other cyber attacks, and data breaches or data theft

situations.
 Information Security – designed to protect the confidentiality, integrity, and availability of

computer system data from those with malicious intentions. Confidentiality, integrity, and

availability are sometimes referred to as the CIA Triad of information security.

 Network Security – is an over-arching term that describes that the policies and procedures

implemented by a network administrator to avoid and keep track of unauthorized access,

exploitation, modification, or denial of the network and network resources. This means that

a well-implemented network security blocks viruses, malware, hackers, etc. from

accessing or altering secure information.

 Business Continuity Planning – a plan to help ensure that business processes can

continue during a time of emergency or disaster. Such emergencies or disasters might

iii
 P O LY T E C H N I C U N I V E R S I T Y O F T H E P H I L I P P I N E S
include a fire or any other case where business is not able to occur under normal

conditions. Businesses need to look at all such potential threats and device BCPs to

ensure continued operations should the threat becomes a reality.

A business continuity plan involves the following:
1. Analysis or organizational threats
2. A list of the primary tasks required to keep the organization operations flowing
3. Easily located management contact information
4. Explanation of where personnel should go if there is a disastrous event
5. Information on data backups and organization site backup
6. Collaboration among all faces of the organization
7. Buy-in from everyone in the organization
 Operations Security – a process that involves the identification and protection of generally

unclassified critical information or processes that can be used by a competitor or adversary

to gain real information when pieced together.

 End-User Education
 Leadership Commitment

Careers in Cyber Security

I. Chief Information Security Officer (CISO) IV. Security Analyst

II. Security Engineer

III. Security Architect

References:

https://us.norton.com/internetsecurity-malware-what-is-cybersecurity-what-you-need-to-know.html

https://digitalguardian.com/blog/what-cyber-security

https://www.javatpoint.com/history-of-cyber-security

https://www.techopedia.com/definition/13567/application-security

https://www.techopedia.com/definition/13567/application-security

https://www.techopedia.com/definition/10282/information-security-is

https://www.techopedia.com/definition/24783/network-security
iv
 P O LY T E C H N I C U N I V E R S I T Y O F T H E P H I L I P P I N E S

https://www.techopedia.com/definition/3/business-continuity-plan-bcp

https://www.techopedia.com/definition/24144/operations-security-opsec