PROFESSIONAL PRACTICES

Week 9 Lectures: Information Security & Social Media Impact –

Explained
These lectures cover two crucial aspects of the digital world: Information Security Practices
(Lecture 1) and Social Media & Its Impact (Lecture 2). Below is a structured explanation of
both topics.

Lecture 1: Information Security Practices

1. Definition
Information Security (InfoSec) is the practice of protecting information from unauthorized
access, misuse, disclosure, modification, or destruction.
It applies to all forms of data, whether electronic or physical.
2. CIA Triad: Key Security Principles
The CIA Triad is a fundamental framework in information security:

Confidentiality: Ensuring that sensitive data is only accessible to authorized individuals.

Example: Student grades should only be visible to students, parents, or relevant authorities.

Integrity: Protecting data from unauthorized changes to maintain accuracy and

trustworthiness. Example: A hospital patient’s medical records must remain accurate and
unaltered.
Availability: Ensuring that data and systems are accessible when needed. Example: A bank’s
online services should always be available for customers.

3. Security Breaches & Their Impact

Security breaches can have different levels of severity:

Low Impact: Minimal damage, like temporary website downtime.

Moderate Impact: Significant but manageable issues, such as data leaks affecting company
reputation.
High Impact: Severe consequences, including financial losses or threats to human life, like
stolen banking data.

4. Key Challenges in Information Security

Complexity: Security measures require technical expertise.
Evolving Threats: Hackers constantly find new ways to attack systems.
Resource Demands: Maintaining security requires investments in tools, policies, and
personnel.
5. Information Classification
Organizations classify data to determine its protection level:

Confidential Data: Highly sensitive (e.g., personal records, business strategies).

Internal Use: General business information (e.g., corporate policies, employee contact lists).
Public Data: Non sensitive information available to everyone (e.g., company website,
marketing materials).

Lecture 2: Social Media & Its Impact

1. What is Social Media?
Social media refers to web based platforms that allow users to create and share content,
engage in discussions, and build networks. Examples include Facebook, Twitter, LinkedIn,
and YouTube.

2. Social Media Trends (Megatrends)

Social media has changed how people interact with information. Some major trends include:

End of Control: Large organizations no longer control information; individuals can publish
content freely.
Fewer Gatekeepers: Information is directly shared among users, reducing reliance on
traditional media.
Fragmentation: Instead of centralized news sources, people get updates from various
platforms (blogs, social networks, YouTube).
Interactive Communication: Unlike traditional media (TV, newspapers), social media allows
real time discussions and audience participation.

3. Business & Personal Use of Social Media

Social media benefits both businesses and individuals by:

Building Personal & Professional Brands: Helps users establish their expertise and connect
with industry professionals.
Marketing & Networking: Businesses promote their services, engage with customers, and
expand their reach.
Job Search & Talent Acquisition: Platforms like LinkedIn help professionals find job
opportunities and employers identify potential candidates.

4. Risks & Challenges of Social Media

Despite its benefits, social media poses security and ethical concerns:

Privacy Issues: Users often overlook privacy settings, exposing their personal data to cyber
threats.
Cybersecurity Threats: Social media platforms can be targeted by hackers using malware,
phishing attacks, or fake profiles.
Misinformation & Fake News: False information spreads quickly, influencing public opinion
and sometimes causing harm
.
Conclusion
Both Information Security and Social Media are critical aspects of the digital age.
Understanding InfoSec helps protect data, while responsible social media use ensures
privacy, security, and effective networking.

Week 10
Lecture 1: Software Risk
1. Definition
Software risk refers to the uncertainty in software development that may lead to project
failure, financial loss, or security threats.
2. Types of Risks
Project Risks: Affect schedule and cost.
Technical Risks: Affect software quality.
Business Risks: Threaten the software’s market viability.
3. Risk Categorization
Known Risks: Identifiable in advance.
Predictable Risks: Based on past experiences.
Unpredictable Risks: Unexpected and difficult to foresee.
4. Risk Management Process
Risk Identification: Assess potential risks to software and business.
Risk Control: Implement measures to mitigate threats.
Risk Prioritization: Focus on high impact risks.

LECTURE 2 : Risk Management

Risk management in information security identifies, assesses, and mitigates threats to
assets. This process involves identifying vulnerabilities, evaluating risks, and implementing
controls to minimize potential damage. Effective risk management ensures data integrity,
confidentiality, and availability.

Key Points
Risk Management – Process of identifying, analyzing, and mitigating security threats.
Risk Identification – Identifies assets, threats, and vulnerabilities.
Risk Assessment – Evaluates risks based on likelihood, impact, and existing controls.
Documenting Risk Assessment – Records vulnerabilities, threats, and controls for decision
making.
Conclusion
Risk management protects an organization’s information by identifying vulnerabilities,
assessing risks, and implementing controls. A structured approach minimizes threats and
ensures data security, safeguarding assets from potential cyber threats and operational
risks.
WEEK 11 health and safety at work

LECTURE 1
Introduction
Health and Safety at Work ensures employees' well being, preventing workplace accidents
and promoting productivity. Occupational Health and Safety (OHS) laws protect workers'
rights by enforcing regulations for safe working conditions, reducing risks, and improving
overall workplace efficiency.

Key Points
The Problem
Workplace safety gets attention only after major disasters.
Despite a decline in fatal accidents, many workers still suffer injuries or death.
Background
Industrial Revolution led to rapid production and poor working conditions.
Occupational Health and Safety (OHS) emerged to protect employees from hazards.
Benefits of Workplace Safety
 Fewer accidents and injuries.
 Increased productivity and efficiency.
 Motivated and focused workforce.
 Economic growth through a healthy workforce.
 Occupational Health and Safety (OHS) in Pakistan
 No single comprehensive law; multiple regulations govern OHS.
 Key laws include Factories Act 1934, Mines Act 1923, and Dock Laborers Act 1934.
 Provincial rules (Punjab, Sindh, KPK) supplement national laws.
 Employer and Government Role
 Employers ensure safe work environments and provide training.
 Government appoints inspectors to enforce laws.
Discussion and Summary
Health and safety regulations protect workers from hazards, ensuring a safe workplace. In
Pakistan, various laws govern OHS, with employers and the government playing crucial
roles. Proper implementation and training enhance workplace safety, productivity, and
employee well being.

Lecture 2: Computer Misuse & Criminal Law

Introduction
Computer misuse refers to illegal activities involving computers and networks, including
hacking, fraud, identity theft, and malware attacks. With increasing digital reliance,
cybercrime is growing, posing security risks to individuals, businesses, and governments.
Laws and preventive measures aim to combat these threats.
Key Points

1. Types of Computer Misuse

Hacking – Unauthorized access to systems.
Fraud – Deceiving users for financial gain.
Identity Theft – Stealing personal data.
Scamming – Fake services or offers.
Viruses & Malware – Infecting systems.
Ransomware – Encrypting files for ransom.
DDoS Attacks – Disrupting services.
Phishing – Fake emails for credentials.
Malvertising – Ads containing malware.
Cyberstalking – Online harassment.
Software Piracy – Unauthorized duplication.

2. Prevention Methods
Regular software updates.
Using firewalls and antivirus software.
Strong, unique passwords.
Avoiding suspicious emails and websites.
Secure online shopping practices.

3. Legal Framework
Computer Misuse Act 1990 (UK)
Criminalizes unauthorized access.
Punishments include fines and imprisonment.

4. Real World Cases

WannaCry Ransomware (2017) – Affected NHS and global systems.
Bank Cyber Heist (2015) – $650M stolen from global banks.
Yahoo Data Breach (2013) – 1 billion accounts hacked.

Conclusion
Computer misuse is a growing global concern, requiring strong legal frameworks,
cybersecurity measures, and awareness to prevent cyber threats. Staying vigilant and
following security best practices is crucial in minimizing risks.
WEEK 12
LECTURE 1 : HACKING

Introduction
Hacking is the act of gaining unauthorized access to computer systems or modifying their
features. It can be ethical (security testing) or unethical (data theft, malware attacks).
Hackers exploit system vulnerabilities, using various techniques to achieve their goals.

Key Points

1. Types of Hacking
Website Hacking – Gaining control over websites.
Network Hacking – Exploiting network vulnerabilities.
Password Hacking – Cracking login credentials.
Software Hacking – Modifying software functionalities.
Email Hacking – Unauthorized access to email accounts.
Computer Hacking – Altering or stealing files.
Ethical Hacking – Finding and fixing security flaws.

2. Prevention Measures
Strong passwords and two factor authentication.
Regular software updates and firewalls.
Secure networks and cautious email handling.

3. Ethical Hacking (imp)

White Hat Hackers – Authorized security testers.
Penetration Testing – Simulated cyber attacks.
Certified Ethical Hackers (CEH) – Professionals improving cybersecurity.

4. Real World Impact

Cyberattacks on banks, corporations, and government institutions.
Data breaches affecting millions of users worldwide.

Conclusion
Hacking poses significant security risks but also serves ethical purposes in improving
cybersecurity. Awareness, preventive measures, and ethical hacking are essential in
mitigating cyber threats.
LECTURE 2
Introduction to Cyber Laws

Cyber laws regulate legal aspects of digital activities, including online fraud, privacy, and
intellectual property. They address cybercrimes such as hacking, identity theft, and cyber
terrorism, ensuring security in cyberspace.

Key Points

1. Definition

Laws governing the use of digital platforms and online activities.

2. Cyber Crimes

Fraud, identity theft, and privacy violations.

Hacking and unauthorized data access.

3. Global Cyber Laws

USA, UK, Australia – Electronic Transactions Act.

India – Information Technology Act.

Pakistan – ETO 2002, Cyber Crime Bill 2007.

4. Cyber Laws in Pakistan

Electronic Transactions Ordinance (ETO) 2002: Recognizes digital documents, signatures,

and online transactions.

Cyber Crime Bill 2007: Covers cyber terrorism, fraud, forgery, spamming, stalking, and data
damage.

5. Punishments

Cyber terrorism: Life imprisonment or death.

Electronic fraud: 7 years + fine.

Spamming: 6 months + fine.
Conclusion

Cyber laws protect digital users by addressing crimes and ensuring legal recognition of
electronic transactions, fostering secure online environments.

WEEK 13

Introduction to Cybercrime Framework

A cybercrime legal framework provides law enforcement with tools to prevent, investigate,
and prosecute cybercrimes while balancing privacy and security. It regulates electronic
surveillance, data collection, and digital evidence to ensure justice and protect digital rights.

Key Points

1. Privacy vs. Public Safety

Protects privacy rights while addressing cyber threats.

2. Law Enforcement Limits

Investigative authority must follow legal boundaries.

3. Intercepting Communications

Real-time monitoring with legal oversight.

4. Data Collection

Tracking non-content and stored data for investigations.

5. Legal Process & Compliance

Judicial review and penalties for misuse.

Conclusion

A structured legal framework ensures effective cybercrime prosecution while maintaining

privacy, security, and lawful enforcement practices.
LECTURE 2
Introduction
This document outlines essential finance and accounting principles for
software engineers, emphasizing the importance of sound financial
management, capital needs, funding sources, budgeting, sales, costing, pricing,
annual statements, capital maintenance, and auditing practices.

Key Points

Need for Capital: Essential for starting ventures.

Sources of Funds: Grants, loans, equity.
Budgeting: Financial planning and monitoring.
Sales and Order Intake: Measure of production and revenue.
Costing: Determining production costs.
Pricing: Setting product/service value.
Annual Statements: Required financial reports.
Capital Maintenance: Ensuring company solvency.
Auditing: Verifying financial accuracy.

Conclusion
Effective finance and accounting practices are crucial for the success of
software engineers and their ventures, ensuring sustainable growth and
compliance with regulations.

THANKS US ON EASYPAISA 😊