There is a glut of information out there regarding privacy and cybersecurity these days. Our new feature "What We're Reading" provides a curated list of articles, blogs, newsletters, and books that you may find interesting and helpful.

  • Here is something to share with your developers. There are always security weaknesses in software, as developers know. You fix one, and five more popup like whack-a-mole. The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has released its Common Weakness Enumeration (CWE) list of the top 25 most dangerous software weaknesses list. Required reading.
  • Companies reliant on industrial control systems (ICS) connected to the Internet are as vulnerable (perhaps more vulnerable) than technology companies to ransomware attacks and other security incidents. Researchers are warning of risks posed by cloud-based ICS management systems and show how malicious actors could abuse these systems. Read more.
  • The Department of Justice and the Federal Trade Commission have slapped three foreign corporations with s $3 million fine for violating the Children's Online Privacy Protection Act. Read the press release and complaint here.
  • The Washington Post reviewed features of major digital payment applications, and was unable to give high grades to any of them for privacy, saying none "earn a ringing endorsement." (paywall)

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.