What We’re Reading - July 23, 2021
There is a glut of information out there regarding privacy and cybersecurity these days. Our new feature “What We’re Reading” provides a curated list of articles, blogs, newsletters, and books that you may find interesting and helpful.
- Here is something to share with your developers. There are always security weaknesses in software, as developers know. You fix one, and five more popup like whack-a-mole. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released its Common Weakness Enumeration (CWE) list of the top 25 most dangerous software weaknesses list. Required reading.
- Companies reliant on industrial control systems (ICS) connected to the Internet are as vulnerable (perhaps more vulnerable) than technology companies to ransomware attacks and other security incidents. Researchers are warning of risks posed by cloud-based ICS management systems and show how malicious actors could abuse these systems. Read more.
- The Department of Justice and the Federal Trade Commission have slapped three foreign corporations with s $3 million fine for violating the Children’s Online Privacy Protection Act. Read the press release and complaint here.
- The Washington Post reviewed features of major digital payment applications, and was unable to give high grades to any of them for privacy, saying none “earn a ringing endorsement.” (paywall)
Author
Cynthia J. Larose
Member / Chair, Privacy & Cybersecurity Practice
Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.