If you find this newsletter useful, forward it to your colleagues and business partners, and tell them to sign up! Did you miss one? Here’s an archive of past editions. Unless there’s major news between Christmas and New Year’s Day, I’ll be back Jan. 5 with the next edition of Data Sheet. Thank you for making my first five months on the job rewarding and energizing. Until then, wishing you a restful and joyful yearend break.

TRENDING

South Korea indicts Uber CEO. Lawsuits challenging a new business model are one thing. Now, the ride-sharing company's founder Travis Kalanick faces up to two years in prison (or a fine of about $18,140) for violating a local law that prohibits paid transportation with unlicensed vehicles. Wall Street Journal

Patent war reprieve? Intellectual property firm RPX just paid $900 million for 4,000 patents once owned by Nortel. The seller, Rockstar, originally paid $4.5 billion for the portfolio. Another 2,000 patents are still owned by the consortium's member companies, including Apple, Ericsson, Microsoft and Sony. Priority one for RPX: end pending litigation and forge licensing deals instead. RPX CEO John Amster's previous employer was Intellectual Ventures, the infamous patent "collector" (aka troll) founded by former Microsoft exec Nathan Myhrvold. Wired

Access denied. Big hotel companies like Marriott International think they should have the right to block personal wireless hotspots and access devices on their property. Because, of course, they would much rather have you pay ridiculous fees to use their network. Google and Microsoft think otherwise. The FCC will decide. Re/code

Salesforce's analytics hiring spree. Sure, the company recently lost the engineer responsible for its Wave analytics launch to startup Kahuna. But plenty of other talented data scientists have recently joined the company to build its expertise in big data, including four former LinkedIn bigwigs. VentureBeat

Goodwill toward men and women and boys and girls. Why would a boat towing company create a smartphone guide with navigation coordinates, weather reports, local tide information, and other tips to prevent boat emergencies? Some businesses are using so-called "benevolent apps" to build customer loyalty and brand equity. Fortune

POLICY & STRATEGY

The nature of security threats is morphing, and it's scary.

I must admit to struggling with which nuances of the Sony Pictures Entertainment network breach to cover in this newsletter since the incident first surfaced several weeks ago.

For one thing, it's very difficult to compare the scale with, say, the Home Depot retail systems breach (at 56 million credit cards, bigger than the one at Target last year). Or the JPMorgan data exposure (up to 83 million accounts). Blackmail and extortion are very different crimes than consumer fraud and identity theft.

But the Sony "data pillaging" situation—along with a recent attack at an unidentified German iron plant reported by The Wall Street Journal—are both examples of what might be an even scarier breed of emerging cybercrimes.

You've probably haven't heard as much about the latter situation, but it's relevant for any organization with manufacturing facilities or warehouses filled with equipment increasingly dependent on automation software. Although few details have been revealed about the incident in Germany, the attackers demonstrated "advanced skills" in both information security and industrial controls. Using that knowledge, they were able to confuse the plant systems so thoroughly that one of the furnaces there caused physical damage.

"I know of seven other incidents that have claimed to have had a cyber-to-physical or significant process effect and a few near misses that were caught in time," SANS Institute cybersecurity expert Michael Assante told the WSJ.

Even as I write this, South Korean officials are stepping up security measures at the country's nuclear plants because of a similar sort of attack. Given what's going on with North Korea right now (back to that Sony breach again), the government is being extra careful.

The nature of security threats is changing, subtly but surely. The United States has worried over physical and virtual attacks on the electrical grid, phone networks or other critical infrastructure for many years. Is that time coming? While I certainly don't want to be an alarmist, there have been an astounding number of high-profile security incidents in the past year. I'm not sure whether that means there have been more attacks or whether they've just been disclosed more publicly than before.

One thing is certain: companies that were sticking information security discussions at the bottom of board agendas need to reprioritize. Immediately.

"You can no longer work in isolation," Rob Sloan, head of cyberdata and content at Dow Jones Risk & Compliance, told Fortune. "You have to see that your peers, or your competitors, are having the same sort of issues and that you can learn from each other if you're willing to share."

MY FORTUNE.COM BOOKMARKS

Why does this pilot award passengers a bottle of wine after a long flight? By Dinah Eng

Can this app convince regular people to play fantasy sports? By Daniel Roberts

Movie theaters to screen 'The Interview' on Christmas Day By Tom Huddleston, Jr.

Why the dollar will spoil the 5% GDP party in 2015 By Stephen Gandel

A happy new year ahead for tech workers who want to change jobs By Anne Fisher

Private equity's gender gap isn't going to change By Dan Primack

Can you trust a smartphone breathalyzer By Jason Cipriani

FOR YOUR INNER TECHNOPHILE

10 strange-but-true innovations. Have you heard the one about the 3D printer that got hitched to a tattoo inking machine? The smartphone chip that can project holograms? The robot who hitchhiked from Nova Scotia to British Columbia? This year-end slide show is just for you. Computerworld

ONE MORE THING

Watch Santa on your Android watch! If you've got kids who still believe or just love watching the latest in 360-degree imagery, Google's official tracker is back. Bonus, you don't have to bring your computer near the Christmas tree to watch it.

MARK YOUR CALENDAR

IBM Interconnect 2015: Cloud and mobile strategy. (Feb. 22 – 26, 2015; Las Vegas)

Gartner CIO Leadership Forum: Digital business strategy. (March 1 – 3, 2015; Phoenix)

Microsoft Convergence 2015: Dynamics solutions. (March 16 – 19, 2015; Atlanta)

Gartner Business Intelligence & Analytics Summit: Crossing the divide. (March 30 – April 1, 2015; Las Vegas)

Knowledge15: Automate enterprise IT services. (April 19 – 24, 2015; Las Vegas)

RSA Conference 2015: The world talks security. (April 20 – 24, 2015; San Francisco)

MicrosoftIgnite: Enterprise tech extravaganza. (May 4 – 8, 2015; Chicago)

NetSuite SuiteWorld: Cloud ERP strategy. (May 4 – 7, 2015; San Jose, Calif.)

SAPPHIRE NOW: The SAP universe. (May 5 – 7, 2015; Orlando, Fla.)

Gartner Digital Marketing Conference 2015: Reach your destination faster. (May 5 – 7; San Diego)