In 2014 we saw cyberthreats and data breaches on a scale we've never experienced before. Retailers, banks, gaming networks, media and entertainment titans — all felt the hit.\nPerhaps it is no surprise, then, that the most popular CIO.com security story of the year was a look into the future at security trends that are likely to dominate the coming year, and number two was a step-by-step exploration of how the Target breach likely occurred. Security issues around mobile, cloud and the Internet of Things all piqued your interest. Here are CIO.com's most-read security stories of 2014.\n10)\u00a0How to Test the Security Savvy of Your Staff, by Kim Lindros and Ed Tittel, published Feb. 24, 2014\nHow do you know your employees retain what you teach them in company-required security awareness training? You don't \u2014 unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions.\n9)\u00a0How to Explain the Cloud to End Users, by Kim Lindros and Ed Tittel, published Aug. 27, 2014\n'Nobody understands the cloud,' says a lead character in the summer comedy 'Sex Tape.' The cloud and cloud computing have become an essential part of IT infrastructures \u2014 but could your employees use a Cloud 101 primer? Put another way: Do they really know where they're putting sensitive data?\n8)\u00a0Will Healthcare Ever Take IT Security Seriously?, by Brian Eastwood, published Feb. 26, 2014\nA recent threat intelligence study reports widespread security vulnerabilities in healthcare organizations, many of which went unnoticed for months. In December, a developer pulled unencrypted data from a 'certified' mobile health app in less than a minute. Why is it so hard for healthcare to get security right?\n7)\u00a0The Next Heartbleed: 5 Security Vulnerabilities to Watch, by John Brandon, published June 9, 2014\nBy and large, the major websites hit by Heartbleed have recovered. So have the bad guys, who are undoubtedly plotting their next move. Here, security experts offer their take on five large-scale, Heartbleed-level vulnerabilities for which CIOs should prepare.\n6)\u00a0Everything You Know About Enterprise Security Is Wrong, by Rob Enderle, published Feb. 28, 2014\nWhether you're talking about your network, your company's building or your home, a perimeter approach to security is no longer adequate. As McAfee discussed at this week's RSA Conference, you can't provide physical or electronic security simply by trying to prevent unauthorized access \u2014 you have to rethink all types of security to protect data and lives.\n5)\u00a07 Enterprise Mobile Security Best Practices, by Ed Tittel, published Feb. 13, 2014\nThere's no denying the potential for mobile devices to improve efficiencies and lower costs for workers in industries of all types. You also can't deny the potential security vulnerabilities that mobile devices present. These seven tips will help you secure your mobile environment without placing a burden on your workforce.\n4)\u00a0Cybersecurity Expert and CIO: Internet of This is 'Scary as Hell', by Al Sacco, published March 25, 2014\nJerry Irvine, Prescient Solutions CIO and member of the National Cybersecurity Partnership, spoke with CIO.com about "Internet of Things" (IoT) security, the connected home, and why consumers and enterprise should be wary of both.\n3)\u00a0Security, Payments Experts Talk Apple Pay, by Al Sacco, published Oct. 23, 2014\nThree security and payments industry experts discuss the pros and cons of Apple's new iPhone-based contactless payment system, Apple Pay.\n2)\u00a011 Steps Attackers Took to Crack Target, by Thor Olavsrud, published Sept. 2, 2014\nAorato, a specialist in Active Directory monitoring and protection, delivers a step-by-step report on how attackers used the stolen credentials of an HVAC vendor to steal the data of 70 million customers and 40 million credit cards and debit cards from the retailer.\n1) 5\u00a0Information Security Trends That Will Dominate 2015, by Thor Olavsrud, published Dec. 10, 2014\nCybercriminals are becoming more sophisticated and collaborative with every coming year. To combat the threat in 2015, information security professionals must understand these five trends.