From data breaches and cyberthreats to uncertainty around mobile, cloud and the Internet of Things, these are the security stories that dominated 2014. In 2014 we saw cyberthreats and data breaches on a scale we’ve never experienced before. Retailers, banks, gaming networks, media and entertainment titans — all felt the hit. Perhaps it is no surprise, then, that the most popular CIO.com security story of the year was a look into the future at security trends that are likely to dominate the coming year, and number two was a step-by-step exploration of how the Target breach likely occurred. Security issues around mobile, cloud and the Internet of Things all piqued your interest. Here are CIO.com’s most-read security stories of 2014. 10) How to Test the Security Savvy of Your Staff, by Kim Lindros and Ed Tittel, published Feb. 24, 2014 How do you know your employees retain what you teach them in company-required security awareness training? You don’t — unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions. 9) How to Explain the Cloud to End Users, by Kim Lindros and Ed Tittel, published Aug. 27, 2014 ‘Nobody understands the cloud,’ says a lead character in the summer comedy ‘Sex Tape.’ The cloud and cloud computing have become an essential part of IT infrastructures — but could your employees use a Cloud 101 primer? Put another way: Do they really know where they’re putting sensitive data? 8) Will Healthcare Ever Take IT Security Seriously?, by Brian Eastwood, published Feb. 26, 2014 A recent threat intelligence study reports widespread security vulnerabilities in healthcare organizations, many of which went unnoticed for months. In December, a developer pulled unencrypted data from a ‘certified’ mobile health app in less than a minute. Why is it so hard for healthcare to get security right? 7) The Next Heartbleed: 5 Security Vulnerabilities to Watch, by John Brandon, published June 9, 2014 By and large, the major websites hit by Heartbleed have recovered. So have the bad guys, who are undoubtedly plotting their next move. Here, security experts offer their take on five large-scale, Heartbleed-level vulnerabilities for which CIOs should prepare. 6) Everything You Know About Enterprise Security Is Wrong, by Rob Enderle, published Feb. 28, 2014 Whether you’re talking about your network, your company’s building or your home, a perimeter approach to security is no longer adequate. As McAfee discussed at this week’s RSA Conference, you can’t provide physical or electronic security simply by trying to prevent unauthorized access — you have to rethink all types of security to protect data and lives. 5) 7 Enterprise Mobile Security Best Practices, by Ed Tittel, published Feb. 13, 2014 There’s no denying the potential for mobile devices to improve efficiencies and lower costs for workers in industries of all types. You also can’t deny the potential security vulnerabilities that mobile devices present. These seven tips will help you secure your mobile environment without placing a burden on your workforce. 4) Cybersecurity Expert and CIO: Internet of This is ‘Scary as Hell’, by Al Sacco, published March 25, 2014 Jerry Irvine, Prescient Solutions CIO and member of the National Cybersecurity Partnership, spoke with CIO.com about “Internet of Things” (IoT) security, the connected home, and why consumers and enterprise should be wary of both. 3) Security, Payments Experts Talk Apple Pay, by Al Sacco, published Oct. 23, 2014 Three security and payments industry experts discuss the pros and cons of Apple’s new iPhone-based contactless payment system, Apple Pay. 2) 11 Steps Attackers Took to Crack Target, by Thor Olavsrud, published Sept. 2, 2014 Aorato, a specialist in Active Directory monitoring and protection, delivers a step-by-step report on how attackers used the stolen credentials of an HVAC vendor to steal the data of 70 million customers and 40 million credit cards and debit cards from the retailer. 1) 5 Information Security Trends That Will Dominate 2015, by Thor Olavsrud, published Dec. 10, 2014 Cybercriminals are becoming more sophisticated and collaborative with every coming year. To combat the threat in 2015, information security professionals must understand these five trends. Related content brandpost Sponsored by Freshworks When your AI chatbots mess up AI ‘hallucinations’ present significant business risks, but new types of guardrails can keep them from doing serious damage By Paul Gillin Dec 08, 2023 4 mins Generative AI brandpost Sponsored by Dell New research: How IT leaders drive business benefits by accelerating device refresh strategies Security leaders have particular concerns that older devices are more vulnerable to increasingly sophisticated cyber attacks. By Laura McEwan Dec 08, 2023 3 mins Infrastructure Management case study Toyota transforms IT service desk with gen AI To help promote insourcing and quality control, Toyota Motor North America is leveraging generative AI for HR and IT service desk requests. By Thor Olavsrud Dec 08, 2023 7 mins Employee Experience Generative AI ICT Partners feature CSM certification: Costs, requirements, and all you need to know The Certified ScrumMaster (CSM) certification sets the standard for establishing Scrum theory, developing practical applications and rules, and leading teams and stakeholders through the development process. By Moira Alexander Dec 08, 2023 8 mins Certifications IT Skills Project Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe