FireEye has just appointed a privacy officer and handed him a big mission: Launch a new global privacy program. What is Shane McGee's strategy for this new role, and what will be his top challenges?

To help defend their organizations, security professionals should devote more attention to attack vectors rather than specific threats, says Stephen Pao of Barracuda Networks.

A common framework for communicating threats and alerts among security vendors' systems would bolster efforts to protect consumers' information, says David Duncan of Webroot.

Despite recent high-profile breaches, organizations are not buying cyber-insurance policies at explosive rates. But Gartner's cyber-insurance expert Juergen Weiss says that might not be a bad thing.

Using big data to fight fraud is a challenge for most organizations. Andreas Baumhof of ThreatMetrix explains how context-based authentication combines fraud and security to leverage the use of big data.

Not all malware strains pose equal threats to an organization. So, how does one distinguish the most dangerous forms? Through layered security controls, says Julian Waits, CEO of ThreatTrack Security.

IT and security groups may know the same technical terms, but they don't always speak the same language. Don Gray of Solutionary discusses how security leaders can help bridge the communications gap.

Security is built into most applications developed today. But how does one go back and secure legacy apps in one's environment? Kunal Anand of Prevoty shares insight on this often-overlooked challenge.

Tim Pawlenty, CEO of the Financial Services Roundtable, says the only way to ensure adequate cyberthreat information sharing is through federal legislation that would furnish liability protection and other incentives.

Does BYOD really stand for Bring Your Own Disaster? JD Sherry of Trend Micro discusses the latest mobile security trends and threats, including the evolution of ransomware and the Internet of Things.