Cybercrime continues to evolve, offering an ever-increasing array of niche capabilities, ranging from attack techniques and infrastructure to related research and sales services, warns Trend Micro's Bharat Mistry.

To entice more women, as well as men, to enter information security professions, researcher Lysa Myers says the industry needs to kill its boring image and better communicate the full array of opportunities available and the skills that are in demand.

A game-changing impact of the Edward Snowden leaks about previously secret National Security Agency surveillance activities is the increased use of encryption, such as to protect email, says Peter Swire, a former White House chief privacy counsel.

Vendors' and software makers' over-reliance on security messages and warnings has left users habituated to them, thus rendering such alerts less effective or even worthless, warns cybersecurity expert Alan Woodward.

Because healthcare organizations are juggling so many information security, privacy and regulatory demands, hiring individuals with key professional certifications who can help optimize limited resources is critical, says security expert Steven Penn.

In addition to providing training, healthcare organizations should consider implementing technology to help prevent user mistakes that can lead to breaches of protected health information, says Geoffrey Bibby of ZixCorp.

Dick Williams, CEO of digital security firm Webroot, says the cybersecurity profession needs more than just technical experts. Learn why he says firms will seek out those who can understand the behaviors of cyber-attackers.

When security succeeds, it is often unnoticed. That success might also make security investments hard to sustain, given its low profile in organizations. Gartner's Tom Scholtz discusses articulating security's business value.

Although the 2015 Healthcare Information Security Today survey shows improving regulatory compliance is priority No. 1, CISO Cris Ewell of Seattle Children's Hospital suggests building a strong information security program should be a higher priority.

Former RSA Chairman Art Coviello has re-emerged as a partner with venture capital firm Rally Ventures. What's it like to transition from creating new security solutions to discovering and nurturing them?