To protect their privacy, organizations should get their IT security staffs involved in vendor-requested audits conducted to verify software licensing agreement compliance, says Gartner Research Director Victoria Barber.

To help defend their organizations, security professionals should devote more attention to attack vectors rather than specific threats, says Stephen Pao of Barracuda Networks.

A common framework for communicating threats and alerts among security vendors' systems would bolster efforts to protect consumers' information, says David Duncan of Webroot.

Despite recent high-profile breaches, organizations are not buying cyber-insurance policies at explosive rates. But Gartner's cyber-insurance expert Juergen Weiss says that might not be a bad thing.

Using big data to fight fraud is a challenge for most organizations. Andreas Baumhof of ThreatMetrix explains how context-based authentication combines fraud and security to leverage the use of big data.

Not all malware strains pose equal threats to an organization. So, how does one distinguish the most dangerous forms? Through layered security controls, says Julian Waits, CEO of ThreatTrack Security.

IT and security groups may know the same technical terms, but they don't always speak the same language. Don Gray of Solutionary discusses how security leaders can help bridge the communications gap.

Security is built into most applications developed today. But how does one go back and secure legacy apps in one's environment? Kunal Anand of Prevoty shares insight on this often-overlooked challenge.

Does BYOD really stand for Bring Your Own Disaster? JD Sherry of Trend Micro discusses the latest mobile security trends and threats, including the evolution of ransomware and the Internet of Things.

Following Target and other high-profile breaches, CEOs and boards have three key questions for security leaders. Coalfire's Rick Dakin reveals those questions - and how CISOs must be ready to respond.