During her first month on the job, former Secretary of State Hillary Clinton used a private email server that lacked a digital certificate that would have ensured encrypted and authenticated email communications, surmises security firm Venafi.

When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.

ID fraud reported by U.S. consumers dropped 3 percent in 2014 - the first decline since 2010, according to Javelin. But analyst Al Pascual says the decrease should have been much greater.

The CEO of Bit9 speaks from experience: His firm was hacked, sensitive data stolen and customers put at risk. And what's happened since represents his mission to fend off attackers, even as they refine their hacks.

Chris Buse, CISO for the state of Minnesota, says centralizing IT systems should make it easier to defend against cyber-attacks because there are fewer computing environments to protect.

Financial crimes, fraud and cybersecurity. These topics are quickly converging upon security organizations, and leaders must be prepared. FICO's Stuart Wells discusses the tools and skills needed for convergence.

This year could mark a turning point for the sharing of threat intelligence, but only if the government is able to build a framework that instills private-sector trust, says threat researcher Lance James.

Were DDoS attacks against major American banks in 2012 waged in retribution for U.S. government actions? A recently leaked top-secret memo prepared in 2013 for Keith Alexander, who was then NSA director, seems to confirm that's the case.

Information sharing and analysis organizations being formed under President Obama's new executive order must avoid becoming silos that only share cyberthreat intelligence "within their own walls," warns Deborah Kobza, executive director of NH-ISAC.

Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.