Editor's note: As 2013 winds down, enjoy this recap of your favorite articles among those SearchSecurity published this year. Information security in 2013 saw more than its share of twists and turns, and early indications suggest there will be more to come in 2014. What security industry storyline will you be most interested in next year? Sound off in the comments below.
News article of the year:
PCI DSS 3.0 preview highlights passwords, providers, payment data flow
We published first detailed look at the proposed changes for enterprise information security's benchmark compliance mandate. PCI DSS 3.0 goes into effect on Jan. 1, 2014, with participating organizations having a year to comply. Also see our coverage of the changes in the final version of PCI DSS 3.0.
Verizon data breach report 2013: Data shows need for risk awareness
In the 2013 Verizon Data Breach Investigations Report (DBIR), the annual data breach analysis indicates profit-driven outsiders still cause most breaches.
FBI offers lessons learned on insider threat detection
Insider threat detection is a challenge for enterprises, but at RSA Conference 2013, the CISO of the FBI Insider Threat program offered valuable lessons on why the real insider threat is not who you might think.
Expert advice of the year:
Top five free enterprise network intrusion detection tools
Snort is one of the industry's top network intrusion-detection tools, but there are plenty of free alternatives. Network security practitioner Matthew Pascucci reviews his top five free IDS tools.
McGraw's 13 principles to ensure enterprise system security
In his exclusive SearchSecurity column, leading software security expert Gary McGraw offers his 13 principles for sound enterprise system securitydesign.
Aligning business and IT security: Learning from South Carolina breach
The South Carolina breach involving its Department of Revenue proves businesses and IT security teams are often out of alignment. Learn how CISOs can align security with business goals and how to get the support needed to avoid a similar incident.
Feature/special report of the year:
Security Readers' Choice Awards 2013
Fittingly our most-viewed special report this year was based on feedback from you, our readers. We asked Information Security readers to pick the best enterprise information security products in 19 categories. More than 1,000 of you participated, revealing a mix of dominant vendor stalwarts and emerging favorites.
IT Security Trends 2013: Mobile security concerns top the list
Our 2013 priorities survey included responses from nearly 2,000 participants and showed more skepticism than ever about static signature scanning, concerns about mobile and cloud technologies, and openness to newer security technologies, but among specific, game-changing technologies, though, mobile security was a top priority globally.
SearchSecurity.com's IT security certifications guide
The 2013 update to our long-standing guide to information security industry certifications included a few new entrants but indicated that the information security certification sector is maturing, and may no longer be subject to large-scale entries or defections.