Year end is a time for reflection.Based on my history in this space, plus the fact that my day job of running CSC's Global Cybersecurity Consulting business lets me talk to and help hundreds of executives around the world, I wanted to offer my perspective on how 2014 turned out and my thoughts on what to watch for in 2015. Before starting my 2015 predictions, let\u2019s review how I did last year:1. Planning Goes Mainstream2014 was the year that retailers learned that a good response to an incident is as critical a skill as the ability to stop an attack. Organizations spent hundreds of millions of real dollars in 2014 responding to incidents, and they are learning from that experience that an ounce of prevention is worth hundreds of millions of pounds of cure.2. Big Data and Security Meet at the SIEMWhile not mainstream in 2014, many leading companies are moving beyond security information and event management (SIEM) services and using big data techniques to predict what will happen so they will have time to prevent incidents. Based on this strong start, look for far greater adoption of predictive big data in 2015.3. Threats Keep EvolvingAs 2014 saw the release of highly evolved threats, we can agree this came true. In many cases, criminals launched these threats \u2014 which used to live only in the systems of governments and defense companies \u2014 against retail, entertainment, finance, healthcare and more.4. Your Security Scope ExpandsThis 2014 warning that your supply chains are fast becoming threat-entry points was proven time and time again, evidenced by high profile attacks against retail and energy using \u201ctrusted\u201d suppliers as their entry points. Continuous monitoring for advanced threats and behavior-based security event analysis engines are two measures that can help prevent supply chain vulnerabilities.5. Pass\u00e9 PasswordsDisappointingly, 2014 saw us remain tethered to passwords that don\u2019t work. We learned that sony123 is not a great password choice and, in fact, passwords themselves are no longer the answer. Federated identity ecosystems are here and will be more widely adopted in 2015.6. Keys Are the Key to the CloudMany more organizations adopted the cloud in 2014 \u2014 the ability to own their own keys helped prompt this widespread adoption. Companies also introduced much great new technology to maintain keys and control while leveraging the cloud in 2014; this new technology should drive dramatic enterprise cloud adoption in 2015.7. Smartphones Get Dumb AgainAs with passwords, it\u2019s a shame that more smartphone manufacturers didn\u2019t leverage the virtual machine style of access on their phones. Thus, it\u2019s no surprise that much sensitive material was left in the backseats of cabs and floating in Starbucks.8. Transnational Crime Becomes More Concerning Than Governments Money was still the top motivator for cyberattacks in 2014, and the organizations behind organized crime became more technologically coordinated, advanced and ruthless.9. Shhhhhh! \u2014 Securing Your VoiceSeveral new secure mobile phones, secure VoIP and add-on security, especially for international journalists, rolled out in 2014 as people realized that many governments and criminals eavesdrop. 2014\u2019s new crop of offerings should continue to grow in 2015.10. Quit It!Managed security continued its double digit growth in 2014, fueled by companies\u2019 desires to turn much of their security operations over to trusted security pros who can keep up with the tech and threat evolutions.\u00a0Lagniappe: Secure the Robots!2014 had both high- and low-profile attacks against industrial control and SCADA systems, and it continues to be a head-to-head battle where the atom meets the bit.Of my 2014 predictions, 82 percent bore out over the year. Let\u2019s see what you think of my 2015 prognostications.\u00a0Cloud-independent security becomes a linchpin offering, where vendors will own the linkage between your enterprise and any brand of cloud.Sandboxing goes mainstream. We finally acknowledge that employees surf, and we\u2019ll build them a safe place to do it.Cyber insurance has a break-out year. While still not perfect, demand overwhelms usefulness.Cyber-\u201csilver bullets\u201d bite the dust. Companies learn to stop claiming their products deliver impossible results, and customers stop believing them.A new global, super cybercompany (or two) will emerge. Many of the historic brands are about to get fresh competition. It\u2019s time.CSOs will be promoted to chief trust officers. Security is a business issue now, not just an IT issue, and companies will see that trust is the new security.Risk qualifications will become decision criteria for boards of directors. Security works best from the top down (see above).Criminals will breach home and auto control systems, and security firms will secure ecosystems. Adversaries have just been waiting for wider deployment, which will happen in 2015.Critical infrastructure will show its vulnerabilities at a dangerous level. There are too many fingers close to too many kill switches right now; someone is going to find a reason to press one.The public will launch a backlash against companies, apps and sites that overreach with our personal information. A year\u2019s worth of credit monitoring is not enough, and class action attorneys will figure that out.Lagniappe: The blockchain will transcend payments and move into all trust areas. 2015 is a good time to learn how it will change all of your business transactions in the near future.\u201cYour task is not to foresee the future, but to enable it,\u201d said Antoine de Saint Exup\u00e9ry. 2015 will be another exciting year. Let\u2019s get to work!