Every year Symantec issues an Internet Security Threat report, which gathers data from its products, services and third party sources to paint a picture of the security landscape. What it found in 2013 wasn’t pretty – and that was before Heartbleed.

These are numbers that should have every organization concerned: The number of identities exposed through data breaches last year was astonishing. Mobile threats are increasing but users seem indifferent.

If you want to do something to improve your organization’s security, consider advice in the U.S. National Institute of Standards and Technology’s cyber security framework or its framework for critical infrastructure.