It’s that time of year again – new 2013 IT Security reports – trends, breach investigations, and more on 2012 data from Verizon, Symantec, Ponemon, Mandiant, PWC (focused on Europe) – and others have been published. In the interest of those of us with short attention spans, in this post I’ll focus on Verizon’s 2013 Data Breach Investigations Report™ (DBIR). Here are five “Quick Wins” (in SANS 20 Critical Security Controls (CSC) parlance) that CISOs/CIOs and their teams might want to take today, helping you to avoid being a participant in the 2014 IT Security reports.