Windows XP vulnerabilities may be stored up until after end of support on April 8, 2014; Department of Energy hacked for a second time in 2013; using metasploit and exploitDB to prioritize vulnerability patching; and a number of discussions on Lavabit.
Windows XP vulnerabilities may be stored up: http://www.infoworld.com/d/microsoft-windows/xps-retirement-will-be-hacker-heaven-224796?page=0,1
Department of Energy hacked for second time this year; they are out front on the effort to protect critical infrastructure: http://www.theverge.com/2013/8/16/4628284/department-of-energy-hackers-steal-personal-data-from-14000-employees
Prioritizing vulnerabilities http://blog.risk.io/2013/08/stop-fixing-all-the-things-bsideslv/
Here is the link to the Society for Information Risk Analysts I mentioned: https://www.societyinforisk.org/ – the mailing list is here: http://lists.societyinforisk.org/mailman/listinfo/sira