Better Metrics Can Show How Cybersecurity Drives Business Success
The truth is that in today’s hyperconnected world, maturity-based cybersecurity programs are no longer adequate for combatting cyberrisks. A more strategic, risk-based approach is imperative for effective and efficient risk management (Exhibit 2).
Jim Boehm • The Risk-Based Approach to Cybersecurity
To improve decision making at this level, the metrics provided by the security team must be risk based and framed in a way that aligns with business drivers.