The reason to develop operational metrics is to underpin resource allocation discussions. Preventative measures do not yet have solid metrics. We need to change our measures for meaningful conversations around resource allocation. This post introduces the Cost of Operational Impact Metrics (COIM).
On Preventative Operational Impact Metrics 1
The disconnect between cyber and business is nearly religious - articles of faith for seekers of proof. Whether at a systemic or at an organisational scale, there is much to cyber business metrics. This is first of several posts on the topic.