Richard Bejtlich
Thanks Cynthia Brumfield for including my thoughts in your new article for CSO Online: https://www.csoonline.com/article/4136995/boards-dont-need-cyber-metrics-they-need-risk-signals.html
Boards don’t need cyber metrics — they need risk signals

Security teams have learned to measure activity. The harder task is turning those measurements into signals directors can use to govern risk.

CSO Online
Feb 25 at 3:19pmWeb