Security leaders often report on cybersecurity metrics that are largely qualitative, focusing on discrete technical aspects or delivering data points with no context, leaving the C-suite and board at a disadvantage.
The measurement of cybersecurity and how it is communicated to the executive team is ready for change.