Security Metrics – Part 2
In my last blog post I claimed that I have not seen a good security metrics system working so far and asked whether it is a failure. On different channels I got some reactions, which I would like to share here. One claim is that – as risk management is at the heart of security…