Cracking the Code – How to Measure the Real Value of Information Security Management

By Steve Martino Measuring the success and value of an information security organization is a perennial
challenge. To help address that challenge, Cisco has developed a process to
consistently capture and quantify losses from security incidents and compare them
against an established industry benchmark

Source:: Cisco Security Notice