Determining metrics that enable measuring cyber risks has been difficult. There have been many approaches: outside-in, compliance-based, NIST-based, and enterprise-wide risk computation are some of the examples. What we discuss here is cyber insurance based metrics. These metrics are a good measure of assessing cyber risks because these indicate what someone is willing to pay. Following […]