Policy Studies Cybersecurity

2020 Resources for Measuring Cybersecurity


Last year, the R Street Institute published a bibliography of cybersecurity resources. This bibliography was part of a broader initiative to build a consensus around publicly agreed upon metrics to assess cybersecurity. As part of this initiative, our team met with various academics and industry stakeholders to discuss measurements and found that very little consensus existed around best practices, let alone whether it was possible to develop widely used metrics. The best practices that did exist—along with other innovative attempts to create cybersecurity metrics—were compiled and published by our team. As we are policy specialists and not information technology (IT) professionals, our goal in releasing the bibliography was not to exhaustively list every company or academic paper ever created, but to provide a survey of the different types of models and methodologies in use.

Our intention is to make the bibliography an annually updated, living document that evolves over time, as new research is published and as we develop a greater understanding of the field. Below you will find this year’s additions to this compendium. We hope the resources listed below provide either further illumination to the methods previously described or introduce new initiatives worthy of consideration.

Read the full “2020 Resources for Measuring Cybersecurity,” here.

Image credit: deepadesigns

Featured Publications