How do you measure the unmeasurable? Security metrics sit at the intersection of cybersecurity and risk management – and measuring the wrong things can break both areas. Bring your thoughts about specific metrics, frameworks, approaches, or books, as well as your own stories of success or failure, to this interactive conversation. Brought to you by the Cybersecurity Canon Project. This session will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion and remind attendees that no comment attribution or recording of any sort should take place. This is a capacity-controlled session. If added to your schedule and your availability changes, please remove this session from your schedule to allow others to participate.