Today, security cannot be measured objectively. It is an art, rather than a science. This burdens decision makers who cannot answer questions relating to “how much better” in any cross-comparative way. This BOF session will discuss whether this circumstance can, or should, be changed and if so, how we can realistically measure cybersecurity improvements in a repeatable, objective way. Attendance is strictly limited to allow for a small group experience.