Security initiatives are largely viewed as necessary organizational costs rather than true money-making endeavors. This session will utilize insider risk program scenarios to relate metric identification and development for measures of cybersecurity efficacy. Attendees will learn the value of qualitative and quantitative measures based on customer and organizational needs.