An important part of understanding how we can apply cyber intelligence in our organization is by developing metrics that highlight the progress of an end-to-end process. In this chapter, we will be looking at how we can apply a risk metric across capabilities between IT security and IT operations. We will cover:

• Overview of security configuration management
• Developing a risk score