There are currently no significant market-based drivers for improving cyber security, often leaving security executives to fight internal battles to make a business case for security investments. The objective of this study is to explore the potential for creation of a common reference to characterize cyber security risk that could lead to investment drivers in the marketplace for corporations that can assure a higher level of security.
