1
Ask HN: How to quantify the impact improving your security has on your company?
I've been tasked with improving the security of a medium-sized digital company.
I know of a few great resources (mainly provided by OWASP), but I'm having a hard time coming across any thing that has effectively captured the monetary effect improving the security has/will have on the company.
I'm sure many people have ran across this problem before, are there any good reading suggestions for papers or the like out there?