4. Chief Technology Officer
The chief technology officer oversees the technical staff at an organization, but their role may vary from organization to organization, Wong said. Some are charged with software development activities, others work closely with the company's various partners on outsourcing, gathering data about new technologies or industry trends and oversee security assessments of products and services being considered by the company's various business units. The proper metrics include details on vendor assessments, the status of vulnerabilities and their remediation and the percentage of security vulnerabilities in software (if the discussion is about software security).