Good measurements for cyber security do not have to be technical. From a defence in depth principle it is recommended to have a mix of various technical and non technical measurements. A healthy distrust in security means never trust software and hardware and take as many measurements to mitigate cyber risks to acceptable levels. | NO Complexity