« Economic Modeling and Security | Main | MetriCon software security metrics track »



That table worries me a bit in that it strikes me as a if-you're-not-part-of-the-solution-you're-part-of-the-problem kind of generalization. The majority of organizations do not fall into just one of the categories listed. Rather, they live in two or more of those cells/categories/columns.

The comments to this entry are closed.