Key Risk Indicator (KRI) Home Cybersecurity Dictionary Key Risk Indicator (KRI) Key risk indicator metrics articulate an organization’s level of risk and allow security and business leaders to track how the risk profile is evolving. For instance, cybersecurity operations can use metrics that analyze the threats and vulnerabilities reported by various tools. Resulting data sheds essential insight on the organization’s exposure to attack. There are dozens of useful KRIs, including: Mean Time to Detect (MTTD) Mean Time to Respond/Remediate (MTTR) Dwell Time Percentage of Critical Systems without Up-to-Date Patches IT Service Desk Utilization System Availability Percentage of Downtime Mean Time Between Failure (MTBF) Network Availability Related TermsMTTD - Mean Time to DetectMTTR - Mean Time to Respond/RemediateDwell TimeVulnerability ManagementIntegrated Risk Management (IRM)/Governance Risk and Compliance (GRC) Share: Seeking Clarity? View the Cybersecurity Dictionary for top terms searched by your peers. Back to the Dictionary RELATED INSIGHTS DOWNLOAD October 22, 2018 PCI Compliance Does Not Always Equal Security Learn how a risk-centric approach can be applied to each PCI requirement. See Details Read more about PCI Compliance Does Not Always Equal Security BLOG October 29, 2018 Leveraging Risk Strategy to Move Beyond Check-Box PCI Compliance Merchants often put compliance spending at the top of their list for budgeting purposes because the consequences of non-compliance can be expensive. F... See Details Read more about Leveraging Risk Strategy to Move Beyond Check-Box PCI Compliance DOWNLOAD July 31, 2017 PCI Services Learn how Optiv can help you plan, build and run your PCI compliance program. See Details Read more about PCI Services How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.