As the lead cybersecurity analyst for XYZ Corp, you are developing a report for management on the current security posture of the organization. In the context of vulnerability management, which metric would be most appropriate to include in your report to demonstrate the organization’s improvement in identifying and mitigating vulnerabilities over time?
Percentage of uptime
Time to first acknowledgement of a vulnerability
Number of patches applied
Mean time between failures (MTBF)
Mean time to remediate (MTTR)