For those who are following along in my ongoing quest to develop concrete cybersecurity metrics, I want to point you to a new, valuable resource. My R Street colleague, Kathryn Waldron, has spent the last several months creating an annotated partial bibliography of publicly available cybersecurity measurement methodologies. The result is "Resources for Measuring Cybersecurity," a compendium of several dozen of the most prominent publications on the methodology of cybersecurity measurement. As she puts it: "Without accurate, standardized methods to measure cybersecurity, detecting and deterring cyber threats will continue to be more art than science. This partial attempt [to create a bibliography] will shed light on some of the most pervasive and exciting work that has been and is currently being done." I commend her work to your attention.