You should evaluate and monitor your KPIs continually, especially as new data becomes available.
Always examine your cybersecurity metrics after a successful data breach, including any new information in your KPI reporting.
Because there is no specific timeline guiding how often you should review your cybersecurity KPIs, conduct reviews based on the needs of your organization to best ensure that your metrics are working for you.
