Roadmap under measure?

[edgeroute]

Does it make sense to add a roadmap item under measure? Encouraging champion program leaders to have a vision and roadmap for where they want to go over the next number of years.

[iman4000]

I believe having a roadmap is essential for security champions, providing clarity for both the champions and the security experts supporting them along the way. However, it would be even more engaging to incorporate gamification elements. For instance, introducing a scoreboard or other gamification elements specifically designed for secure coding and threat modeling, but with a different approach from traditional Capture The Flag (CTF) challenges. This approach would enhance the experience and make it more enjoyable for the security champions.

[security-prince]

I agree with @iman4000 , having a vision roadmap would really be helpful, especially for getting the buy-in from the leadership to help them understand what this program will benefit us with for instance we say using the security champions program we will reduce the communication gap resulting in less number of vulnerabilities being introduced by developers, but no one really talks about a communication gap will help us achieving less number of exposures and then how do we measure this progress?