Metrics to measure response and recovery methods for severe cyber security incidents (that could lead to “black out” events for Critical Infrastructure and Key Resources) need traceable integration within incident management systems and should be offered as a solution as part of the Executive Order 13636 Cybersecurity Framework.