Security Metrics: A Solution in Search of a Problem

© 2008 Joel rosenblatt Computer security is one of the most complicated and challenging fields in technology today. As soon as you think you have it figured out, the “bad guys” change all of the rules and you have to start over. A security metrics program provides a major benefit: looking at the metrics on a regular basis offers early clues to changes in attack patterns or environmental factors that may require changes in security strategy. There are some key rules to observe when collecting metrics: