Cybersecurity metrics questions figure into a range of pending policy initiatives

The issue of cybersecurity metrics figured prominently in a recent Government Accountability Office report and will be addressed in a variety of other policy initiatives in the coming weeks -- in Congress and at the Federal Communications Commission, for example.

The GAO report found that only three federal departments and agencies have established metrics for assessing the cybersecurity efforts in the industry sectors under their purview.

“The Departments of Defense, Energy, and Health and Human Services established performance metrics...