Rosenzweig: Software industry, DHS make key contributions on cyber metrics

Paul Rosenzweig, a cyber consultant and former senior DHS official, is singling out the software industry's security framework and the Department of Homeland Security's national critical functions set as two important recent contributions toward developing useful metrics for cybersecurity.

“Because the problem of measuring cybersecurity is at the core of sound policy, law and business judgment, it is critical to get right. The absence of agreed-upon metrics to assess cybersecurity means many companies and agencies lack a comprehensive way to...