What are the lifecycle of security metrics?

Metrics are tools designed to support decision making and recover performance and accountability during collection, analysis, and documenting of pertinent performance-related data. The point of computing performance is to observe the condition of considered activities and facilitate improvement in those activities by using counteractive actions, based on observed dimensions.

While a case can be made for using multiple terms for more comprehensive and aggregated items, such as metrics and measures, this document creates these terms correspondently.

Some other IT process, security can follow a lifecycle model. The model presented follows the fundamental steps of IDENTIFY-ASSESS-PROTECT-MONITOR. This lifecycle provides a best foundation for some security issues. Using this lifecycle model provides us with a guide to provide that security is continually being enhanced. A security program is not a static assessment or a completed product. Rather it needed fixed attention and continual enhancement.

Security policy and standards are the foundation to some element of a security plan. These are specifically important in both the assessment and protection procedure of the lifecycle. The assessment procedure will use the standards and policy as the core of conducting the assessment. Resources will be computed against the security policy. During the protection procedure, resources will be set up to meet policy and standards. Now, let us take a view at each phase of the lifecycle and check what is contained.

Identify − The first step in some security program is to understand what it is that it is trying to protect. The identification procedure needs to begin at the high level and drill down.

Assess − The assessment procedure of the Security Lifecycle constructs on the identification procedure. Because the assets have been recognized, the next step is to implement a thorough security assessment. The assessment procedure can encompass some multiple aspects from reviewing processes and procedures to vulnerability scanning.

The goals of the assessment procedure is to test resources at all levels (servers, routers, firewalls, applications etc.) not only to discover vulnerabilities, but to also gather more information about each resource. The high level view of resources that was produced in the identification procedure is refined with more details.

Protect − Because it is mapped out the network and systems and identified some vulnerabilities, it is required to bring the systems in-line with corporate security policy and standards. The focus of this procedure is to configure and upgrade each system and network component, therefore that its security is strengthened and observe with corporate policy.

Monitor − The final phase of the security lifecycle is to monitor the security that it is created. Because it is strengthened the security of servers, firewalls and routers, it required to provide that those changes remain in place. Moreover, it is required to monitor the compliance of new systems that are introduced into the enterprise.