A sound approach to the metrics of security enables the business to understand how security is underpinning their activity and how it is changing over time.  Communications is seen as a key capability of any CISO – a metric programme will enable this requirement.  Sound metrics will also show how the security activity measures up against the compliance requirements of the various standards and regulations that apply to a business.  HP Enterprise Security will share their framework for metrics as well as what is seen as best practice in major organizations globally.  They will show how to practically achieve a metrics programme.