The Office of Management and Budget and the National Institute of Standards and Technology have released a draft of proposed cybersecurity performance metrics for federal agencies.

“The new metrics have a strong emphasis on real-time monitoring,” writes InformationWeek’s J. Nicholas Hoover. “Critics have long faulted the government’s cybersecurity compliance efforts under the Federal Information Security Management Act (FISMA) as focusing too heavily on metrics that have little to [do] with actual operational security, like whether an agency has tested its contingency plan.”

“The new metrics will be made part of annual FISMA metrics that agencies have been reporting for years,” Hoover writes.

Click here to read the InformationWeek story.