It s becoming evident that security practitioners have to take on a metrics mentality to improve security operations, reduce risks and better advise their critical decisions. There are several steps an organization can take to ensure that they are on the right path. Collecting and storing all event data, even if you don t think you need it, is a must-haves for a security metrics initiative to have any chance of success: Collecting, analyzing, reporting, interpreting and responding to security intelligence.
Source: https://threatpost.com/10-tips-getting-started-security-metrics-081712/76924/