Which indicator increases security by identifying activity patterns within IT services?

Key indicators that measure performance toward security objectives can be used to spot patterns in IT activity. A KPI is a measurable value tied to a specific security goal, so you can tailor KPIs to monitor how users, systems, and services behave over time. By tracking these metrics, you’ll notice trends and anomalies—like spikes in failed logins, unusual access to sensitive resources, or unexpected changes in service usage—which signal potential security events and trigger proactive responses. This ongoing measurement helps strengthen security by turning patterns of activity into actionable insights.

Latency focuses on delays in processing or responding, which is more about performance than security patterns. A benchmark is a reference level used for comparison, not an ongoing indicator of activity. A KRI tracks risk exposure and may highlight high-risk conditions, but KPIs are the ones routinely used to monitor and improve security-related performance and behavior through concrete metrics.