It would be interesting to track if user's really care about security. If you run a site which was affected by heartbleed and you sent out an email informing users to change their passwords, it would be interesting in a week, and also a month from now, how many users changed their passwords. Also, if you didn't sent out a disclosure email or were not affected, how many users change their password in this week and this month?
I'm also interested on stats for certificates being reissued - I forgot to grab my bank's cert fingerprint yesterday before they patched (and hopefully reissued).