- Why Measure Information Security?

Given that so many organizations evidently cope without much in the way of information security metrics, it seems reasonable to explore the reasons why we believe measuring information security is worthwhile although not absolutely essential.