Skip to content
Contact Sales

Cybersecurity solutions for a riskier world

The largest global cybersecurity benchmarking study reveals how business and government can protect themselves in the emerging risk and threat landscape.

Download this research report to learn:
  • How your cybersecurity maturity in implementing the NIST framework compares with that of 1200 organizations.
  • How your cybersecurity maturity compares to that of risk-based cybersecurity leaders.
  • The key metrics that companies in your industry use to gauge cybersecurity program effectiveness.
  • Which metrics do companies with no or few breaches track to measure cybersecurity program effectiveness.
  • How does your cybersecurity spend (as a percentage of IT budget) compare to that of your peers.
  • The top 10 technology investments organizations with no breaches are making.
  • Cybersecurity best practices from case studies by prominent organizations.

This groundbreaking benchmarking study delves into the cybersecurity investments, practices, and performance results of 1,200 companies across 14 industries in 16 countries.  The study is sponsored by Skybox Security, ServiceNow, Elastic, Booz Allen Hamilton, Claroty, KnowBe4, Securonix, Votiro, Zenkey, and Axis Communications.

The study examines how cybersecurity leaders organize for success and which investments in people, process, and technology deliver the best results. It analyzes the cybersecurity steps they are taking to be more risk-ready, human-centric, risk-based, and digitally enabled. Crucially, it draws on reported performance data and uses correlation analysis to show which efforts yield the best outcomes.

The insights in the comprehensive study are informed by interviews with cybersecurity experts from around the world.  In particular, the report includes commentary and/or case studies from the following organizations and more: Bristol Myers Squibb, Delta Airlines, Motorola Mobility, Texas Health Resources, Southern Company, and University of Maryland Medical System.

The study utilizes NIST as the primary framework to measure the maturity of cybersecurity programs. It also looks beyond NIST to measure the maturity of organizations in taking a risk-based approach. It turns out that risk-based leaders, who implement best practices beyond the NIST framework, experience fewer breaches than others.  Risk-based leaders rate their programs as more mature in the following areas and more:

  • Attack surface visibility and context
  • Attack simulation
  • Exposure analysis
  • Risk scoring
  • Vulnerability assessments

Download this report to obtain benchmarking data that can help calibrate your cybersecurity program and inform future investments.

Get the benchmark study

Hello! It looks like you may have some browser-security settings in place that block basic web page functions, like the form that should be right here. Please change your browser settings and refresh this page; you can find our privacy and security policies here.

Thank you for your submission!