Cybersecurity Benchmarking

Cybersecurity benchmarking is an excellent way to make improvements in cybersecurity practices.  Benchmarking is an activity that compares a business’s internal operations to another company that does those activities best.  The comparison company does not have to be in the same industry as that of the one making the comparison because activities can be the same in different industries.  It is hard for managers to obtain information on other companies activities because if a company does something well, they will do everything they can to guard that so that it does not fall into the hands of competitors.

Most often, benchmarking information is gathered from consultants, trade journals, reports, or alliances.  There are also organizations that gather benchmarking information.  This information is given to member companies of these organizations without disclosing the source of the benchmark.

Identify the cybersecurity metrics that are important to your company and then benchmark those against others in the industry to see how you are doing.  Benchmark processes against established best practices in the industry.  Consider ITIL or COBIT for some excellent best practices.



About The Author


Eric Vanderburg

Eric Vanderburg is an author, thought leader, and consultant. He serves as the Vice President of Cybersecurity at TCDI and Vice Chairman of the board at TechMin. He is best known for his insight on cybersecurity, privacy, data protection, and storage. Eric is a continual learner who has earned over 40 technology and security certifications. He has a strong desire to share technology insights with the community. Eric is the author of several books and he frequently writes articles for magazines, journals, and other publications.

Leave a Reply