The ISF Benchmark is a strategic tool available to ISF Member organisations.

At a time when organisations are being asked to demonstrate their resilience to cyber threats by government, suppliers and customers alike, the Benchmark provides that objective analysis allowing you to measure both the effectiveness and value of your security investments.

Benchmark results are available in real time – as soon as you submit your data you can view results and begin your analysis and peer comparisons. This confidential initiative allows you to compare your performance against similar anonymous organisations around the world, as well as against six internationally recognized standards:

  • ISF Standard of Good Practice for Information Security  
  • NIST Cybersecurity Framework 
  • CIS Top 20 Critical Security Controls for Effective Cyber Defense
  • Payment Card Industry Data Security Standard (PCI DSS) version 3.1
  • ISO/IEC 27002: 2013
  • COBIT 5 for Information Security.

The Benchmark is updated every two years to align with the latest thinking in information security and to provide organisations with improved user experiences and added value.

Executive Summary

The ISF Benchmark

Please fill out the form below to download a complimentary Executive Summary.