The ISF Benchmark is a strategic tool available to any organisation and is not restricted to ISF Member organisations.

At a time when organisations are being asked to demonstrate their resilience to cyber threats by government, suppliers and customers alike, the Benchmark provides that objective analysis allowing you to measure both the effectiveness and value of your security investments.

Benchmark results are available in real time – as soon as you submit your data you can view results and begin your analysis and peer comparisons. This confidential initiative allows you to compare your performance against similar anonymous organisations around the world, as well as against seven internationally recognized standards:

  • ISF Standard of Good Practice for Information Security  
  • NIST Cybersecurity Framework 
  • CIS Top 20 Critical Security Controls for Effective Cyber Defense
  • Payment Card Industry Data Security Standard (PCI DSS) version 3.1
  • ISO/IEC 27002: 2013
  • COBIT 5 for Information Security
  • ISO/IEC 27002: 2005.

The Benchmark is updated every two years to align with the latest thinking in information security and to provide organisations with improved user experiences and added value.

Executive Summary

The ISF Benchmark

Please fill out the form below to download a complimentary Executive Summary.

Please provide your details to download this document:

Please check this box to confirm that you have read and agree with our Privacy Policy and Terms Of Use

By downloading this document you agree to being contacted by the ISF.

Please enter the email address you previously registered with to access the download: