Benchmarking Cybersecurity Environments

November 2019 by KuppingerCole Analysts

How do you know if your house is safe against intruders? You could compare your security measures with those in your neighborhood. Your neighbors might have fences, cameras, or maybe even a dog to scare trespassers away. If you have evaluated the situation accurately you might find, that you are ill-equipped and should consider a security upgrade. Companies can do the same when it comes to cybersecurity and when they look at the industry’s security standard, they call it benchmarking.

In this edition of the Analysts’ View, KC Analyst Christopher Schuetze explains why it is worthwhile to do a cybersecurity benchmarking to keep your measures up to date and network safe. Also, John Tolbert looks at the lifecycle of information protection and creates a framework on how to deal with information across its use life.

Subscribe now and never miss an edition of the Analysts‘ View!


Benchmarking Cybersecurity Environments
Christopher Schuetze | Cybersecurity Practice Director and Lead Analyst

"Addressing cybersecurity within a company often occurs in response to an incident which impacts a business’ operations. A cyber incident could be a data breach or malicious disclosure of internal information to the public. Ideally a company starts thinking about cybersecurity before they are forced to act by an incident. Preparations for a cyber incident can be made through an internal or external benchmarking of the cybersecurity landscape."
Read more


We Offer Advisory Services in IAM and Cybersecurity
Read More Or Contact Us


Maturity Level Matrix for Cybersecurity
Mike Small | Senior Analyst


The Information Protection LifeCycle and Framework
John Tolbert | Lead Analyst

"The Information Protection LifeCycle (IPLC) and Framework describes the phases, methods, and controls associated with the protection of information. Though other IT and cybersecurity frameworks exist, none specifically focus on the protection of information across its use life. The IPLC documents 3 stages in the life of information and 6 categories of controls which can be applied as controls to secure information."
Read more


European Identity & Cloud Conference 2020
May 12 - 15, 2020, in Munich, Germany

If you want to define an effective cybersecurity strategy and know the limits of existing cybersecurity defenses, come to EIC 2020 and swap ideas with over 900 IT professionals and industry experts.

Book Your Prime Discount Ticket Until December 31, 2019


KuppingerCole's Research Library

Find relevant and interesting cybersecurity content in our research library KC PLUS. For only €800 you get access to all KC PLUS research for 12 months.

KuppingerCole Analysts AG, founded in 2004, is an international and independent Analyst organization headquartered in Europe. The company specializes in offering neutral advice, expertise, thought leadership and practical relevance in Information Security, Identity & Access Management (IAM), Governance (IAG), Risk Management & Compliance (GRC) as well as all areas concerning the Digital Transformation. KuppingerCole supports companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges. Maintaining a balance between immediate implementation and long-term viability is at the heart of KuppingerCole’s philosophy.

© KuppingerCole Analysts AG