The CISO Lens Benchmark, 2018

In December 2018, CISO LENS published the ‘The CISO Lens Benchmark, 2018’ report. A summary is below:

An ongoing challenge for all organisations is to understand whether they are doing and spending enough, not enough, or too much on cyber security. Our industry is still learning how to assess the impact of cyber risk on our organisations and what a reasonable response looks like given the many moving parts of a modern digital enterprise.

In June this year, CISO Lens conducted a benchmark among 41 of the top cyber security executives in Australia.

The benchmark enabled these cyber security executives to assess how their organisations’ practices and structures compared to their peers. A few were also going through their own cyber security transformation.

This report draws on data from that exercise.

The information provided in this report should be used as a point to challenge or validate against. The aggregated data comes from organisations that have allocated significant time and resources to identifying and managing their cyber risks.

When comparing your organisation against the data in this report, the gold is in understanding why there is a variation, because the goal is an informed decision. Use the data in this report to drive deeper conversations, both internally and externally, to help you assure yourself that your organisation is on track to a pragmatic and sustainable approach to managing cyber risks.