A benchmark in the context of cybersecurity is a set of best practices that organizations can use to measure and enhance their security performance.
Benchmarking is a continuous, iterative process. Generally it will look something like this:
-
Establish a baseline
-
Apply changes
-
Track improvements, comparing the performance of a change against previous data.
-
Identify additional areas of improvement
-
Repeat