The Wavestone Cyber Benchmark evaluates the cybersecurity maturity of 100+ large Tier 1 companies, providing business leaders with a measure of where they stand in the market.

The Benchmark relies on industry standard NIST CSF and ISO 27001/2 regulations by providing the maturity distribution of key organizational and technological controls.


Cybersecurity spending is on the rise

The 2023 Benchmark sees improved efforts by businesses to mature their cybersecurity architectures, with a 3-point average maturity increase to 49 out of 100.

Companies are spending 5.6% of their IT budgets on cybersecurity initiatives, with less mature sectors investing more to close the gap. Cybersecurity teams are also growing, with the average cybersecurity FTE rising from 1 in 1448 employees last year to 1 in 1285.

But what threats are increased spending responding to, and where exactly are companies investing spends? Here are 5 critical trends from our 2023 Cyber Benchmark that reveal how the market is maturing cybersecurity – and help you guide your own strategy for 2023 and beyond.


Businesses are pushing back against ransomware

Companies are adapting to ransomware threats, with fewer businesses vulnerable. Only 23% are considered at critical risk of ransomware attacks – a 7-point drop from 2022.

The financial services and energy sectors lead the way with the highest maturity ratings. Most critical status instances belong to service and public sector businesses, with vast quantities of personal data open to attack.


Cyber reaction and detection capabilities are maturing rapidly

Improved tools and processes are enhancing incident response effectiveness and speed, minimizing operational impacts from cyber attacks. Specific investments include:

Detection probes. 58% have installed detection probes directly connected to their Security Information and Event Management (SIEM) platforms for rapid threat identification, analysis, and response.

Threat containment. 48% of companies have established a “Red Button” to quickly isolate compromised networks.

Standardized crisis contingencies. 43% have accelerated crisis response with formalized emergency shutdown procedures. Standard use cases are also more widely disseminated among both security teams and other stakeholders.

Indicator of Compromise (IOC) data architectures. 29% have improved IOC data capture, handling, and operational use, enhancing response times and future threat management tool development.

Behavioral analysis. 22% are monitoring routine traffic and activity with behavioral analysis probes, combating the human error factor in security breaches and enhancing threat detection speed.


Cloud security technologies are a key focal point for investment

Widespread cloud adoption and optimization have driven an increase in cloud security-related spending, raising average maturity scores to 44.5%. Maturity has progressed in the following areas:

Cloud Monitoring and Detection

62% of companies now send their cloud logs directly to their Security Operations Centers (SOCs).

Only 38% rely solely on Cloud Service Provider (CSP) threat alerts, a 4-point decrease since 2022.

11% have formalized detection procedures with specific use cases.

Cloud Administration

67% of companies have deployed layered Identity and Access Management (IAM) defenses, enforcing Multi-Factor Authentication (MFA) access for privileged accounts.

24% have established dedicated “bastion” servers as access chokepoints to oversee and manage IAM-related requests, reducing threat surfaces.

Only 9% of companies maintain login-and-password perimeter security, with no access restrictions based on cloud console location.

Cloud Compliance

70% of organizations have deployed tools to monitor their cloud compliance status regularly, an improvement of 7 points and rising.

A slow growing 11% minority have installed automated cloud compliance remediation measures, reducing time spent in breach of regulations.


Third-party security development is stagnating

Business reliance on third-party service providers continues as organizations shed non-core competencies and consolidate supply chains. Increasingly interconnected relations are creating new mutual security challenges:

Adoption of tighter security clauses in provider contracts has stagnated. 63% of companies included security clauses in third-party contracts, with no growth since last year.

Supplier audits are falling behind. Although 61% of companies have correctly inventoried their vendors, only 37% regularly audit critical suppliers.

Lackluster Disaster Recovery (DR) and Business Continuity Plan (BCP) testing. A mere 13% test their response and recovery plans with third-party partners across all critical parameters.


Industrial security is gaining ground

Process complexity and enterprise cohesion have delayed industrial security development. Heavy investment in Operational Technology (OT) and Industrial Control Systems (ICS) is accelerating maturity of basic infrastructures and architectures:

86% have deployed firewalls to untangle corporate and ICS networks, providing clearer oversight of network perimeters and processes.

71% of companies are integrating a cybersecurity organization within their industrial scope – a 20-point jump from 2022.

61% are building Demilitarized Zones (DMZs) of integrated security features, enabling advanced filtering, IAM oversight, and access controls to sensitive data, resources, and servers.


There is still room for improvement as the sector lacks other fundamental security practices. Only 58% have shifted to dedicated ICS administration tools, and just 37% inject their OT security logs into an integrated SIEM platform.


Knowing where your business fits in with the competition is critical to formulate a long-term cybersecurity strategy that matures effectively, efficiently, and in the right places. Contact Wavestone for more information about the Cyber Benchmark and how it can help you evaluate your own cybersecurity maturity.

Talk to a Wavestone expert today and find out where you stand with your own Cyber Benchmark maturity evaluation.



Our team is a blend of high-quality talent from all levels who can tackle your most complex issues with a fresh approach. With a globally connected network of 4,000 employees, Wavestone is designed to help you get results. All our consultants thrive on complex challenges, enjoy blazing new trails, and are committed to your organization’s success.

Laying the Foundations: The 4 Core Competencies of Effective Cloud Solutions Security

Sep 21, 2023

Implementing effective cloud solutions security is complex. Solution security architectures must be initially done with minimal mandated standards, then built progressively, with additional layers of security built on foundational capabilities. In this first of a 3-part series on safeguarding cloud solutions, we examine the 4 foundational capabilities of effective solutions security and best practices to implement them.

Wavestone Named to Forbes World’s Best Management Consulting Firms 2023 List

Sep 19, 2023

Forbes has once again recognized Wavestone in its annual “World’s Best Management Consulting Firms 2023” list. Read our blog for more information about the ranking and Wavestone’s award-winning business and technology consulting services.

Have a Question? Just Ask

Whether you're looking for practical advice or just plain curious, our experienced principals are here to help. Check back weekly as we publish the most interesting questions and answers right here.

Ask Wavestone