How good is what you are doing in Information Security? Benchmark yourself or let yourself be benchmarked. In this session, we will talk about ways to benchmark what you are doing in Information Security, based on the KuppingerCole experience from various advisories. You need to understand your strengths and weaknesses to better protect your organization. You need to identify your biggest risks to address them strategically. This is also about aligning your overall GRC strategy with what you are doing in Information Security. Prof. Dr. Sachar Paulus and Martin Kuppinger will lead into this session by showing approaches and elements of maturity benchmarking in Information Security, to discuss this with the attendees and share the panelists and attendees experience in the roundtable.