In the benchmark study by AT&T Business, “The Relationship Between Security Maturity and Business
Enablement,” analysts with Enterprise Strategy Group (ESG) found that leading organizations—those
with the highest maturity levels—tended to be the furthest along in all five functions of the National
Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF): identify, protect, detect,
respond, and recover.