At the global level, Accenture research found that, on average, the typical organization reported it was competent or highly competent in only 11 of the 33 cybersecurity capabilities, suggesting significant room for improvement across the board. Only 9 percent managed to achieve competence in more than 25 of the 33 capabilities. Industry-level performance includes a high level of variation. Communications, Banking and High Technology respondents performed with higher levels of competence in 14 to 15 cybersecurity capabilities, compared with Life Sciences companies, which typically exhibited competence in only six capabilities. The country level also exhibits significant variation in performance. United Kingdom tops the list along with France, with higher levels of competence in 15 out of 33 cybersecurity capabilities. In contrast, Spain is at the bottom of the list, with competence in only seven out of 33 capabilities. The United States has higher levels of competence in 12 out of 33 capabilities.