Making decisions related to the investments that an organization must make in cybersecurity is not easy. There are many cybersecurity standards, best practices, and controls that any organization can implement; however, it is important that before making a decision they ask themselves: will this decision help the business to improve its level of maturity in cybersecurity? The PESI service seeks to support organizations in making those decisions by delivering a personalized plan that will define what the business' cybersecurity priorities should be based on their current level of maturity and industry best practices.