Skip to main content

Netskope Help

Industry Benchmarks Dashboard

The Industry Benchmarks Dashboard provides a comparative analysis of Netskope operational metrics between a customer’s environment against other customers, or by industry peers. This dashboard delivers the following:

  • Provides an overview of the organization’s exposure to risk

  • Assesses the security posture of the organization as compared to similar-sized industry peers

  • Identifies security gaps for evidence-based decision making around strategy and resource allocation

  • Tracks the score progress over time

Important

This dashboard is view only; copying, editing, and drilldowns are not enabled.

CALCULATING THE SCORE

The Overall Score is the average score of all risk areas (weighted equally). This score is computed daily and a comparison with the previous 7 day’s score is also provided. The industry of the organization is assigned based on information collected during onboarding. The organization size is determined by the number of active unique users observed in events collected by Netskope endpoint and log data.

The score, for all risk areas, is reported in the following manner; additional details are provided in the individual sections.

  1. Your Risk Score: Percentile of a 7 day rolling average of a calculated raw percentage within the same industry and organizations of same size (i.e. count of malware MD5 hash divided by total number of events for Threat Activities)

  2. Industry Peers Risk Score: Percentile of the average of a calculated percentage for all organizations in the current industry

  3. Average Risk Score Across Cloud: Average of computed score from all industries

AA_calc_score.jpg

THREAT ACTIVITIES

Threat Activities computes a risk score based on malware and malsites. This section’s score takes an average of the following:

  • Malware - Total number of malware files detected divided by the total number of events

  • Malsite - Total number of malicious sites blocked divided by total number of web events

AA_threat_activities.jpg

APPLICATION RISK

Application Risk computes a risk score based on unmanaged risky applications. his section's score is calculated based on the total number of non enterprise-ready applications (applications with ‘medium’, ‘low’, or ‘poor’ CCL) divided by the total number of applications in use.

Tip

This score excludes any application tagged as ‘Sanctioned’; continue to review and tag applications to improve the score.

AA_app_risk.jpg

A breakdown of applications by CCL, as well as custom tags provides additional insight to app usage. This table is based on aggregate data for the past week. The overall total number of applications and unsanctioned risky applications are the main contributors to the risk score.

The second table breaks down the count of applications in use that are missing key attributes. To learn more about the Cloud Confidence Index and Cloud Confidence Level is assigned, see Cloud Confidence Index.

USER RISK

User risk computes a risk score based on behavioral analytics policy violations. This section's score is calculated from the total number of users with UEBA policy violations. The chart also provides a detailed breakdown of the individual policies.

Please note that UEBA policies come with predefined parameters; additional criteria can be specified to provide a more accurate reading. To learn more about how to fine tune these policies based on the recommended settings, see Rule-Based Policies and ML Based Policies.

AA_user_risk.jpg

IMPROVING YOUR SCORE

The following are recommendations to improve your score:

  • Identify users tied to risky activities and implement coaching policies to alter behavior

  • Facilitate security awareness training for repeating offenders; facilitate a ‘risk intelligent culture’ and raise security awareness

  • Leverage dashboards from the Netskope Library to gain visibility; monitor risky user behavior and data movements to unsanctioned shadow IT applications.