Industry Comparison
The Industry Comparison Dashboard in CYRISMA provides insights into an organization’s risk scores relative to others in the same industry. Users can set the industry type for their instance, which CYRISMA then uses to benchmark their scores against comparable organizations. This dashboard enables users to understand their position on various risk metrics and to take action where needed.
Written by Noah Garland
Updated at November 27th, 2024
- User Manual
- Self Onboarding Guide
- Agents
- The Cyber Risk Assessment Process
- PSA Integrations
- General Questions and Troubleshooting
- The Cyber Risk Assessment Process (Video Tutorials)
- Sales and Prospecting Articles
- CYRISMA Partner Portal Access
- Glossary
- API Documents
- CYRISMA Change Log
- Support Ticket SLA
- Billing Questions
Table of Contents
Key Components of the Industry Comparison Dashboard
Overall Risk Score
- This score reflects the instance's overall cybersecurity risk level. It’s compared against the industry average to show how well the organization is managing risk relative to its peers.
Individual Risk Scores by Category
- The following categories each display an individual risk score:
- Data Sensitivity Score: Measures the level of data sensitivity management.
- Vulnerability Score: Shows the instance’s vulnerability management score based on vulnerabilities across all endpoints.
- Secure Baseline Score: Indicates the alignment with security benchmarks (e.g., CIS).
- Compliance Score: Reflects the organization’s adherence to regulatory and policy compliance.
Vulnerability Count
- This section displays the total count of vulnerabilities across the instance’s endpoints, categorized by severity (Critical, High, Medium, Low). It shows both the organization’s count and the industry average for comparison, providing a clear view of vulnerability management effectiveness.
Vulnerability Age
- This metric reveals the average age of vulnerabilities (in days) for the instance’s Common Vulnerabilities and Exposures (CVE), compared to the industry-wide average. It helps in assessing how quickly vulnerabilities are being addressed.
vCISO Action Plans:
Each score category (Data Sensitivity, Vulnerability, Secure Baseline, Compliance) includes a button that, when clicked, opens a modal with an action plan specific to that category. These action plans offer a tactical approach to improving each score area and are designed to be straightforward, even for those new to cybersecurity.
Modal Descriptions:
Data Sensitivity
- Provides a strategic plan for data classification based on sensitivity levels. It guides users through a step-by-step approach to manage data more securely and effectively.
Vulnerability
- Outlines a risk-based approach to vulnerability management using CYRISMA’s platform. It recommends prioritizing vulnerabilities by risk and includes a pass mark to gauge success.
Secure Baseline
- Details a plan based on CIS Benchmarks for establishing a secure baseline. It provides foundational steps to meet security benchmarks in line with industry standards.
Compliance
- Focuses on Governance, Risk Management, Compliance (GRC), Active Directory (AD) Monitoring, Industry Comparison, and Microsoft Secure Score. This plan supports organizations in meeting regulatory and policy requirements.
Conclusion
The Industry Comparison Dashboard in CYRISMA offers a comprehensive view of an organization’s security posture relative to its industry peers. By utilizing the action plans in each category, organizations can make targeted improvements to maintain and elevate their risk management and compliance standards. This dashboard serves as an essential tool for benchmarking performance and identifying key areas for cybersecurity enhancement.