Insights - Benchmark - Whalemate Docs | Productlane

Docs / Insights

Insights - Benchmark

Comparative view of the organization's security awareness performance against the industry average, with clear status indicators and actionable gaps per metric.

What is it for?

Shows whether the organization is above or below the industry average on key security metrics
Highlights which indicators need improvement and which ones the organization already excels at
Provides comparative context to justify investment decisions in awareness programs

When to use it?

After a campaign cycle — to evaluate whether the actions taken improved metrics relative to the average
When defining priorities for the next period — to decide which metrics to focus efforts on

How to use it?

Navigation: Insights → Benchmark

View the benchmark summary
On load, the Benchmark summary is shown with all metrics compared against the industry. Each metric appears first as a collapsed row with its name and a status badge. Clicking it expands to show the full detail.
Select the time period Use the period selector to choose the time range you want to analyze. Available options are:
- 3 months
- 6 months
- 1 year
- Full history
When you change the period, both the organization's own KPIs and the benchmark values update for that same range.
Choose the comparison reference You can compare against the global Whalemate average or against your industry average. Both references are visible simultaneously on screen.
If there are not enough organizations from the same sector on the platform, the comparison is made against the total of Whalemate organizations. The organization itself is always excluded from the average calculation.
Read the status of each metric
Each row shows a badge with three possible states:
- Above benchmark (green) — the organization exceeds the industry average
- Below benchmark (yellow) — the organization is below the average
- On benchmark (blue) — the organization is in line with the average
Read the expanded detail of each metric
When expanded, each metric shows three values:
- Current — the organization's actual value
- Industry avg. — the average for the selected sector
- Delta — the difference between both (positive or negative)
Below the values, an automatic description appears with the result and a contextual evaluation (e.g., "Good job" or "Room for improvement").
Each metric also indicates whether the criterion is Higher is better or Lower is better, for correct delta interpretation.
Available metrics
- Cyber Risk Score ↓ Lower is better: overall risk score of the organization
- Report rate ↑ Higher is better: % of employees who correctly reported simulations
- Click rate ↓ Lower is better: % of employees who clicked on phishing simulations
- Training completion ↑ Higher is better: % of employees who completed courses
- Recurrence rate ↓ Lower is better: % of repeat offender employees

🔜 Filtering by country and improved reference baselines are coming soon. If this feature is a priority for your organization, you can request it at roadmap.whalemate.com/roadmap.

🔜 Benchmark export will be available soon. If this feature is a priority for your organization, you can request it at roadmap.whalemate.com/roadmap.

How to interpret the results?

Cyber Risk Score below the average → positive sign. The organization has less risk than its industry peers. If it's also trending down over time, the program is working.
Click rate above benchmark → employees are falling for simulations more than the average. This is the most direct vulnerability indicator and where the next campaigns should focus.
Report rate below benchmark → employees are not reporting suspicious simulations. Working on reporting culture can improve this number without needing more campaigns.
Training completion below benchmark → there are employees not completing assigned courses. Review the assignment, difficulty, or frequency of courses.
Negative delta on a "Lower is better" metric → always positive. It means the organization is doing better than the average.

What to do based on what you see?

All metrics above benchmark → keep the pace and use the results as evidence of impact in the next client meeting.
One or two metrics below benchmark → prioritize those metrics in the next cycle. Adjust the type of simulations or course content depending on which one is failing.
Majority below benchmark → review the overall strategy. It may indicate that campaigns don't have enough frequency or variety, or that the audience isn't well segmented.

❓ FAQs

What is the organization compared against if there aren't enough companies in its industry?

If there aren't enough organizations in the same sector, the benchmark is calculated against all Whalemate companies. The organization itself is always excluded from the average.

What does the Delta mean?

It's the difference between the organization's current value and the industry average. A negative delta on a "Lower is better" metric (like Cyber Risk Score) is actually positive — it means the organization is doing better than average.

How often are the industry averages updated?

Industry averages and each organization's score are updated daily. Data is historical, so it's possible to track performance evolution over time.

Can I view the benchmark by department or team?

The current view shows the benchmark at the organization level. Group-level segmentation will be available soon.

Is the Cyber Risk Score the same one shown in the main dashboard summary?

Yes, it's the same indicator. Benchmark adds comparative context against the industry.

💬 Have feedback about this feature or want to request improvements? Let us know at roadmap.whalemate.com/roadmap

PrevRisk Analysis

NextResource Explorer

Was this helpful?

⌘J