I had the pleasure of spending some time with our Australian and New Zealand teams this month, and throughout my trip I heard over and over again that one of the most beloved and differentiating things within the Netskope platform is the facility for user coaching. It’s actually something I hear from teams around the world, but sometimes it is a feature that can get lost when we talk about the vast capabilities packed within a SASE platform. So, I picked up my roving reporter notebook and cornered Dane Blackmore, head of our NZ team, to find out more…
Emily: OK, let’s start at the beginning for anyone not sure what this is all about. What exactly do we mean by ‘“real-time user coaching”?
Dane: An effective user coaching system is something that is embedded into an organisation’s cybersecurity platform. The idea is to give clear “just-in-time” feedback to users on how to avoid risky behaviour, while simultaneously showing them safer alternatives to achieve their objectives.
Emily: This sounds like a nice and simple use case, and not hugely technical. Forgive the silly question, but is it hard to do?
Dane: It’s not hard to use, for a security administrator, but its simplicity belies some pretty clever stuff going on under the bonnet. Our user coaching is built upon App Scores (we have the security and operating credentials of nearly 60,000 different cloud applications detailed out-of-the-box) as well as an organisation’s own tailored policies. And it gets particularly powerful when the platform that it is built into has granular awareness of changing context including user location, device, identity, user behaviour, threat, application risk… At that point, user coaching can become an intertwined part of a zero trust approach, making users a critical part of defence.
Emily: Oh I like that. So often we hear about users being the weakest link, but this kind of flips that doesn’t it?
Dane: Absolutely. I heard one member of the team internally explaining the other day that regardless of the clever technology in place, no organisation ever completely avoids every phishing email or dodgy cloud link arriving in front of the user. But all it takes is for one user to not click it and we win. That’s what user coaching does. Humans are not the weakest link in our security posture, they are our last line of defence, so it’s important that we recognise that and train them.
Emily: Ah but every organisation trains users in cybersecurity. I have sat through plenty of annual training courses.
Dane: And there is value to be found there. But how much of what you were told have you retained? It’s the fact that the helpful information is presented in the moment when it is needed—the real-time bit—that is what’s really powerful.
Emily: OK, talk me through t