How to enable JIT (Just In Time) training

Enabling Just In Time training

JIT training is real-time reinforcement configured to drive positive behavioural changes for monitored employee security risks. Unlike monthly or annual education courses, JIT education and notifications are delivered whilst there is still a conscious link in the employee's mind with the action they have just performed and the action that is being flagged to them.

As an example, when your employee clicks on a simulated phishing scenario they will be instantly directed to complete a short JIT Training module around email phishing.

Showing a very short piece of interactive training when employees click on a simulated phish is an extremely effective way to reduce phishing susceptibility and increase reporting rates. 

Even if employees don't complete the JIT training, giving them a pop up while the conscious and potentially emotive link is still fresh in their mind gives them an extra impetus toward improving their behavioural risk posture.  

Good to know

  • There are two kinds of phishing scenarios;
    A link that they click that will lead to a dead page - In this case, JIT would pop up as soon as they click the link
    A link that they click, that then takes them to a page to enter their credentials - In this case, JIT would only trigger once they enter the credentials. If a user opens the credentials page, then closes it, this would only record a click, but not trigger any JIT training
    If you see an employee that has clicked on the link, but no JIT has triggered, this means that they landed on a credentials page, and closed the tab/didn't enter their credentials.
  • JIT training is not mandatory and will not be visible in users security centre as assigned training
  • If you close the window with the JIT training, you will not be able to access it again
  • JIT training is quick, bitesize content. It should only take around five minutes to complete

Steps

  1. Log in to your CultureAI admin dashboard
  2. Click on the 'Coaching' button at the top of your dashboard
  3. Click into the 'Just-In-Time Education' tab
  4. Here you can set up a security notification, or edit and existing one
  5. If you'd like to edit an existing notification, click the three dots button next to the notification. To create a new one, click the 'Manage behaviour' button at the top of the page
  6. A new window will pop up
    Click the "When someone has" drop down, and select "Clicked a simulated phishing link"
  7. Click the 'Coaching Event' drop down and select "Assign JIT training" - A new section will appear to configure your JIT settings
  8. Click the 'Module' drop down, at the top of the list you will see the JIT training options. Select the 'Email Phishing' module
  9. You can also choose which User Groups this triggers for, and if you want employees to earn any security credits when they complete their training
  10. Click the 'Confirm' button
  11. You're done!