Enabling Just In Time training
JIT training is real-time reinforcement configured to drive positive behavioural changes for monitored employee security risks. Unlike monthly or annual education courses, JIT education and notifications are delivered whilst there is still a conscious link in the employee's mind with the action they have just performed and the action that is being flagged to them.
As an example, when your employee clicks on a simulated phishing scenario they will be instantly directed to complete a short JIT Training module around email phishing.
Showing a very short piece of interactive training when employees click on a simulated phish is an extremely effective way to reduce phishing susceptibility and increase reporting rates.
Even if employees don't complete the JIT training, giving them a pop up while the conscious and potentially emotive link is still fresh in their mind gives them an extra impetus toward improving their behavioural risk posture.
Good to know
- There are two kinds of phishing scenarios;
A link that they click that will lead to a dead page - In this case, JIT would pop up as soon as they click the link
A link that they click, that then takes them to a page to enter their credentials - In this case, JIT would only trigger once they enter the credentials. If a user opens the credentials page, then closes it, this would only record a click, but not trigger any JIT training
If you see an employee that has clicked on the link, but no JIT has triggered, this means that they landed on a credentials page, and closed the tab/didn't enter their credentials. - JIT training is not mandatory and will not be visible in users security centre as assigned training
- If you close the window with the JIT training, you will not be able to access it again
- JIT training is quick, bitesize content. It should only take around five minutes to complete
Steps
- Log in to your CultureAI admin dashboard
- Click on the 'Coaching' button at the top of your dashboard
- Click into the 'Just-In-Time Education' tab
- Here you can set up a security notification, or edit and existing one
- If you'd like to edit an existing notification, click the three dots button next to the notification. To create a new one, click the 'Manage behaviour' button at the top of the page
- A new window will pop up
Click the "When someone has" drop down, and select "Clicked a simulated phishing link" - Click the 'Coaching Event' drop down and select "Assign JIT training" - A new section will appear to configure your JIT settings
- Click the 'Module' drop down, at the top of the list you will see the JIT training options. Select the 'Email Phishing' module
- You can also choose which User Groups this triggers for, and if you want employees to earn any security credits when they complete their training
- Click the 'Confirm' button
- You're done!