Configuring Security Awareness Training

To configure your Security Awareness Training module:

  1. Sign in to the Coro console .
  2. From the Actionboard , select the Control Panel icon at the top of the Security Awareness Training dashboard panel:

    Email Security dashboard Control Panel link

    Alternatively, from the sidebar, select Control Panel to access the Control Panel. Then, select Security Awareness Training:

    Control Panel Email Security icon

  3. Coro displays your Security Awareness Training configuration:

    Email Security page

Coro's Security Awareness Training module comprises the following configurable components:

Configuring phishing simulation emails

Important

Coro needs to send phishing simulations to your users without your email provider flagging those emails as threats. To ensure simulation emails reach your users unflagged, allowlist Coro as a safe sender in your email domain configuration.

Coro enables you to activate phishing simulations for users in your connected cloud applications. You can also optionally enroll users who fail phishing simulations in additional training, designed to educate on the specific dangers represented by the simulation.

To activate and configure phishing simulations, select Phishing simulation on the Security Awareness Training page:

Email Security page - phishing simulation tab

On this page, you can:

  • Activate or deactivate phishing simulations for connected users. Coro activates this setting by default when the module is enabled.
  • Optionally select whether to enroll phished users on additional phishing-specific training courses.
  • View a schedule of upcoming email simulations.
  • View a history of simulations sent to your users to verify whether received or reported emails are simulations or actual threats.
note

Select a simulation name to view a dialog containing a preview of the email message:

View simulation preview

Configuring security training course enrollment

Coro enables you to enroll all users into a 12 month security training plan, during which they receive training modules monthly. In addition, admin users can choose to enroll new users into onboarding training, and additional training for data compliance.

To activate and configure security awareness training, select Security training on the Security Awareness Training page:

Email Security page - security training tab

On this page, you can:

  • Activate or deactivate the standard 12-month security training for connected users. Coro activates this setting by default when the module is enabled.
  • Enable onboarding training for newly-added users. See Onboarding training .
  • Enable compliance training for certain sensitive data regulations. See Compliance training .
  • Enable adaptive training for high-risk users. See Adaptive training .

Onboarding training

Coro synchronizes the user list from connected cloud applications automatically once per day, or through a manual synchronization activated by an admin user. Any new user accounts are identified and added to protection during this process.

Coro enables you to optionally activate an additional one-off onboarding training course for newly-added users delivered to them via email during their first month.

To activate onboarding training, select Enable onboarding course for new users:

Enable onboarding training

From their second month, new users transition to the standard training plan currently in operation for all protected users.

Compliance training

Coro SAT includes the ability to enroll users on additional training courses designed to cover the compliance requirements of certain sensitive data regulations. These are:

  • GDPR
  • HIPAA
  • PCI DSS

Enable a regulation option to instruct Coro to enroll all protected users on a training course covering compliance requirements for that regulation:

Enable compliance training

Important

Enabling a regulation activates enrollment for all protected users in connected cloud applications immediately. It cannot be cancelled.

If you disable the checkbox for a selected regulation, enrollment remains in place for all existing users, but new users added after this point are not enrolled. However, if you then re-enable the same checkbox later, Coro automatically enrolls all users who have not previously been enrolled - ensuring your exising users do not see the same course twice.

To learn more about compliance course content, see Compliance training.

Adaptive training

Coro's Adaptive Training responds to detected events in your user's connected cloud and email services. Coro maintains a record of the events that trigger certain Cloud Security, Email Security, or User data Governance tickets across a calendar month, based on a series of risk categories.

When a threshold is exceeded for a specific risk category, Coro assigns an adaptive training course to the user in addition to their regular monthly training.

Enabling Adaptive training

To enable adaptive training for your organization, enable Adaptive training:

Enable Adaptive Training

Adaptive training takes effect at the start of the next monthly cycle, on the first day of the month. Coro calculates totals for the previous month and assigns training accordingly.

If you disable Adaptive training, Coro does not perform any further analysis at the next monthly cycle. All existing adaptive training course assignments remain in place until completed or overdue.

How does Coro determine adaptive training course assignment

Coro measures each user's ticket event totals at the start of each month, based on results from the previous full month. Coro compares events for individual users against the results for all users enrolled in SAT, creating a relative list of the most at-risk users in your organization. Coro’s adaptive training primarily targets the top percentage of risky users each month, instead of basing decisions on a fixed numbers of detected events.

note

Coro treats malware events more seriously and triggers adaptive training at the first event per user.

To view risk categories, thresholds, and training courses assignments through Coro adaptive training, see Training courses and simulations - Adaptive training.

Limits to course assignment

Coro applies the following rules to course assignment for an individual user:

  • Coro does not assign the same training course (adaptive or standard) more than once per year.
  • Coro does not assign adaptive training courses for the same identified risk category more than twice per year.
  • Coro does not assign more than four adaptive training courses of any risk category per year, and not more frequently than one course every two months.