Configuring Security Awareness Training
To configure your Security Awareness Training module:
- Sign in to the Coro console .
-
From the
Actionboard
, select the
Control Panel
icon at the top of the
Security Awareness Training
dashboard panel:
Alternatively, from the sidebar, select
to access the Control Panel. Then, select Security Awareness Training:
-
Coro displays your
Security Awareness Training
configuration:
Coro's Security Awareness Training module comprises the following configurable components:
Configuring phishing simulation emails
Important
Coro needs to send phishing simulations to your users without your email provider flagging those emails as threats. To ensure simulation emails reach your users unflagged, allowlist Coro as a safe sender in your email domain configuration.
Coro enables you to activate phishing simulations for users in your connected cloud applications. You can also optionally enroll users who fail phishing simulations in additional training, designed to educate on the specific dangers represented by the simulation.
To activate and configure phishing simulations, select Phishing simulation on the Security Awareness Training page:
On this page, you can:
- Activate or deactivate phishing simulations for connected users. Coro activates this setting by default when the module is enabled.
- Optionally select whether to enroll phished users on additional phishing-specific training courses.
- View a schedule of upcoming email simulations.
- View a history of simulations sent to your users to verify whether received or reported emails are simulations or actual threats.
note
Select a simulation name to view a dialog containing a preview of the email message:
Configuring security training course enrollment
Coro enables you to enroll all users into a 12 month security training plan, during which they receive training modules monthly. In addition, admin users can choose to enroll new users into onboarding training, and additional training for data compliance.
To activate and configure security awareness training, select Security training on the Security Awareness Training page:
On this page, you can:
- Activate or deactivate the standard 12-month security training for connected users. Coro activates this setting by default when the module is enabled.
- Enable onboarding training for newly-added users. See Onboarding training .
- Enable compliance training for certain sensitive data regulations. See Compliance training .
- Enable adaptive training for high-risk users. See Adaptive training .
Onboarding training
Coro synchronizes the user list from connected cloud applications automatically once per day, or through a manual synchronization activated by an admin user. Any new user accounts are identified and added to protection during this process.
Coro enables you to optionally activate an additional one-off onboarding training course for newly-added users delivered to them via email during their first month.
To activate onboarding training, select Enable onboarding course for new users:
From their second month, new users transition to the standard training plan currently in operation for all protected users.
Compliance training
Coro SAT includes the ability to enroll users on additional training courses designed to cover the compliance requirements of certain sensitive data regulations. These are:
- GDPR
- HIPAA
- PCI DSS
Enable a regulation option to instruct Coro to enroll all protected users on a training course covering compliance requirements for that regulation:
Important
Enabling a regulation activates enrollment for all protected users in connected cloud applications immediately. It cannot be cancelled.
If you disable the checkbox for a selected regulation, enrollment remains in place for all existing users, but new users added after this point are not enrolled. However, if you then re-enable the same checkbox later, Coro automatically enrolls all users who have not previously been enrolled - ensuring your exising users do not see the same course twice.
To learn more about compliance course content, see Compliance training.
Adaptive training
Coro's Adaptive Training responds to detected events in your user's connected cloud and email services. Coro maintains a record of the events that trigger certain Cloud Security, Email Security, or User data Governance tickets across a calendar month, based on a series of risk categories.
When a threshold is exceeded for a specific risk category, Coro assigns an adaptive training course to the user in addition to their regular monthly training.
Enabling Adaptive training
To enable adaptive training for your organization, enable Adaptive training:
Adaptive training takes effect at the start of the next monthly cycle, on the first day of the month. Coro calculates totals for the previous month and assigns training accordingly.
If you disable Adaptive training, Coro does not perform any further analysis at the next monthly cycle. All existing adaptive training course assignments remain in place until completed or overdue.
How does Coro determine adaptive training course assignment
Coro measures each user's ticket event totals at the start of each month, based on results from the previous full month. Coro compares events for individual users against the results for all users enrolled in SAT, creating a relative list of the most at-risk users in your organization. Coro’s adaptive training primarily targets the top percentage of risky users each month, instead of basing decisions on a fixed numbers of detected events.
note
Coro treats malware events more seriously and triggers adaptive training at the first event per user.
To view risk categories, thresholds, and training courses assignments through Coro adaptive training, see Training courses and simulations - Adaptive training.
Limits to course assignment
Coro applies the following rules to course assignment for an individual user:
- Coro does not assign the same training course (adaptive or standard) more than once per year.
- Coro does not assign adaptive training courses for the same identified risk category more than twice per year.
- Coro does not assign more than four adaptive training courses of any risk category per year, and not more frequently than one course every two months.