Managed Security Awareness Dashboard User Guide

User Guide

Overview of Managed Security Awareness Direct link to this section

Arctic Wolf Managed Security Awareness® (MA) delivers security awareness training as a program comprised of:

Compliance training modules are also available with a valid Compliance Content Pack license. This license allows you to assign compliance training in addition to security awareness training to a group of users on an as-needed basis.

Supported languages Direct link to this section

Managed Security Awareness content is primarily delivered in American English. However, some microlearning sessions are available in the following languages:

Tip: You can preview microlearning sessions at any time. See Previewing an upcoming session for instructions. If a session has multi-language support, the description includes a list of the available language options.

How Managed Security Awareness works Direct link to this section

The MA program is comprised of:

Users receive approximately 43 emails over the course of a year. On a given week where an activity is scheduled, users only receive one activity for the week: a microlearning session, a quiz, or a phishing simulation email.

Tip: See Email templates for more information about the types of emails that users and program administrators receive.

Managing the MA program Direct link to this section

The MA Dashboard lets you manage program features, monitor user participation and performance, assess the level of security awareness that your organization has, and identify opportunities for raising the level of security awareness within your organization.

This guide is intended for administrators of the MA program in their organization.

Signing in to the MA Dashboard Direct link to this section

To sign in to the MA Dashboard:

  1. Go to https://sat.arcticwolf.com/.
  2. Sign in using your Arctic Wolf credentials.
    1. For MSPs, search for the desired customer account. Then, select View.

After signing in, the MA Dashboard loads, and your sign-in details are shown in the top-right corner in this format: Your Name - Organization Name.

Tips:

Initial setup Direct link to this section

These tasks are completed as part of the initial setup of your MA program:

Sending a test email Direct link to this section

Optionally, you can send a test email to a security administrator within your organization to verify that your corporate email AllowList is configured to allow MA email notifications. To send a test email:

  1. Select Administration Dashboard from the menu bar.
  2. Select the User Information tab on the dashboard.
  3. Select Send Test Email.

Tip: To preview this email:

  1. Select Administration Dashboard from the menu bar.
  2. Under Email Templates/Private Labeling, select Email Test Session Link.

See Email templates for more information.

Activating the MA program Direct link to this section

To activate the MA program, contact your Concierge Security® Team (CST).

After program activation:

Viewing if the MA program is active Direct link to this section

To view if the MA program is active and sessions are sending to your users:

  1. Select Administration Dashboard from the menu bar.
  2. Confirm the Program Active toggle is on.

Email templates Direct link to this section

MA users and program administrators receive various emails throughout the each program cycle. To view the contents of these emails:

  1. Select Administration Dashboard from the menu bar.
  2. Under Email Templates/Private Labeling, select the name of an email template to view its contents. Descriptions of the MA email templates are as follows:
Email template Description
Awareness Session Link The email that users receive when a microlearning session or quiz is assigned.
QuickStart Session Link The first email that users receive after the MA program is activated. The email includes a link to the QuickStart session, which is an introduction to the MA program.
Email Test Session Link An email that your onboarding project manager sends before the MA program starts to verify that your corporate email AllowList is configured to allow MA email notifications.
Monthly Admin Snapshot A periodic email provides an overview of user participation in the MA program. Only MA program administrators receive this email.
Status Update - Positive A periodic email that that provides users a summary of their participation in the MA program. Users receive this email if all training assignments are complete.
Status Update - Negative A periodic email that that provides users a summary of their participation in the MA program. Users receive this email if one or more training assignments are incomplete.

Changing private label settings Direct link to this section

Enabling private labeling lets you customize the email sender name and display name. The sender of MA emails by default has the following:

Note: Private labeling is optional.

Adding a private label Direct link to this section

To turn on private labeling:

  1. Select Administration Dashboard from the menu bar.
  2. On the Email Templates/Private Labeling tab, toggle Use Private Labeling on.
  3. Edit the Display Name and Email Sender Name, as desired.
  4. Click Save to save your changes.
  5. Review the email templates to confirm that you want to keep your current settings.

Removing a private label Direct link to this section

Toggle Use Private Labeling off to revert the email sender name and display name to their default settings.

Changing a private label Direct link to this section

To modify your current private label settings:

  1. Toggle Use Private Labeling off. Then toggle private labeling on again.
  2. Complete steps 3 to 5 of Adding a private label.

Managing users and user groups Direct link to this section

To manage user enrollment in the MA program:

Note: QuickStart sessions are automatically sent on the next session delivery day to new users who are added to the program after activation.

Monitoring security awareness Direct link to this section

The MA Dashboard provides the following options for monitoring the level of security awareness in your organization:

Secure Culture Dashboard Direct link to this section

The Secure Culture Dashboard tracks user participation and measures performance in security awareness sessions, quizzes, phishing simulations, and compliance training.

The Secure Culture Dashboard has these sections:

Section Description
Secure Culture Program Summary A display of the following metrics, indicating the extent to which security awareness and regulatory compliance are a part of your organizational culture:
  • Secure Culture Score — An aggregated metric of user engagement and knowledge assessment that describes the level of security awareness within your organization.
  • Users Assigned Sessions — The number of users assigned to sessions.
  • Sessions Sent — The number of security awareness microlearning sessions delivered within the selected timeframe, for example, within the last 30 days.
  • Phishing Simulations Sent — The number of phishing simulation emails delivered within the selected timeframe, for example, within the last 30 days.
  • Completion — The percentage of delivered sessions that active users have completed.
  • Average Quiz Score — The average score of all users who have completed security awareness quizzes.
  • Phishing Simulation Failures — The percentage of of active users who failed phishing simulations.
    Note: Users who fail a phishing simulation automatically receive a remediation session about phishing.
  • Remediation Completion — The percentage of delivered phishing remediation sessions that users have completed.
QuickStart Status A summary of user engagement for QuickStart sessions.
Session Statistics A summary of user engagement for past security awareness sessions.
Quiz Statistics A summary of user engagement and scores for past security awareness quizzes.
Simulation Statistics A summary of user behavior in response to delivered phishing simulation emails.

Tip: See Reports for more information about statistics and reports.

Downloading Secure Culture statistics Direct link to this section

You can download CSV files from the Secure Culture Dashboard that detail the following information, which identifies users who require additional training support:

Note: The data included in CSV file reflects the selected timeframe, for example, within the last 30 days.

To download Secure Culture statistics:

  1. Select Secure Culture Dashboard from the menu bar.
  2. Click Download to download the desired CSV file.

Tip: See Increasing your Secure Culture Score for remediation options.

Increasing your Secure Culture Score Direct link to this section

The Secure Culture Score represents the strength of security awareness within your organization, based on the session completion, average quiz score, phishing simulation failures, and remediation completion metrics. Possible scores include:

To increase your Secure Culture Score, consider:

Administration Dashboard Direct link to this section

You can manage security awareness microlearning sessions in the following ways:

Selecting a security awareness track Direct link to this section

Note: The Managed Security Awareness Plus (MA+) license is required to access this option.

The MA+ program is set to the standard track by default. However, you can choose from other security awareness tracks that are tailored to specific industries, for example, healthcare.

To change the awareness track:

  1. Select Administration Dashboard from the menu bar.
  2. On the Session Information tab, select the desired track from the Current Awareness Track list. The list of upcoming sessions updates to reflect the awareness track that you select.

Changing the session delivery day Direct link to this section

A microlearning session is sent through email between 14:00 and 15:00 UTC on the configured session delivery day.

After changing the session delivery day, users receive the next microlearning session in the queue on the earliest possible day that corresponds with the configuration. For example, if today is Tuesday, August 10, 2021 and you change the session delivery day before 14:00 UTC from Friday to Tuesday, users receive the next microlearning session today, and future sessions are scheduled to be delivered on following Tuesdays.

Note: Changing the selected session delivery day does not affect the timing of phishing simulation emails. Phishing simulations occur on a random weekday between 16:00 UTC and 22:00 UTC.

To change the weekday when sessions are delivered:

  1. Select Administration Dashboard from the menu bar.
  2. On the Session Information tab, select the desired session delivery day.

Disabling or enabling phishing simulation emails Direct link to this section

The MA program includes phishing simulations to test user responses to suspicious emails.

To disable or enable phishing simulation emails:

  1. Select Administration Dashboard from the menu bar.
  2. Toggle Program Active on.
  3. On the Session Information tab, toggle Send Phishing Simulation Emails off or on as desired.

Previewing an upcoming session Direct link to this section

To preview an upcoming session or phishing simulation:

  1. Select Administration Dashboard from the menu bar.

  2. On the Session Information tab, under Upcoming Sessions, find the session you wish to preview.

    Tip: Check the description to see if the session or module includes multi-language support. See Supported languages for more information.

  3. Select the list under the Options column. Then, select Preview Session or Preview/Select Phishing Email.

  4. If you are previewing a phishing simulation, you can also select different templates that be more relevant to your organization. To select a template:

    1. Click the Available Templates list and select the template you want to use.
    2. Click Select This Phishing Email Template to confirm your selection.

Tip: See Muting an upcoming session.

Muting an upcoming session Direct link to this section

If desired, you can mute an upcoming session or phishing simulation. When muted, the session or phishing simulation is not delivered to users.

Notes:

To mute or unmute a session or phishing simulation:

  1. Select Administration Dashboard from the menu bar.
  2. On the Session Information tab, under Upcoming Sessions, find the session you wish to mute or unmute.
  3. Select the list under the Options column. Then, select Mute This Week or Unmute This Week. Muted sessions are highlighted orange. Sessions that are not highlighted are queued to be delivered as scheduled.

Viewing user information Direct link to this section

You can view the email address and session history for users within your organization. For example, you can view the quizzes and phishing simulations sent to each user, when they were sent, and when the user completed them. To view user information:

  1. Select Administration Dashboard from the menu bar.
  2. Select the User Information tab on the dashboard.

Assigning a session to an individual user Direct link to this section

You can assign specific security awareness sessions to an individual user, which are delivered separate from the MA program schedule. To assign a microlearning session, quiz, or phishing simulation to a user:

  1. Select Administration Dashboard from the menu bar.

  2. Select the User Information tab on the dashboard.

  3. Search for the desired user. Then, select either of these options:

    • View History — To resend a session that the user has already received.
    • Assign Session — To assign a session to the user.

    Tip: This option lets you assign sessions that are not listed in the history for that user. For example, you can use this option to assign past sessions to a new user who was added to the MA program mid-cycle. When a new user is added, the user automatically receives the QuickStart session. However, the next security awareness session that the user receives is the session that is scheduled for delivery in the current or following week.

  4. Page through the list or use the search field to find the session that you want to assign.

    Tip: Check the description to see if the session or module includes multi-language support. See Supported languages for more information.

  5. Select Assign for the desired session. The user immediately receives an email notification about the training assignment, and the session no longer appears in the list of available sessions and phishing simulations for that user.

    Note: You cannot re-assign this session until the user completes the assignment.

Tip: See Assigning supplemental training to a user group.

Downloading the MA program session history Direct link to this section

Downloading the MA program session history is one way to review the level of engagement of your organization with the MA program. With this option, you can also review the history of a specific session or user.

To download a history of all past sessions and quizzes for all users:

  1. Select Administration Dashboard from the menu bar.
  2. Select the User Information tab on the dashboard.
  3. Select Download Full Session History to download the CSV file.

Tip: To review the history of all past sessions and quizzes for an individual user, see Assigning a session to an individual user.

Managing incomplete session reminders Direct link to this section

You can adjust the frequency and the urgency language of emails that are sent to users when training is incomplete. You can configure the settings differently depending on how many incomplete sessions a user has. For example, if you have users with a high number of incomplete sessions, you can increase the frequency of email reminders to those users.

Notes:

To manage incomplete session reminders:

  1. In the MA Dashboard menu bar, select Administration Dashboard.

  2. Click the Incomplete Session Manager tab.

  3. For each applicable column, select the required Frequency of Email option:

    • Monthly (1st)
    • Bi-Monthly (1st, 15th)
    • Weekly (Monday)
    • Daily
  4. For each applicable column, select the required Urgency of Email from the dropdown list:

    • Low
    • Moderate
    • High

    Tip: Click the Low Urgency Email, Moderate Urgency Email, or High Urgency Email tab to preview the email that is sent depending on the Urgency of Email setting.

Reports Direct link to this section

The Reports page displays Secure Culture statistics as downloadable PDF reports. Available reports are as follows:

Section Description
Security Awareness Program Status A progress report that shows the completion of microlearning sessions and quizzes, the results of phishing simulations, and the completion of phishing remediation sessions.
Security Awareness Program Trends A report that shows trends in user performance.
High Risk Users A report that identifies users with a low level of engagement with the MA program and users who have performed poorly in quizzes and phishing simulations.
Phishing Simulations A detailed report of phishing simulation results and the completion of phishing remediation sessions.

Tip: See Secure Culture Dashboard for more information about available statistics.

Viewing an MA session report Direct link to this section

To view an MA session report:

  1. In the MA Dashboard menu bar, select Reports.
  2. Click the desired tab:
    • Security Awareness Program Status
    • Security Awareness Program Trends
    • High Risk Users

See Viewing a compliance training course report for compliance report instructions.

Downloading an MA session report Direct link to this section

To download an MA session report:

  1. In the MA Dashboard menu bar, select Reports.

  2. Click the desired tab:

    • Security Awareness Program Status
    • Security Awareness Program Trends
    • High Risk Users
  3. Click the download icon Download.

    A PDF file downloads to your device.

See Downloading a compliance training course report for compliance report instructions.

Content Library Direct link to this section

The Content Library feature lets you assign supplemental training content to one or more groups of users.

Note: To access the Content Library feature, your organization must:

The Content Library contains different content depending on whether you have a Compliance Content Pack or MA+ license. If your organization has a:

Assigning supplemental training to a user group Direct link to this section

To assign a supplemental training module to a user group:

Note: User engagement and test outcomes for supplemental training assignments, including compliance training modules, are included in secure culture statistics and reports.

  1. Select Content Library from the menu bar.

  2. Browse, search, or filter for a training module that covers the desired topic.

    Tips:

    • Click All Filters to view all filters that you can set. There are also filters for content types available, such as Awareness Session. To reset your filters, click Clear.
    • Check the description to see if the session or module includes multi-language support. See Supported languages for more information.
  3. Select Assign To Group.

  4. In the dialog box, select the desired group.

  5. Review the list of group members to confirm your selection.

    Notes:

    • Verify that you have selected the correct group. Training assignments cannot be removed once they are assigned.
    • You cannot assign a module to a group without members. When integrated with AD, the MA Dashboard performs live queries of AD to retrieve users and user groups. To edit add or remove members, edit the group in AD.
  6. Click Assign <module> to <x> users. A confirmation message appears, and users within the selected group receive an email that grants them immediate access to the assigned module.

  7. Select x or Close to exit the dialog box.

Compliance Direct link to this section

Note: To access the Compliance information, your organization must have a valid Compliance Content Pack (CPP).

The Compliance page helps you to comply with standards like ISO 27001 or 27002 because it provides you with more visibility and control over your compliance training course information.

The page includes the following tabs:

See Viewing compliance training course information for more information.

Viewing compliance training course information Direct link to this section

Note: To access the Compliance information, your organization must have a valid CPP.

To view compliance training course information:

Viewing a compliance training course report Direct link to this section

Note: To access the Compliance information, your organization must have a valid CPP.

To view a compliance training course report:

  1. In the MA Dashboard menu bar, select Compliance.
  2. Click the Compliance Report tab.

See Viewing an MA session report for MA report instructions.

Managing incomplete compliance training course reminders Direct link to this section

Note: To access the Compliance information, your organization must have a valid CPP.

You can adjust the frequency and the urgency language of emails that are sent to users when training courses are incomplete. You can configure the settings differently depending on how many incomplete training courses a user has. For example, if you have users with a high number of incomplete training courses, you can increase the frequency of email reminders to those users.

To manage incomplete compliance training course reminders:

  1. In the MA Dashboard menu bar, select Compliance.

  2. Click the Compliance Incomplete Session Manager tab.

  3. For each applicable column, select the required Frequency of Email option:

    • Monthly (1st)
    • Bi-Monthly (1st, 15th)
    • Weekly (Monday)
    • Daily
  4. For each applicable column, select the required Urgency of Email from the dropdown list:

    • Low
    • Moderate
    • High

    Tip: Click the Low Urgency Email, Moderate Urgency Email, or High Urgency Email tab to preview the email that is sent depending on the Urgency of Email setting.

See Managing incomplete session reminders for instructions on managing incomplete session reminders.

Downloading a compliance training course report Direct link to this section

Note: To access the Compliance information, your organization must have a valid CPP.

To download a compliance training course report:

  1. In the MA Dashboard menu bar, select Compliance.

  2. Click the Compliance Report tab.

  3. Click the download icon Download.

    A PDF file downloads to your device.

See Downloading an MA session report for MA report instructions.

Downloading compliance training course history Direct link to this section

Note: To access the Compliance information, your organization must have a valid CPP.

You can download a CSV file that includes the full compliance training course history for your users. The CSV file includes the first and last name of the user, email address, the date the compliance training was sent to the user, and the completion status.

To download compliance history:

  1. In the MA Dashboard menu bar, select Compliance.

  2. Click Download Full Compliance History.

    A CSV file downloads to your device.

Downloading a list of users with incomplete compliance training courses Direct link to this section

Note: To access the Compliance information, your organization must have a valid CPP.

You can download a CSV file that includes a list of users that have incomplete compliance training courses. The CSV file includes the first and last name of the user, email address, the date the compliance training course was sent to the user, and the completion status.

To download a list of users with incomplete compliance training courses:

  1. In the MA Dashboard menu bar, select Compliance.

  2. Next to List of Incomplete Users, click download.

    A CSV file downloads to your device.

Administrator Toolkit Direct link to this section

The Administrator Toolkit is a reference and resource library for administrators, to assist and guide them in running their security awareness and training programs. Common items in the library include the following:

Accessing the Administrator Toolkit Direct link to this section

To access the Administrator Toolkit:

  1. Click the Settings gear icon
  2. Select Administrator Toolkit

All of the Administrator Toolkit library references and resources are listed. The Search field filters the resource list based on the criteria entered.

Previewing and downloading resources Direct link to this section

You can preview and download the Administrator Toolkit resources.

To preview a resource:

To download a resource:

See also Direct link to this section