Role-Based Security Awareness Training Procedure

This admin procedure will provide background information on how to construct a Simulation Campaign for end users based on their job role.

This article is intended for employees of organizations that use Sittadel's security. Additionally, there are some actions that can only be accomplished by those with administrative privileges.

Security Awareness Training

Training campaigns are a faster, more direct way to provide security training to users. Instead of creating and launching simulated phishing attacks that eventually lead to training, you can create and assign Training campaigns directly to users.


Procedure Scope: Administrators

Required Group Membership: Admin.EmailSecurity


Role-Based Security Awareness Training

  1. Navigate to Training Campaigns – O365 Defender, select Create New.
  2. Provide basic information for the training such as the name and a description of the type of training it will be providing to the end users in your organization. Select Next to provide the scope of users.
  3. The scope for this procedure will be a specific 365 group (Azure Security Groups cannot be configured) or set of users, select Add Users, a search bar will be generated where you can manually specify users or groups that you wish to add; additionally, you could follow the prompts to have groups selected based off Microsoft recommendations, location, etc. Make sure to double check to make sure there are no discrepancies in users. Select Next to proceed to user exclusions.
  4. User exclusion should be thought about very carefully and review by other members in management, if it is applicable select the users from the group you wish to exempt from the campaign. Select Next to procced to training module selection.
  5. For training module selection, you will have a choice of selecting modules developed by Microsoft for user training or you will be able to supply a third-party site for training; this will depend on the source of information you deem adequate for educating end users. Select Add Trainings to browse the Microsoft Catalogue for training material revolved around the scope you wish to educate or provide the URL for the third-party site for users to access. Once selections have been made, select Next to proceed to distribution method for end users.

  6. End users can be notified of their training either through Microsoft Default Notifications which will send an Outlook message to all users detailing that they have been assigned training by the security team and can access the training through the message; additionally, they will be notified of completing the training on either a weekly or bi-weekly basis. You could create a custom notification set if it fits within your scope. Once notifications are configured, select Next to proceed to scheduling of campaign release.
  7. Scheduling can either be configured to be released right away or set for another time; you will also be able to configure an end date that will need to be abided by end users. This will all be decided by administration to come up with a timeline of completion of the training by users. Select Next to proceed to revisions.
  8. Revisions will have a list of all the configured campaign settings that were established; if you detect a discrepancy, select the Edit button located below the section to make the proper remediations. Additionally, if the settings look good you can select Submit to publish the campaign and make it available for the end users. You could try the Send a Test feature to mimic what the end users will be displayed and have access to.

You're Finished!

You should have successfully deployed a simulation attack campaign that will educate users on the specified threat technique you outlined. For any other problems or questions, reach out to us!