Select Page

Living Security

Living Security Training Platform

Problem Statement

Originally Living Security Admins had to manually create campaigns for each client. It was a very slow, highly customizable and not scalable process.

Solution

Create a self-self platform where the CyberSecurity Program Owner could build  campaigns for different audiences inside their companies. After launching the campaigns the platform would show reports regarding the participant’s outcomes.

Business Value

This would allow the Program Owner to target vulnerabilities faster,  monitor progress easily and reduce human risk.

 

Training Platform Architecture

Workshop findings

Living Security lifecycle and personas design was possible thanks to the workshop we conducted throughout of the project.

End-to-end Journey Map

Personas

End-to-end Happy Path

Iterations

Living Security Training Platform

Campaign Builder

User story

Susan is a Business Information Security offer who is in charge of overseeing the Training Awareness Program. She has over 10,000 employees to train. During the training period Susan wants to make sure that her trainees are on their way to complete the assigned content. If some trainees fall behind, she wants to have the ability to identify the individuals and send them reminders about the incomplete training. It’s also important for her to reward the people who put an extra effort in completing the trining.
After the training, Susan want to see the data and pin-point areas where the company (groups and individuals) needs more training. She also wants to refine the training curriculum to make it more effective.
On the other hand, she has to report to leadership quarterly, and show the benefits of the training. Susan needs to show the areas of improvement and the progress they are doing as a company to become more secure.

Use Case

Susan creates a campaign targeted specifically for the Finance department. The campaign is short and targeted to the Finance department employees’ needs but she wants everybody to have enough time to complete is. For that reason she sets each assignment block to be due in 15 days. Since the Finance department is always changing she need the campaign to accommodate new Finance employees automatically and to stop training to employees that do not longer belong to the department. Susan likes to notify her participants when they have been assigned content as well as when the content’s due date is approaching. Additionally she wants to give a bit of flexibility to all the participants to complete their training even after the due date. Therefore she activates Past Due Date notifications that run every three days for 9 days.

Task Flow

Steps to complete before launching the campaign:

  1. Sign in
  2. Navigate to Audience
  3. Create an audience called “Finance”
  4. Create a rule by selecting the “Finance”
  5. value of the “Department” attribute.
  6. Curate content for the finance department.
  7. Filter content in the Living Security
  8. Catalog by “Targeted Roles” tag to find a couple sets of finance-related content.

 

<h5>Campaign Builder</h5>

  1. Create a new campaign
  2. Associate the “Finance” audience with the campaign
  3. Set the campaign to “dynamic”
  4. Assign a mandatory content
  5. Turn on and set all the notifications
  6. Create another optional content assignment action for the other set of content
  7. Only turn on Assignment and Due Date notifications
  8. Set these two actions 15 days apart
  9. Launch the campaign. Participants will be assigned the content anytime they join the Finance department

Prototype
https://www.figma.com/proto/KrwJ8gMHd7OPst7i7vX9IV/Asset-flow?node-id=1%3A480&viewport=228%2C265%2C0.015625&scaling=min-zoom&page-id=0%3A1