Welcome to the next generation of reporting with NINJIO Sigma Dashboards. These tools provide administrators with deeper insights, actionable data, and simplified workflows to manage organizational security awareness.
Dashboard Management & Best Practices
General Interaction Tips
- Downloading Information: Hover over any infographic and click the 3 dots (top right) to select "Export".
- Recommended Formats: Use CSV or Excel for large data sets; PDF files may cut off data if there are too many rows.
- Automating Reports: Select "Scheduled Export" from the infographic menu to have reports sent automatically on a regular basis.
- Proactive Alerts: Use "Alert when..." from the 3-dots menu to notify your team immediately when metrics hit specific thresholds.
- View Raw Data: Click the Table Icon ("Show Underlying Data") on any chart to see the raw data points.
Training Reports Dashboard Breakdown
Key Performance Metrics
| Metric | Definition | Value & Recommendation |
|---|---|---|
| Completion Rate | Total quiz completions (pass + fail) divided by total trainings sent. | Value: High-level compliance health. Rec: Use Time Series Analysis to monitor growth over time |
| Drop Off Rate | Users who viewed the training but did not complete the final quiz. | Value: Identifies potential friction in the learning process. |
| Total Score | A combination of Engagement Points (view speed) and Exam Points (accuracy). | Value: Measures overall security culture and knowledge retention. |
Phishing Reports Dashboard Breakdown
Vulnerability & Engagement Metrics
| Metric | Definition | Value & Recommendation |
|---|---|---|
| Distinct User Lured Rate | Total unique users lured divided by total participants. | Value: Shows the actual percentage of your workforce that is susceptible. |
| Lured Rate | Total successful lures across all attacks sent. | Value: Benchmarks template difficulty. Rec: Compare against the 7% holistic baseline. |
| Susceptibility Tiers | Categorizes users based on events (Link Clicks/Sensitive Info Submitted). | Tiers: High (3+), Medium (1-2), Low (0). |
Interaction Types
Engagement is tracked through multiple actions: Web Page, Email, Attachment, Form, and QR Interactions. Email Reported is the only positive event type and should be rewarded.
Strategic Recommendations
1. Targeted Remediation
Use the Emotional Susceptibility Profile to identify the top three emotional triggers affecting your company. Focus future campaigns and remedial modules specifically on these vulnerabilities (e.g., Greed or Urgency.
2. Manager Accountability
Use the "Executive Summary" tab and sort by Completion Rate to identify departments where engagement is lagging. Reach out to those managers directly to ensure the program is prioritized.
3. ROI Validation
The Lured by Emotion over Time graph allows you to verify if your training is working. The goal is to see the Lured Rate decrease steadily over a 12-month period.
Data Set Definitions:
Training Reports Dashboard Definitions
These datasets measure user engagement, knowledge retention, and overall compliance status.
General Performance Metrics
Completion Rate: The count of users who completed the training quiz (counting both passes and fails) divided by the total number of trainings sent.
Drop Off Rate: The count of users who did not complete the quiz at the end of the training divided by total trainings sent.
Total Enrolled: The total number of unique users enrolled in any training session within the NINJIO platform.
Total Completed: The raw count of users who completed the end-of-training quiz.
Total Incomplete: The raw count of users who viewed or started training but did not finish the quiz.
Average Quiz Performance: The average score achieved by users on quizzes following training completion.
Avg Completion Time (Days): The average number of days it takes for a user to complete a training after being enrolled.
Engagement & Scoring
Total Score: The sum of a user's Engagement Points and Exam Points.
Engagement Points: Points awarded based on view speed: 2 points for viewing within 24 hours, 1 point within 72 hours, and 0 points thereafter .
Exam Points: Points awarded based on quiz accuracy: 3 points for 100% on the first try, 2 points for 75% on the second try, and 1 point for 50% on the third try .
Training Status Categories
Assigned: The training is designated for the user, but they have not yet been enrolled.
Enrolled/Not Started: The user is officially in the training but has not yet opened the material.
In Progress: The user has started the training but has not reached the quiz.
Passed/Failed: Indicates the final result of the user's quiz attempt.
Finished: The user completed the training material but opted not to take the quiz.
Phishing Reports Dashboard Definitions
These datasets track organizational vulnerability and identify specific psychological triggers.
Key Vulnerability Metrics
Participants: The count of distinct users who were sent a simulated phishing attack.
Lured Rate: The count of distinct attacks that resulted in a "lure" (interaction) divided by total attacks sent.
Distinct User Lured Rate: The count of unique users who were lured at least once divided by total participants.
Time to Lure (Hours): The average amount of time that passes before an employee is successfully lured.
Reported Rate: The percentage of total attacks that were successfully reported by users.
Susceptibility & Risk Bucketing
High Risk: Users with three or more total negative phishing events (clicks or data submission).
Medium Risk: Users with one or two total negative events.
Low Risk: Users with zero negative events.
Emotion: Indicates which psychological trigger (e.g., Greed, Fear, Urgency) was used in the simulation.
Phishing Event & Interaction Types
Web Page Interaction: The employee engaged with the phishing landing page.
Email Interaction: The employee interacted with the simulated phishing email itself.
Attachment Interaction: The employee opened a simulated malicious attachment.
Form Interaction: The employee filled out data fields within the phishing test.
QR Interaction: The user scanned a simulated malicious QR code.
Submitted Sensitive Information: The number of times users actually provided company or personal data during an attack.
Email Reported: The only positive metric, indicating the user successfully flagged the email as suspicious to the correct team.
Comments
0 comments
Please sign in to leave a comment.