Module structure

The 5-block module architecture

Every module in the 12-month library follows the same structure. Total time: 8–12 minutes. Deliverable monthly, accessible on-demand via LMS. This template is the production brief for every content creator, AI video tool, and platform admin on the program.

1
HookVideo · 2–3 min

Story-led open. Fictionalized real SMB incident. First-person narration from the employee who made the mistake. Creates a reason to keep watching before a single tip is given.

Rule: Open with a consequence, not a definition. Never start with 'In today's digital landscape...'

2
TeachInteractive · 3–4 min

Core instructional content. How the attack works, what the attacker is trying to achieve, and where the vulnerability is. Visual diagrams, annotated screenshots, or interactive inbox exercises. Never bulleted policy slides.

Rule: One mechanism, clearly explained. Maximum two key points per script. Three points = two scripts.

3
PracticeBranching scenario · 2–3 min

2–4 branching decision scenarios with visible consequences. Wrong choices show what would have happened. Right choices show the attacker's frustration. No grading — only learning.

Rule: Scenarios need a named character, a specific company context, a realistic attacker motivation, and a real decision moment.

4
ChecklistAction task · 1 min

One concrete, specific action the employee completes before end of day. Completion tracked in platform. Examples: 'Enable MFA on your personal email tonight.' 'Change your weakest password right now.'

Rule: One specific, actionable behavior. Not 'be careful' — a trackable task.

5
Knowledge CheckScenario quiz · 2 min

5 scenario-based questions only. Never true/false. Never policy trivia. Scores feed directly into the employee's live risk score. Fails auto-trigger targeted micro-remediation, not a full re-take.

Rule: Wrong answer feedback required: 1–2 sentences explaining why the choice was wrong, with the correct behavior stated explicitly.

Supplemental content formats

Threat of the Month

2-min awareness blast first Monday of each month. Tied to a real recent attack. No training required.

Pocket Reference Cards

One-page printable quick-ref for high-stakes processes: wire transfers, suspected phish, incident response. Max 7 items.

Micro-Remediation

60–90 second focused correction triggered by a failed sim or failed quiz. Just the specific missed concept, delivered instantly.

Team Tabletop

Quarterly 20-min facilitated exercise. Scenario-based, discussion-driven. Printable facilitator guide. No tech required.

Leadership Briefing

Quarterly 5-min PDF digest for owners/executives. Risk score, trend, notable incidents, upcoming threats.

New Hire Onboarding

Auto-enrolled Day 1 via HR integration. Compressed 3-module sequence (phishing, passwords, data handling) completed within 2 weeks.