"Clicked Link" level of confidence?

Honestly I went through something similar.  Then I went to select a couple training videos and or sessions from Phish threat and I realized that most can be done in less than 15 minutes.  To keep things fair I just stated that some people failed but training, even additional training never hurts anyone and I scheduled out 2 or 3 of them.  Gave everyone 2 weeks to complete all 3 and had no complaints.  Actually most people found them fun or a good change from their normal routine.  Now I shoot some out every 6 months or so to give everyone a reminder/brush up.  I also try to find an article on a scam that would relate to workers on a personal level and send out an email blast outlining the scam/phish threat and how to avoid it.  I find that a personal level makes things more pertinent to the users and they seem more driven to understand it.  After I started doing that I actual had multiple users come to me with questions.  A good one to start with is haveibeenpwned.com

Just a thought.

Honestly I went through something similar.  Then I went to select a couple training videos and or sessions from Phish threat and I realized that most can be done in less than 15 minutes.  To keep things fair I just stated that some people failed but training, even additional training never hurts anyone and I scheduled out 2 or 3 of them.  Gave everyone 2 weeks to complete all 3 and had no complaints.  Actually most people found them fun or a good change from their normal routine.  Now I shoot some out every 6 months or so to give everyone a reminder/brush up.  I also try to find an article on a scam that would relate to workers on a personal level and send out an email blast outlining the scam/phish threat and how to avoid it.  I find that a personal level makes things more pertinent to the users and they seem more driven to understand it.  After I started doing that I actual had multiple users come to me with questions.  A good one to start with is haveibeenpwned.com

Just a thought.