Introduction

Implementing a cybersecurity awareness program is an essential first step. But for it to truly be effective, employees must genuinely engage with it. In this article, we share practical, actionable tips to maximize Albert’s long-term impact — from platform configuration to internal communication, and even HR processes integration.

1. Optimize Your Settings for Better Engagement

Here are three best practices to improve course completion rates over time.

Note: some of you may already be applying part of this advice.

1️⃣ Personalize course reminders

Configure course reminders to be sent on behalf of the IT Manager rather than Albert. We also recommend activating manager sponsorship, if managers are properly set in your tenant.

📈 Why? Completion rates are significantly higher when the message comes from a manager or another recognized internal contact.

2️⃣ Enable escalation to managers

Use the escalation feature to further involve managers. They can directly follow up with their teams and play their role as security advocates.

3️⃣ Target your audiences smartly

With smart groups, you can target specific populations:

at-risk employees (e.g., after failing a phishing campaign),
those behind on their introductory course,
or new hires.

This is also extremely useful to segment your phishing campaigns!

4️⃣ Interact with Albert

Ask Albert allows employees to ask questions and actively interact with Albert. This strengthens Albert’s role as a cybersecurity coach while letting you add your own documents to enrich the exchanges.

2. Strengthen communication around the program

The success of a training program also strongly depends on communication throughout the year. Here are some best practices to deliver the right messages, at the right time, through the right channels.

1️⃣ Use Riot’s available resources

A communication kit is at your disposal (Albert and Riot logos, channel-specific documentation). It is available in multiple languages for easier distribution.

2️⃣ Be clear and impactful in your messaging

Adapt your messaging to the channel used (email, Slack, posters, etc.). A good announcement email should ideally include:

The date from which the courses will be launched,
The approximate number of courses received per month,
Course duration (maximum 5 minutes),
The employee portal to encourage accountability through points and gamification.

💡 Tip: Remind employees that they each play an active role in the company’s cybersecurity. They can also track their progress, score, and data breaches directly in their portal.

✉️ Example introduction email:

Subject: Cybersecurity is everyone’s business

Hello everyone,

On XX, we will be welcoming a new team member, Albert!

Albert is 100% remote — or rather, 100% digital.

He will reach out to you soon by email/Slack/Teams/Google Chat to get to know you.

Albert is joining us as a cybersecurity companion to help us improve our company’s security.

He’ll remain discreet, but he will take 3 to 5 minutes of your time each XX to teach you the right cybersecurity reflexes.

Thank you for giving him a warm welcome.

And as Albert likes to say: cybersecurity won’t wait!"

3️⃣ Vary your communication channels

Mix different formats:

Targeted emails,
Internal messages (Slack / Teams…),
Office TV screens,
Flyers and posters in high-traffic areas,
Videos, flyers, slides during all-hands meetings…

💡 Tip: screens near the cafeteria are perfect for short and visual messages!

4️⃣ Pace your communications throughout the year

Plan your communication:

One week before launch,
On launch day,
And regular reminders.

💬 Combine automated Riot reminders with “human” follow-ups. Find the right tone: formal, playful, competitive between teams… depending on your company culture!

📧 Example reminder email:

Subject: Importance of awareness training

Hi [Name],

It seems you haven’t completed Albert’s awareness courses for several weeks, despite the reminders.

It’s important that each of us follows these cybersecurity awareness courses, which are essential to protect our data and maintain our compliance program.

As this is a regulatory requirement, we are counting on you to complete these short 2–3 minute courses.

Albert will contact you again shortly, so stay tuned.

Thank you for your understanding!

Best regards,

3. Make Albert a mandatory step

Making Albert a structured step in the employee journey increases its impact. Here’s how:

1️⃣ Involve new employees from day one

Add a short presentation of Albert to onboarding (slide, visual, quick demo), explaining:

How the courses work,
Their duration,
Their frequency,
Their purpose.

2️⃣ Reward your teams

Gamify the experience! Some ideas:

Internal leaderboards (team or individual),
Rewards via the works council (goodies, badges, etc.),
Inter-department challenges or competitions.

Choose a format that fits your culture, test it, iterate.

3️⃣ 3 effective levers to implement

Here are 3 effective levers:

Set completion goals with clear deadlines:
- For existing employees, set a minimum course completion rate (e.g., 80%) to reach before a defined date, and communicate clear deadlines.
- For new hires, make the first 4 courses mandatory as part of their onboarding process.
Add Albert to internal documents: explicitly mention Albert usage and course follow-up in your IT charter, internal regulations, or any contractual document signed by employees.
If you want to go further, implement disciplinary measures: formal reminders or HR sanctions if courses are not completed despite multiple reminders.