Integration: SOC 2 Security Awareness Training with Curricula


by Adam Markowitz

March 09, 2022
Our newest integration is here: SOC 2 security awareness training with Curricula. Meet your requirements while making training fun.

Drata’s newest integration is here: SOC 2 security awareness training with Curricula. Curricula is a fun security awareness training platform that uses story-based learning to communicate cyber risk to employees.

And the best part: Curricula is free for up to 1,000 employees to get started and includes everything you need to train your team and meet your SOC 2 employee training requirement.

Why We Integrated Curricula’s SOC 2 Security Awareness Training in Drata

More than 90% of cyber attacks start with human error, mostly originating with phishing emails leading to data breaches. While security awareness training is a requirement for SOC 2 compliance, the effectiveness of training is more important to defend against cyber attacks. Additionally, the process to prove that all of your personnel have completed security awareness training can be difficult to track without a platform like Drata, often requiring employees to take screenshots of their completion for security and IT departments to submit to auditors. 

Now with the new Curricula integration, Drata users can experience Curricula’s simple security training to automate evidence collection in Drata’s platform—further streamlining the SOC 2 audit. Users will be automatically reminded to complete their SOC 2 security awareness training, which is a requirement for many compliance frameworks. This partnership is yet another step in our commitment to continuous compliance monitoring and ensuring that companies get and stay audit-ready.

Curricula-1024x497 (1)

Curricula’s SOC 2 security awareness training takes a unique approach to educating employees about cybersecurity. Users can learn about security through fun and interactive training episodes (about 5-10 minutes long). Admins can also run simulated phishing training exercises to teach employees how to defend against DeeDee, Curricula’s fictional cyber mastermind.

The SOC 2 security awareness training meets the requirements for companies to pass their SOC 2 audit and helps employees embrace a security-first mindset—something that has been part of Drata’s culture since day one.

In fact, Drata uses Curricula for its own SOC 2 security awareness training. As part of employee onboarding, Drata team members complete training within the first three days of onboarding. Curricula also sends Drata employees some of the most convincing phishing simulation emails we’ve seen, ensuring we reinforce that security-first culture at Drata. 

“When I met Adam and the Drata team, I immediately recognized their values aligned with Curricula. Our combined mission is to help organizations go above and beyond checking the box and move towards creating highly effective security outcomes,” said Curricula’s CEO, Nick Santora. 

How Curricula’s Integration Works


Getting started with Curricula’s SOC 2 security awareness training is easy.

Before diving in, if you’re new to Curricula, you need to create your account and complete the setup (remember, it’s completely free for organizations with less than 1,000 personnel).

Once you create your Curricula account, you’ll sign in to Drata, and then be prompted to connect the account and asked to log in and accept Drata’s connection request and choose an assignment. The last step is making sure you verify Curricula as your training provider. Drata customers can view detailed instructions on how to enable and connect to Curricula security training here (you must be logged in to view). Now you’re officially connected and ready to defend against DeeDee! Log into Drata, go to Security Training and select “Use Curricula for Security Awareness Training” to join the mission to Defend Against DeeDee and meet your SOC 2 security training requirement.

The Drata Newsletter

Trusted is Drata’s newsletter focused on the world of compliance, security, data privacy, and everything in between.


The Drata Community

Screen Shot 2022-07-13 at 9.45 1
Resources for you
SOC 2 policies

12 Commonly Recommended Security Policies for SOC 2

Drata + AssuranceLab

Why AssuranceLab Joined Drata’s Auditor Alliance

Asset - Compliance Uncomplicated - Nemean Services

Compliance Uncomplicated Episode 5: An InfoSec Perspective to Digital Security Success With Nemean Services

Adam Markowitz
CEO and Co-Founder