how do you/your org deal with users who continually fail cybersecurity testing?

been working with a client that has a fairly well implemented KnowB4 on-boarding, continuous testing and remedial testing process. From a tech aspect, all working well.

the process falls apart from a management standpoint of how to deal with repeat, habitual "clickers" . They've asked me to provide input, but i'm running out of options. cant really limit internet use or email flow, usb is already disabled. It appears that the managers talking to the employees isnt helping much either. …

aspect client continuous continuous testing cybersecurity cybersecurity testing deal fail management org process tech testing working