The second most popular way to hijack a computer would be to have that device visit a malicious website. You might have a local Antivirus product installed on your computer that has ‘Web Protection’ features, however most if the time it is too late. Changing your DNS to a OpenDNS that has blacklisted malicious sites is fast and most of all free.
As a administrator one of the time consuming tasks is to review and release quarantined emails. Why not let end users do it themselves?>
One of the methods used by scammers is to impersonate someone from your own domain name, e.g. you get an email from firstname.lastname@example.org telling you open email attachments or click links. One of the best ways to stop this is using DKIM, DMARC and SPF.
So your administrator has enforced multi-factor authentication for Microsoft 365. Here is how you setup MFA for your Microsoft 365 account.
How to renew the SSL certificate for Remote Access VPN in Cisco Firepower Management Center.
A good way to help users not fall victim to email phishing attacks is to let them know when an email is External. Emails may pretend to be from a ‘Internal’ person can be marked so it helps the end user make a informed decision on opening links contained.