chat
expand_more

From Ineffective to Intelligent: Rethinking SAT with AI-Driven Insights

Discover why traditional security awareness training isn’t reducing human risk and how AI-driven, personalized training can transform SAT effectiveness in 2025.
May 13, 2025

Despite the billions spent each year on advanced cybersecurity technologies, one vulnerability continues to persist: people. Human error remains the leading cause of successful cyberattacks, and most of today’s most damaging threats—like phishing, social engineering, and business email compromise—rely on human action to succeed.

To understand how organizations are addressing this persistent issue, Abnormal commissioned independent research from the AimPoint Group, surveying more than 300 IT and security leaders across the United States and the United Kingdom. While nearly every organization is investing in security awareness training (SAT), most believe their current efforts aren’t reducing risk effectively. But there's a path forward—one powered by personalization, just-in-time coaching, and AI.

Avoidable Mistakes Are Still Widespread—And Expensive

According to the research, 99% of organizations experienced at least one avoidable security incident in the past year. These incidents were most often caused by user actions like clicking malicious links or mishandling credentials—errors that could have been prevented with more effective training.

And the cost is real. Business email compromise (BEC) attacks now cost organizations an average of $137,000 per successful incident, with phishing responsible for 77% of advanced attacks. It’s clear that no matter how strong technical defenses are, addressing human behavior is essential to protecting the enterprise.

SAT 1

Security Awareness Training Is High Effort, Low Impact

Most organizations offer SAT—75% require training at least quarterly—but it’s often treated as a compliance checkbox rather than a driver of behavior change. Outdated content leads to disengagement, and employees frequently bypass training by sharing answers.

Even with significant investment, 83% say SAT tools require too much effort to manage, and 53% believe the results aren’t worth it. Measuring effectiveness is another challenge, with most teams relying on phishing simulations or user surveys—tools that provide little insight into real-world risk reduction.

SAT 2

What High-Performing Programs Do Differently

Organizations with more mature SAT programs take a different approach. They’re more likely to use just-in-time (JIT) training, which delivers micro-lessons to employees at the exact moment they engage with a potential threat—when it matters most.

They also invest in personalized, role-specific content that’s relevant to each employee’s unique responsibilities and risk profile. 51% of respondents cited awareness/training content that is relevant to each individual user/employee as one of the most important capabilities/characteristics of their ideal SAT solution.

SAT 3

Security Leaders Are Ready for Change

Security teams aren’t just thinking about improving security awareness—they’re making it a top priority. In fact, every leader we surveyed said they plan to enhance SAT over the next year, and 78% are turning to AI to make it happen.

Why AI? Because it makes things easier—and more effective. It can take the heavy lifting off your team by automatically creating personalized phishing simulations, delivering real-time coaching, and adjusting content based on user behavior, without requiring a full team to manage it.

SAT 4

The AI Phishing Coach: Training That Adapts to People

Most SAT programs demand too much from admins and deliver too little to employees. Abnormal built the AI Phishing Coach to change that.

Powered by generative AI, it delivers real-time coaching, personalized phishing simulations, and role-specific training based on real-world threats and individual behavior. It even generates custom training videos automatically, reducing effort while improving engagement. The result is smarter training that’s engaging, adaptive, and built for how people actually learn.

Learn more about AI Phishing Coach.

The Future of SAT Is Personal, Timely, and Effortless

Security leaders agree that traditional SAT programs aren’t enough. To truly reduce human risk, training must be relevant, engaging, and easy to manage at scale. The right solution makes that possible—and the latest research shows how.

Whether you’re starting from scratch or refining an existing program, our new SAT report offers data-driven insights to help you shift from checkbox compliance to meaningful behavior change.

Learn more by downloading the 2025 State of Security Awareness Training report today!

Get the Report
From Ineffective  to Intelligent:  Rethinking SAT with AI-Driven Insights

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Discover How It All Works

See How Abnormal AI Protects Humans

Related Posts

High Scale Aggregation Cover
At Abnormal AI, detecting malicious behavior at scale means aggregating vast volumes of signals in realtime and batch. This post breaks down how we implemented the Signals DAG across both systems to achieve consistency, speed, and detection accuracy at scale.
Read More
B CISO SAT
Discover how modern CISOs are evolving security awareness training from a compliance checkbox into a strategic, AI-powered program that drives behavior change and builds a security-first culture.
Read More
B Regional VEC BEC Trends Blog
Regional analysis of 1,400+ organizations reveals how geography shapes email security risks. See which regions are most vulnerable to VEC vs BEC.
Read More
B HTML and Java Script Phishing
Explore real phishing attacks that use HTML and JavaScript to bypass defenses and learn what makes these emails so hard to detect.
Read More
B Custom Phishing Kits Blog
Brand-specific phishing kits are replacing generic templates. Learn how these custom phishing kits enable sophisticated impersonation attacks.
Read More
B Healthcare
Discover how healthcare security leaders are defending against AI-powered threats. Learn why identity and email are the new frontlines—and what it takes to protect the human element.
Read More