NOC LIVE ยท 24/7/365 โฌข MICROSOFT PARTNER ยท MPN 3318934 ๐Ÿ“ NASHVILLE TN ยท NATIONWIDE SERVICE โšก EST. 2003 ยท 23+ YEARS NOC LIVE ยท 24/7/365 โฌข MICROSOFT PARTNER ยท MPN 3318934 ๐Ÿ“ NASHVILLE TN ยท NATIONWIDE SERVICE โšก EST. 2003 ยท 23+ YEARS
Home/ Services/ Security Awareness Training
/ 11 · Phishing Sim ยท Compliance Training ยท KnowBe4

Your weakest link
is the keyboard.

91% of cyberattacks start with phishing. Every firewall, EDR, and SIEM in the world doesn't matter if someone on your team clicks the link. We deploy industry-standard security awareness training (KnowBe4, Proofpoint, or similar) โ€” automated phishing simulations, micro-learning modules, and reporting that proves compliance to your auditors and your cyber-insurance carrier.

Security Awareness Training from Maverick Endeavors: automated phishing simulations, monthly training modules, compliance reporting (HIPAA, PCI, SOC 2, cyber insurance requirements), and remediation training for users who click. Built on KnowBe4 or Proofpoint depending on fit. Reduces phishing click-rate from industry average ~30% down to 2โ€“5% over 12 months.

Why training matters more than tools

You can buy the best firewall on the market, deploy SentinelOne EDR, and run a 24/7 SOC โ€” and one untrained employee clicking a phishing link can still wreck your company. Phishing accounts for 91% of successful breaches (Verizon DBIR). The single highest-ROI security investment most businesses can make is training their people to spot and report phishing.

Cyber insurance carriers know this. Many policies now require documented security awareness training as a condition of coverage. SOC 2, HIPAA, PCI-DSS, and CMMC audits ask about it explicitly. Compliance is the floor โ€” actual risk reduction is the ceiling.

What the program includes

  • Baseline phishing test โ€” we send realistic phishing emails to your team to establish your baseline click-rate (industry average is 27โ€“33%)
  • Monthly phishing simulations โ€” rotating templates, varied difficulty, realistic urgency
  • Bite-sized training modules โ€” 3โ€“5 minute videos on phishing, social engineering, password hygiene, MFA, physical security, AI-generated scams
  • Just-in-time training โ€” users who click a sim get auto-enrolled in remedial training that day
  • Compliance modules โ€” HIPAA, PCI-DSS, GDPR, SOC 2 โ€” assigned based on role and industry
  • Reporting dashboard โ€” auditor-ready training completion records, phishing click rates over time, top risk users
  • "Report Phish" button in Outlook/Gmail so users can flag real attacks for analysis

Platforms we deploy

We are platform-flexible based on fit:

  • KnowBe4 โ€” the market leader. Best content library, most realistic templates, deepest compliance coverage
  • Proofpoint Security Awareness โ€” strong for enterprise and accounts already on Proofpoint email security
  • Microsoft Defender for Office 365 Attack Simulator โ€” built into M365, no extra cost for clients with E5 licensing
  • Huntress Managed SAT โ€” for clients who want a fully-managed program with minimal admin overhead

Typical results

Measured against documented baselines:

  • Baseline click-rate: 27โ€“33% (industry average)
  • After 90 days: 12โ€“18%
  • After 6 months: 5โ€“10%
  • After 12 months of consistent program: 2โ€“5%

The drop is real, measurable, and reported monthly so you can show your insurance carrier, your auditor, and your board.

Frequently asked questions

Will the simulated phishing emails offend my team?

Used to be a concern; modern programs handle it well. We coordinate the rollout โ€” leadership communicates the program first, training comes before sims, and "gotcha" tone is avoided. Users who click get redirected to a calm training page, not a humiliating "YOU FAILED" screen. Done right, employees appreciate the training because it makes them more capable.

How much does it cost?

KnowBe4 / Proofpoint pricing typically runs $25โ€“$60 per user per year depending on platform, tier, and features. For 50-user organizations expect roughly $2,500โ€“$3,500 annually plus our setup and management fee. Included as a feature in our higher managed-IT tiers; standalone for accounts that just want the training program.

Do you handle the actual training rollout?

Yes. We configure the platform, segment your users, schedule the simulations, deploy training assignments, monitor completion, follow up with non-completers, and deliver monthly reporting to your team. You don't have to learn the admin console unless you want to.

Will this satisfy our cyber insurance requirements?

For the vast majority of policies, yes. We work with clients to document the program in the format their carrier wants โ€” training completion logs, phishing click-rate trends, policy acknowledgments. We can talk to your broker directly if needed.

What about AI-generated phishing attacks?

Major training platforms have updated their content libraries for AI-generated phishing (deepfake voice calls, AI-written spear-phishing emails, video deepfakes for business email compromise). 2025โ€“2026 training modules explicitly cover this. Our recommended programs are current on these threats.

Want to talk about Security Awareness Training? Call 615-274-9555 or book a free consultation. We'll be straight with you about whether we're the right fit.