Industrial Cybersecurity & OT Risk worked example

Phishing Training Savings at 72% workforce coverage by training program: a worked example

Here is what the math looks like when conditions slip. We hold every other input steady and drop workforce coverage by training program to 72%, then walk the calculation through step by step. Estimate savings from phishing awareness and reporting improvements using reduced incident count, cost per incident, scope, and fixed program costs.

The inputs for this scenario

  • Phishing incidents avoided per year: 75 events (held at the documented default)
  • Loss avoided per phishing incident: 900 $ / event (held at the documented default)
  • Workforce coverage by training program: 72 % (the input this scenario stresses; the baseline uses 100)
  • Annual awareness program fixed cost: 18,000 $ (held at the documented default)

Working through the calculation

  • The calculation starts from the formula this tool documents: Variable phishing training savings = avoided phishing related events × cost avoided per event × training scope included.
  • Net phishing training savings works out to 66,600 $ at these inputs, and this is the headline figure for the scenario.
  • Cost avoided per event works out to 888 $ / event at these inputs.
  • Variable phishing training savings works out to 48,600 $ at these inputs.
  • Fixed awareness program cost works out to 18,000 $ at these inputs.

How this compares with the baseline

  • Against the tool's baseline example, where workforce coverage by training program sits at 100% and the headline result is 85,500 $, this scenario comes in 22.11% below the baseline at 66,600 $.
  • The practical read: the gap between this scenario and the baseline is entirely attributable to workforce coverage by training program, so recovering it is worth quantifying in dollars before considering equipment or staffing changes. The 'incidents avoided' figure is a modeled estimate, not a measured count - you can never prove an attack that did not happen, so anchor it to baseline click-rate reductions and industry incident-cost data rather than wishful numbers.

Results at a glance

  • Net phishing training savings: 66,600 $ (headline result)
  • Cost avoided per event: 888 $ / event
  • Variable phishing training savings: 48,600 $
  • Fixed awareness program cost: 18,000 $

Run it with your numbers

  • To rerun this with your own numbers, open the live Phishing Training Savings calculator, set workforce coverage by training program to your actual value, and adjust the remaining inputs to match your operation.

Last reviewed 2026-05-12.