Based on an average retention rate of about 75 percent (Ponemon attributes this to The Learning Pyramid from National Training Laboratories in Bethel, Maine, though its accuracy has been called into question), Ponemon estimates a net long-term improvement in fighting phishing scams of 47.75 percent.
With phishing costing an average-sized organization $3.77 million, Ponemon estimates a cost savings of $1.80 million, or $188.40 per employee/user. Wombat's fee comes in at $3.69 per employee, so a little quick math leads to a net benefit of $184.71 per user — a one-year rate of return of 50X.
"This is yet another proof point that an overall security posture is multifaceted and needs to include employee education to prevent against increasingly more sophisticated phishing attacks, which leave companies vulnerable to significant losses and business disruption," Joe Ferrara, president and CEO of Wombat Security Technologies, said in a statement today. "This research reveals the compelling value and ROI from putting in place a comprehensive security training program. Our methods have shown that a continuous training methodology does change employee behavior and reduce risk within an organization."
Sign up for CIO Asia eNewsletters.