One click. £4.35M. Every 39 seconds.
91% of successful breaches begin with a human clicking something they shouldn't. We don't teach awareness. We build the instinct that prevents the click — across every one of your 150 employees, in 1 week. 5 cohorts delivered in 5 days.
The Stakes
Firewalls hold. EDR holds. MFA holds. The human layer is the one your competitors are being breached through this week — and it's the one your budget hasn't yet fixed. This proposal fixes it, permanently, for less than the cost of a single incident response retainer.
Of breaches begin with a phishing email
Average UK breach cost, 2024
Average time to identify and contain
Eight pillars, delivered as immersive live sessions — not slide decks. Every module ends with a rehearsed behaviour, not a completion tick.
The exact attacker playbooks currently targeting organisations like yours — mapped to your industry and stack.
Why smart, careful people click. Urgency, authority, curiosity — dismantled, then rehearsed until instinct replaces impulse.
Live impersonation drills. Voice, email and Slack pretexts, so the first time your team sees one, it isn't the real one.
URL, header and sandbox literacy — the 30-second checks that catch 95% of what makes it past the filter.
The two minutes after a click decide the blast radius. We drill those two minutes until they're muscle memory.
The single behavioural shift with the highest ROI: making it psychologically safe — and fast — to raise a hand.
Translating your security policy into the tiny decisions employees actually make on a Tuesday morning.
Post-training micro-tests, quarterly re-baselines, and a decay curve that stays flat — not the industry's 14-day cliff.
Every KPI below is baselined, tracked weekly, and reported in your board-ready posture pack.
Move the sliders. This is the risk you're carrying today.
A framing exercise
Option A — Approve this week
£9,975
Option B — Defer 12 months
£4,350,000 (expected)
You are already choosing. Not signing this proposal is choosing Option B.
£65 per employee. Less than one hour of average UK enterprise IT support. No add-ons, no per-seat surcharges, no renewal traps.
Total, All-In
£9,975
£1,995 per cohort × 5 groups · £65 per person
Executives first — because that's who the attackers target first.
Programme duration: 1 week · 5 cohorts delivered across 5 consecutive days · Kickoff within 14 days of approval
Reference / Peer CISO
"The single most effective behavioural change we've implemented in five years. Click-rate dropped 89% by week six. The board asked why we hadn't done it sooner."
Sarah Jenkins
CISO, Vector Global Systems · 2,400 employees
89%
Click reduction
6 wks
Time to effect
Baseline click-rates in untrained UK enterprises sit between 18–28%. On a 150-person org, that's a statistical certainty of a successful phishing event inside 12 months. The £9,975 investment is 0.23% of the average UK breach cost. The question isn't whether you can afford this — it's whether you can afford the alternative.