The Blockbuster Moment: How AI Is About to Reshape Security Awareness Training

In 2010, Blockbuster filed for bankruptcy. Not because people stopped watching movies. Because a company built on a different model — streaming, no late fees, algorithmic recommendations — made the old model irrelevant overnight.

The same pattern has played out across industry after industry. Spotify didn't just digitize CDs. Canva didn't just put Photoshop in a browser. Netflix didn't just mail DVDs faster. Each one rebuilt the entire value chain on new technology, which allowed them to offer something the incumbents structurally couldn't match.

Security awareness training is next.

The Pattern of Disruption

Every disruption follows the same playbook:

Stage 1: A manual, expensive process becomes the industry standard. In music, it was recording studios and CD pressing plants. In SAT, it's human-created training modules, manually configured campaigns, and per-seat licensing.

Stage 2: New technology collapses the cost of the core activity. Digital recording collapsed music production costs. AI is collapsing the cost of generating training content and running security simulations.

Stage 3: A new entrant builds on the new technology from scratch. Spotify didn't retrofit streaming onto a CD distribution network. They built a streaming-native platform. The result was a fundamentally different cost structure that enabled a fundamentally different business model.

Stage 4: The new model makes the old model look absurd. Paying $18.99 for a CD when you could stream unlimited music for $9.99/month. Paying $2–$5 per seat per month for SAT when you could train unlimited users for a flat $299/month.

We're entering Stage 3 right now in the SAT market. And the MSPs who recognize it early will have a cost advantage their competitors can't match.

Why Incumbents Can't Just "Add AI"

This is the part that catches people off guard. If AI is so transformative, why can't KnowBe4 or Proofpoint just add AI features and maintain their position?

They can add AI features. They already are — KnowBe4 launched AIDA (AI-Driven Awareness), and others are layering AI assistants onto their platforms. But there's a fundamental difference between bolting AI onto a legacy platform and building on AI from the ground up.

The content library problem. KnowBe4 has invested 15+ years and millions of dollars building a library of 1,300+ training modules. That library is a competitive moat — and also an anchor. Their business model depends on the value of curated, human-created content. If AI can generate equally effective (or better) training content on demand, that library goes from asset to liability.

They can't cannibalize their core product. It's the innovator's dilemma in textbook form.

The pricing structure problem. Per-seat pricing is baked into every incumbent's revenue model, partner agreements, and financial projections. Moving to flat-rate pricing would require them to either dramatically reduce revenue per customer or dramatically increase the number of customers. Neither is easy for a company with established revenue expectations and investor obligations.

The architecture problem. Legacy SAT platforms were designed around a workflow: create campaign → target users → schedule delivery → collect results → generate report. Every step assumes a human operator. Bolting AI onto this workflow can make individual steps faster, but it doesn't eliminate the workflow itself.

AI-native platforms don't have a campaign workflow to bolt AI onto. The AI is the workflow. Content generation, personalization, simulation delivery, and reporting happen automatically and continuously — not in discrete human-managed campaigns.

What AI-Native SAT Actually Means

The term "AI-native" gets thrown around loosely. Here's what it means concretely in the context of security awareness training:

AI-generated content, not a static library. Instead of selecting from a library of pre-built modules, the AI generates training content tailored to each user's role, industry, and risk profile. A finance manager at a healthcare company gets different training than a sales rep at a tech firm. The content adapts based on what each user has already learned and where they're most vulnerable.

This doesn't mean the content is generic or lower quality. It means it's personalized at a scale that would require thousands of library modules to approximate manually — and it's always current, reflecting the latest threat landscape rather than the threats that existed when a module was filmed.

AI-generated phishing simulations, not template selection. Traditional platforms offer libraries of phishing templates that administrators select and schedule. AI-native platforms generate phishing emails dynamically, using the same techniques that real attackers use — including contextual information, current events, and social engineering tactics tailored to the individual recipient.

The result is phishing simulations that are genuinely unpredictable, not recognizable patterns that employees learn to spot by format rather than by analysis.

Autonomous operation, not automated workflows. Automation takes existing steps and does them faster. Autonomy eliminates the steps. An AI-native SAT platform doesn't automate the "create a campaign" step — it doesn't have a "create a campaign" step. Training, simulations, and reporting happen continuously without discrete campaigns to configure, schedule, or manage.

Adaptive difficulty, not one-size-fits-all. Users who consistently identify phishing attempts get progressively harder simulations. Users who struggle get more foundational training before facing advanced scenarios. This happens automatically, without an administrator manually segmenting users into groups and assigning different training tracks.

The Cost Implications

The reason this matters for MSPs isn't philosophical — it's financial. AI-native architecture fundamentally changes the cost to deliver SAT:

Content creation: from expensive to near-zero. Producing a single training video module costs $5,000–$20,000 in production, talent, scripting, and editing. AI generates equivalent content at near-zero marginal cost.

Campaign management: from hours to zero. The 12–19 hours per month of admin time that MSPs spend on SAT administration disappears when there are no campaigns to manually configure.

Scaling: from linear to flat. Adding one more user to a traditional platform costs $1–$5/month. Adding one more user to an AI-native platform costs effectively nothing.

When your cost to deliver scales to near-zero, your pricing can reflect that reality. A flat $299/month becomes not just viable but logical — and structurally impossible for incumbents to match while maintaining their per-seat revenue model.

What This Means for MSPs

If you're running an MSP in 2026, the SAT landscape is splitting into two eras:

The legacy era (2010–present): Per-seat pricing, static content libraries, manual campaign management, and the 12–19 hour monthly admin tax. Dominated by KnowBe4, Proofpoint, and others who built excellent products for the pre-AI world.

The AI-native era (now–forward): Flat-rate pricing, dynamic AI-generated content, autonomous operation, and zero admin time. Just emerging, with platforms like DefendWise leading the shift.

MSPs who move to AI-native SAT now lock in three advantages:

Cost advantage. At $299/month flat versus $1–$5/seat/month, your SAT cost drops 60–97% depending on seat count. That's money you can reinvest, pass through as margin, or use to compete on price.

Coverage advantage. When SAT costs the same regardless of seat count, you train everyone. No more selective coverage, no more liability gaps, no more awkward conversations about which clients "qualify" for training.

Operational advantage. Eliminating 12–19 hours of monthly admin time frees up your team for billable work. That's real capacity returned to your operation.

The First-Mover Window

Disruption patterns are predictable, but the timing of adoption isn't. There's a window — typically 18 to 36 months — between when a new model proves itself and when it becomes the obvious default.

We're in that window now for AI-native SAT. The technology works. The pricing is live. The early adopters are seeing real results. But the majority of MSPs are still on legacy platforms, either because they haven't evaluated alternatives or because switching costs feel high (they're not — most AI-native platforms connect to the same directories and can be deployed alongside existing tools).

The MSPs who move during this window get the cost advantage while their competitors are still paying per-seat. The ones who wait will eventually switch too — but they'll do it after the early movers have already used the savings to compete more aggressively.

Blockbuster had a chance to buy Netflix in 2000. The incumbents in SAT have a chance to reinvent themselves on AI. History suggests most of them won't move fast enough.

The question for your MSP isn't whether AI-native SAT will become the standard. It's whether you'll be an early mover or a late follower.

---

DefendWise is AI-native security awareness training for MSPs. $299/month. Unlimited users. Zero admin. Explore the platform →