The Hidden Cost of Managing Security Awareness Training: An MSP's Guide to Admin Time
Per-seat SAT fees are only half the story. The 12–19 hours of monthly admin time your team spends on campaign management is costing you $7,200–$11,400/year in unbillable labor.
Jono
DefendWise
The Hidden Cost of Managing Security Awareness Training: An MSP's Guide to Admin Time
When MSPs evaluate security awareness training platforms, they focus on the obvious number: the per-seat price. $1.50/user/month? $2.50? $4.99? The license cost is easy to compare, easy to model, and easy to present to leadership.
But there's a second cost that rarely makes it into the spreadsheet — and it's often larger than the license fee itself.
It's the time your team spends running the training.
The Admin Tax Nobody Talks About
Security awareness training platforms don't run themselves. Even the ones that claim to be "simple" or "easy to use" require a human being to do the following tasks, repeatedly, across every client:
Campaign creation and scheduling. Every phishing simulation and training campaign needs to be created, configured with the right templates, targeted to the right user groups, scheduled for the right dates, and tested before launch. For a multi-client MSP, this isn't a one-time setup — it's an ongoing cycle.
User management. Employees join companies. Employees leave companies. Employees change departments. Every change needs to be reflected in your SAT platform. Without automated directory sync (and even with it, in many cases), someone on your team is manually adding, removing, and updating user records.
Phishing template selection and customization. The best phishing simulations are tailored to each client's industry and context. A law firm shouldn't get the same phishing template as a manufacturing company. Someone has to review templates, select appropriate ones, and potentially customize them for each client.
Report generation and delivery. Clients want to see their numbers. Compliance auditors require them. Someone has to pull reports from the platform, format them into something presentable, add context and commentary, and deliver them to each client. Monthly. For every client.
Exception handling. Executives who don't want to be phished. New hires who need onboarding. Users who failed a simulation and need remediation. VIPs who need different training tracks. Every exception is a manual intervention.
Platform maintenance. Software updates, SSO configuration, API integrations, directory connections, alert configurations. The platform itself needs care and feeding.
Quantifying the Time
How much time does all of this actually take? The answer varies by platform and the number of clients you manage, but the industry range for a typical MSP running SAT across 10–25 clients is 12 to 19 hours per month.
Here's a rough breakdown:
| Task | Hours/Month (Estimated) |
|---|---|
| Campaign creation and scheduling | 3–5 |
| User management and directory sync | 2–3 |
| Phishing template selection/customization | 1.5–2.5 |
| Report generation and client delivery | 3–4 |
| Exception handling | 1–2 |
| Platform maintenance and troubleshooting | 1.5–2.5 |
| Total | 12–19 |
At a fully loaded cost of $50/hour for a technician or security analyst, that's $7,200 to $11,400 per year in labor — just to keep SAT running.
And that's assuming things go smoothly. A platform migration, a major client onboarding, or a compliance audit can double those hours in a given month.
Why It Matters More Than You Think
Admin hours are a sneaky cost because they don't show up as a line item. They show up as opportunity cost.
Those 15 hours per month are unbillable. Your team is spending time on internal operations, not client-facing work that generates revenue. A senior technician doing SAT administration for 15 hours a month is a senior technician who isn't doing 15 hours of billable project work.
It doesn't scale gracefully. Adding five new clients doesn't add a proportional amount of admin time — it adds more than proportional, because each new client means new user lists to manage, new campaign configurations, new reporting obligations, and new exception requests.
It creates key-person risk. In most MSPs, SAT administration falls to one or two people who know the platform. When they're on vacation, sick, or leave the company, campaigns don't get launched, reports don't get pulled, and the whole program stalls.
It discourages coverage expansion. The admin burden is a real reason MSPs don't train all their clients. It's not just the per-seat cost — it's the knowledge that every new client you add to the platform is another set of campaigns to manage, another report to generate, another user list to maintain.
The Admin Time by Platform
Not all platforms are created equal when it comes to admin burden. Here's a realistic assessment:
KnowBe4 (12–19 hrs/mo). The most full-featured platform, but also the most hands-on. Campaign setup is flexible but manual. Reporting is powerful but requires configuration. The sheer number of options means more decisions for your team to make at every step.
Proofpoint SAT (10–15 hrs/mo). Slightly less admin than KnowBe4, primarily because it has fewer features. If you're already in the Proofpoint email security ecosystem, integration is smoother. But campaign management is still manual.
Huntress SAT (3–6 hrs/mo). The "managed" approach meaningfully reduces admin time. Huntress runs campaigns on your behalf, which eliminates the biggest time sink. You're still responsible for user management and reviewing results, but the campaign creation burden is largely lifted.
Arctic Wolf (5–10 hrs/mo). Managed service with a dedicated concierge, which reduces some admin tasks. But initial setup and ongoing user management still require attention.
AI-native platforms like DefendWise (~0 hrs/mo). Full automation from enrollment through reporting. Connect a directory, and the AI handles campaign creation, content generation, phishing simulations, user management, and report generation. The admin time is effectively zero because there are no manual campaigns to configure.
Calculating Your True Cost of Ownership
The formula is simple but most MSPs never run it:
True Annual SAT Cost = (Per-Seat Fee × Seats × 12) + (Monthly Admin Hours × Hourly Cost × 12)
Let's run it for an MSP with 600 seats:
| Platform | License Cost | Admin Cost | True Cost | Effective Per-Seat |
|---|---|---|---|---|
| KnowBe4 Gold | $18,000 | $9,600 | $27,600 | $3.83/user/mo |
| Proofpoint | $10,800 | $7,200 | $18,000 | $2.50/user/mo |
| Huntress | $7,200 | $2,880 | $10,080 | $1.40/user/mo |
| Arctic Wolf | $28,728 | $4,800 | $33,528 | $4.66/user/mo |
| DefendWise | $3,588 | $0 | $3,588 | $0.50/user/mo |
When you include admin time, the gap between platforms widens significantly. KnowBe4's effective cost is nearly double its license cost. Even Huntress, which minimizes admin through its managed model, still carries some operational overhead.
The only way to truly eliminate admin cost is to eliminate the need for human campaign management entirely — which requires an AI-native architecture, not a managed service that still runs human-designed campaigns on your behalf.
What Zero Admin Actually Looks Like
It's worth being specific about what "zero admin time" means in practice, because it sounds like a marketing claim.
Here's the workflow on a fully automated, AI-native SAT platform:
- Connect your client's directory (Azure AD, Google Workspace, or CSV upload). This takes about 60 seconds.
- Users auto-enroll. No manual user creation. No seat counting. No group configuration.
- AI generates training content personalized to each user's role, industry, and risk profile. No template selection. No campaign scheduling.
- AI runs phishing simulations with dynamically generated emails tailored to each user. No manual phishing campaign setup.
- Reports generate automatically and are available on-demand in the portal. No report pulling. No formatting. No delivery scheduling.
There is no step 6. When a new employee joins the client's directory, they're automatically enrolled. When someone fails a phishing simulation, remediation triggers automatically. When a compliance audit is due, the report is already there.
The difference isn't "less admin." It's "a fundamentally different architecture that doesn't require admin."
Making the Business Case
If you're evaluating SAT platforms and admin time isn't part of your calculation, you're making a decision with incomplete data. Here's how to bring it to your leadership team:
Track your current admin hours for one month. Have whoever manages your SAT platform log their time by task category. You'll likely find the 12–19 hour range is accurate, if not conservative.
Calculate the fully loaded cost. Include salary, benefits, and overhead for the person doing the work. $50/hour is a reasonable benchmark for a mid-level technician.
Calculate the opportunity cost. What would that person be doing instead? If they're capable of $100/hour billable project work, the opportunity cost doubles the direct cost.
Run the true cost comparison. Use the formula above to compare platforms on total cost of ownership, not just license fees.
The platform with the lowest per-seat rate isn't necessarily the cheapest platform to run. The platform that eliminates admin time entirely might be the cheapest — even if the concept of "no admin" sounds too good to be true.
DefendWise eliminates SAT admin time entirely. AI handles everything from enrollment to reporting. $299/month, flat rate. See how it works →