The Total Economic Impact™ Of BlueVoyant Managed Security Services

Cost Savings And Business Benefits Enabled By BlueVoyant Managed Security Services

A Forrester Total Economic Impact Study Commissioned By BlueVoyant, July 2024

In an increasingly hostile threat landscape, organizations with a lack of resources and overworked security operations teams cannot provide effective, full-coverage threat detection and response. BlueVoyant Managed Security Services enables organizations with a cloud-native solution that offers end-to-end consulting, implementation, and managed security services with 24/7 security threat detection and response.

Analysts from BlueVoyant offer military-grade expertise with deep experience in cyber defense. BlueVoyant enables customers to better automate their alerts to reduce fatigue and have full visibility into incidents, assets, vulnerabilities, and ongoing investigations to strengthen their organization’s overall security posture.

BlueVoyant commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying BlueVoyant’s Managed Security Services .1 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Managed Security Services on their organizations.

icon

Return on investment (ROI)

210%

icon

Net present value (NPV)

$3.88M

To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed four representatives with experience using BlueVoyant’s Managed Security Services. For the purposes of this study, Forrester aggregated the interviewees’ experiences and combined the results into a single composite organization that is a global organization with $5 billion in annual revenue, 10,000 employees, and 15,000 endpoints.

Interviewees said that prior to using BlueVoyant’s Managed Security Services, their organizations utilized multiple point solutions, internal labor to manage their security operations, and external security operations center (SOC) teams. However, prior attempts yielded limited success, leaving them with ineffective SOC coverage, complex implementation and data migration processes with legacy solutions, excess security information and event management (SIEM) spending, and a lack of visibility into the organization’s security environment. These limitations led to false and excess security alerts which fatigued security operations, and left their organizations vulnerable to potential attacks. Their prior solutions also provided a lack of scalability and integrations.

After the investment in BlueVoyant’s Managed Security Services, the interviewees noted that BlueVoyant’s advanced automation and expert SOC analyst support enabled them to free up and reallocate internal security resources, driving an improvement in their organization’s overall security posture and visibility. Key results from the investment include labor cost savings from reduced alerts, optimized spending, and avoided costs for breaches.

Key Findings

Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:

  • Labor cost savings from reduced total escalated alerts per month by 90% with BlueVoyant. BlueVoyant's technology and processes help security operations (SecOps) teams reduce the number of alerts that need to be addressed manually as well as a faster mean time to resolution (MTTR). By leveraging automation and advanced threat intelligence capabilities, BlueVoyant can filter out false positives and identify non-malicious incidents, which enables SecOps analysts to reallocate time toward other value-added activities such as cyber threat hunting. Over three years, labor cost savings from reduced alerts is worth more than $907,000 to the composite organization.
  • Optimized spending by more than $895,000. BlueVoyant enables the composite organization to optimize spending by consolidating legacy tools. This improves efficiency as the SecOps team can focus on a single platform, which saves time and effort on administration. It enables better data integration and correlation, enhancing visibility and informed decision-making as a comprehensive solution. Spending is further optimized by avoiding the need for 1.5 security engineer FTEs to support legacy solutions, worth more than $895,000 over three years.
  • Avoided breach costs by more than $3.9 million. On average, the composite organization is exposed to 2.5 major breaches annually, with the potential to impact more than 2,000 endpoints. The cost of a single security breach is approximately $756,500 for the composite, on top of $810,000 worth in downtime from impacted business end users. BlueVoyant improves the security posture for the composite organization through expert analysis and response capabilities that provide employees with actionable insights to ultimately reduce the likelihood of a breach. Over three years, this cost avoidance is worth more than $3.9 million.

Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:

  • Faster SIEM onboarding. BlueVoyant streamlines the onboarding process for the composite organization’s SIEM solution to be as efficient as possible. Most employees were able to onboard within a couple of months, with various steps including scoping, deployment, integration, and configuration.
  • Improved visibility and insights. BlueVoyant’s solutions provides the composite organization with a holistic view of its security posture, enabling employees to understand the evolving threat landscape, detect potential risks, and make informed decisions. BlueVoyant's expertise and partnership optimizes the composite organization’s security operations by enhancing its employees’ understanding of their security landscape.
  • Improved employee experience (EX). Adding BlueVoyant to security operations improves the composite organization’s overall employee experience by making workloads more manageable.
  • Partnership with BlueVoyant. Having BlueVoyant as a partner offers benefits that enable employees to continuously learn from their expertise and insights as an industry leader.

Costs. Three-year, risk-adjusted PV costs for the composite organization include:

  • BlueVoyant licensing fees. BlueVoyant’s licensing is a subscription fee based on endpoint count. Prior to using BlueVoyant, some licensing costs for legacy tools validated a volume-based licensing approach for a significant number of endpoints.
  • Implementation and training costs. The implementation process for BlueVoyant is a collaboration between the security team and the BlueVoyant team. It typically takes two months to completely onboard the SIEM solutions.
  • Ongoing management costs. Ongoing management involves regular check-ins, reporting, and collaboration with the BlueVoyant team.

The representative interviews and financial analysis found that a composite organization experiences benefits of $5.73 million over three years versus costs of $1.85 million, adding up to a net present value (NPV) of $3.88 million and an ROI of 210%.

Reduction in total escalated alerts per month with BlueVoyant:

90%

“BlueVoyant has been a trusted partner to myself, to my boss, and to the senior leaders that run our 24/7 SOC. I’ve appreciated all of their insights, and most importantly, their brutal honesty on our existing operations. Sometimes you need a third party to tell you what you’re doing right, but more importantly, to tell you what you’re doing wrong so that you can reduce the risk within the enterprise.”

Deputy enterprise CISO, insurance

Key Statistics

  • icon icon

    Return on investment (ROI)

    210%
  • icon icon

    Benefits PV

    $5.73M
  • icon icon

    Net present value (NPV)

    $3.88M
  • icon icon

    Payback

    <6 months
  • icon icon
  • icon icon
  • icon icon
  • icon icon

Benefits (Three-Year)

Labor cost savings from reduced alerts Optimized spending Avoided Breach Costs

TEI Framework And Methodology

From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment in BlueVoyant’s Managed Security Services.

The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that BlueVoyant’s Managed Security Services can have on an organization.

Forrester Consulting conducted an online survey of 351 cybersecurity leaders at global enterprises in the US, the UK, Canada, Germany, and Australia. Survey participants included managers, directors, VPs, and C-level executives who are responsible for cybersecurity decision-making, operations, and reporting. Questions provided to the participants sought to evaluate leaders' cybersecurity strategies and any breaches that have occurred within their organizations. Respondents opted into the survey via a third-party research panel, which fielded the survey on behalf of Forrester in November 2020.

  1. Due Diligence

    Interviewed BlueVoyant stakeholders and Forrester analysts to gather data relative to BlueVoyant’s Managed Security Services.

  2. Interviews

    Interviewed four representatives at organizations using BlueVoyant’s Managed Security Services to obtain data about costs, benefits, and risks.

  3. Composite Organization

    Designed a composite organization based on characteristics of the interviewees’ organizations.

  4. Financial Model Framework

    Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.

  5. Case Study

    Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.

Disclosures

Readers should be aware of the following:

This study is commissioned by BlueVoyant and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.

Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in BlueVoyant’s Managed Security Services.

BlueVoyant reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.

BlueVoyant provided the customer names for the interviews but did not participate in the interviews.

Consulting Team:

Nikoletta Stergiou

Cookie Preferences

Accept Cookies

A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions (data inputs, website navigation), so you don’t have to re-enter data when you come back to the site or browse from one page to another.

Behavioral information collected by our web analytics vendor is used to analyze data pertaining to visitor trends, plan website enhancements, and measure overall website effectiveness. We may also use cookies or web beacons to help us offer you products, programs, or services that may be of interest to you and to deliver relevant advertising. We may use third-party advertising companies to help tailor website content to users or to serve ads on our behalf. These companies may also employ cookies and web beacons to measure advertising effectiveness.

Please accept cookies and the collection of behavioral information to receive full functionality and enhance your experience. If you decline cookies, some features of the website may not function normally.

Please see our Privacy Policy for more information.