[CONTENT]
$
USD
Total Economic Impact
Cost Savings And Business Benefits Enabled By Symantec SSE
A FORRESTER TOTAL ECONOMIC IMPACT STUDY COMMISSIONED BY BROADCOM, July 2025
Total Economic Impact
A FORRESTER TOTAL ECONOMIC IMPACT STUDY COMMISSIONED BY BROADCOM, July 2025
As businesses continue to move their operations to cloud or hybrid environments, they face the challenge of securing an increasingly distributed workforce and user access to critical applications and websites. Traditional network security models struggle to provide consistent protection across user locations and cloud environments, leading to security gaps, productivity loss, and service disruptions. This necessitates a unified Security Service Edge (SSE) solution that can seamlessly protect users and data wherever they are, without compromising performance or complexity.
Symantec SSE is a cloud-based security solution designed to protect modern enterprises, particularly those with distributed workforces. It integrates essential security services like Cloud Secure Web Gateway (Cloud-SWG), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA), and Remote Browser Isolation (RBI) into a unified platform. This integration allows organizations of all sizes to enforce consistent security policies across all users, devices, and locations, providing secure access to web, cloud, and private applications while preventing data loss and protecting against advanced threats. A key component of Symantec SSE is its integration with Google Cloud Platform (GCP), which allows it to use GCP’s global, high-performance infrastructure to increase throughput, reduce latency, and improve resiliency.
Broadcom commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Symantec SSE.1 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Symantec SSE on their organizations.
To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed decision-makers at four organizations with experience using Symantec SSE. For the purposes of this study, Forrester aggregated the experiences of the interviewees and combined the results into a single composite organization, which is a global organization with $12 billion in annual revenue and 40,000 employees.
Interviewees said that prior to using Symantec SSE, their organizations relied on complicated on-premises proxy configurations that were challenging to manage, scale, and update, leading to significant administrative overhead and potential misconfigurations. Their traditional setups also suffered from limited capacity and high latency, which resulted in a poor user experience and hindered productivity. Interviewees also reported that their reliance on on-prem hardware left them vulnerable to downtime, which could cost their organizations hundreds of thousands — if not millions — of dollars in fines, penalties, and lost revenue. Finally, interviewees shared that their legacy systems presented security vulnerabilities as they lacked the comprehensive, real-time threat intelligence and advanced capabilities (like integrated DLP and CASB) needed to combat modern cyber threats. The security gaps led to an increase in uncategorized web traffic and shadow IT.
After implementing Symantec SSE, the interviewees reported a significant improvement in their overall security posture and operational efficiency. Symantec SSE’s globally distributed cloud infrastructure eliminated single points of failure inherent in the interviewees’ legacy on-prem environments, significantly improving uptime. Interviewees also shared that Broadcom’s Cloud-SWG, DLP, CASB, and Web Isolation capabilities provided deep traffic inspection, prevented data exfiltration, and reduced uncategorized website and application use, ultimately shrinking their organizations’ attack surfaces and reducing the likelihood of a breach. Because the use of Symantec SSE facilitated their organizations moving to the cloud, the interviewees noted that their network operations teams saw significant time savings in managing infrastructure, as they offloaded the burden of maintaining, patching, and scaling security appliances to the cloud. Besides the improvement in security, uptime, and efficiency, their organizations also experienced a latency reduction, allowing users to more easily access cloud applications and websites, boosting productivity and user experience.
Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:
Up to 14 hours of unplanned downtime avoided per year. Symantec SSE enables the composite organization to safely migrate to the cloud, essentially eliminating downtime associated with hardware failures. By improving resiliency, the composite organization also avoids the penalties, revenue loss, and productivity impact associated with downtime, collectively saving millions of dollars per year. Over the course of the three-year analysis, the improved reliability is worth a risk-adjusted $12.7 million to the composite organization.
A 75% reduction in the risk of a severe breach caused by an external attack or an attack targeting employees’ remote networks. The composite leverages Symantec SSE to inspect and control user access to applications, data, and websites continuously, regardless of location. By integrating Zero Trust principles, real-time threat prevention, and data loss protection, the composite can minimize attack surfaces and block malicious activity before it reaches critical systems. By reducing the likelihood of a data breach, Symantec SSE saves the composite organization $1.7 million in expected breach costs over three years.
Legacy infrastructure cost avoidance. After migrating to Symantec SSE, the composite organization can retire legacy data centers, physical equipment, and hardware solutions. Simultaneously, the composite reduces employee time dedicated to maintaining and supporting the legacy infrastructure, allowing them to rededicate employees to other tasks. Collectively, these legacy infrastructure cost savings are worth a risk-adjusted $8.4 million to the composite over three years.
Up to a 15% productivity lift for the security operations team. Symantec SSE saves the composite organization time by centralizing security policy enforcement across users, devices, and locations. Additionally, the composite uses Symantec SSE to reduce its attack surface, reducing the volume of security alerts that require manual interventions. This streamlined approach allows the composite’s security operations team to save time on routine security management, creating bandwidth to focus on higher-priority threats or security initiatives. Over the three-year analysis, these time savings are worth a risk-adjusted $919,000.
End-user productivity lift from faster, more reliable access to applications and websites. The composite organization leverages Symantec SSE’s cloud network and dedicated egress capabilities to ensure that traffic exits the security service close to the destination, minimizing unnecessary routing and delays. This latency reduction provides employees with faster and more reliable access to necessary applications and websites, which improves user satisfaction and overall productivity. This productivity improvement is worth a risk-adjusted $5.1 million to the composite across the three-year analysis.
Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:
Potential cybersecurity insurance cost avoidance. The composite can highlight its use of Symantec SSE when applying for cybersecurity insurance, enabling it to either reduce its insurance premiums or avoid premium increases that are common in its industry.
Improved user experience. Implementing Symantec SSE enables the composite organization to reduce frustrating end-user latency, improving user experience. Additionally, the organization uses Symantec SSE’s Web Isolation features to provide access to unknown and uncategorized websites safely, minimizing needlessly blocked safe websites.
High-quality support from Broadcom. The composite organization works with Broadcom’s team of experts to optimize its SSE deployment, add new features, and quickly troubleshoot security concerns.
Costs. Three-year, risk-adjusted PV costs for the composite organization include:
Symantec SSE subscription costs. The 40,000-employee composite organization incurs annual subscription and licensing costs from Broadcom for SSE use. Over three years, the subscription costs total a risk-adjusted $11.5 million.
Labor costs for implementing Symantec SSE. The composite organization incurs internal labor costs for managing the Symantec SSE deployment. During the implementation, it dedicates staff to setting up infrastructure, configuring policies, receiving training on SSE features, and integrating systems. Overall, the implementation and training costs total $301,000.
Ongoing management costs. Although managing the Symantec SSE deployment requires significantly less employee labor than managing the composite’s legacy networking environment, there are still some internal employees dedicated to maintaining Symantec SSE. Over three years, the composite devotes $1.0 million of employee labor to this maintenance.
The financial analysis that is based on the interviews found that a composite organization experiences benefits of $28.7 million over three years versus costs of $12.8 million, adding up to a net present value (NPV) of $15.9 million and an ROI of 125%.
Return on investment (ROI)
Benefits PV
Net present value (NPV)
Payback
| Role | Industry | Annual Revenue | Employees |
|---|---|---|---|
| Product owner | Financial services | More than $25 billion | More than 25,000 |
|
Cybersecurity operations lead Cyber incident manager |
Manufacturing | $7 billion | 13,000 |
|
Head of security operations Gateway security analyst |
Insurance | $25 billion | 20,000 |
| Head of global security | IT consulting | $14 billion | More than 25,000 |
Interviewees shared that prior to adopting Symantec SSE, their organizations grappled with complex, fragmented security architectures that were not suited to cloud migrations. Some interviewees had multiple point solutions from various vendors, which led to inconsistent policy enforcement, security gaps, performance issues (particularly for remote users), and significant administrative overhead from managing complex, on-prem proxies.
Interviewees noted how their organizations struggled with common challenges, including:
An escalating number of security vulnerabilities. The interviewees shared that they were struggling to keep up with the threat landscape, finding that their existing security controls were insufficient against sophisticated attacks. Without standardized policies to block risky websites and applications, the number of uncategorized websites and shadow IT applications increased. Interviewees also noted that the lack of visibility across all users and devices created blind spots that left them exposed to data exfiltration, ransomware, and other costly breaches.
Difficulty managing legacy infrastructure. Interviewees reported that their network and security teams dedicated excessive time to patching, updating, and configuring their on-prem infrastructure. They also shared that creating and consistently enforcing policies across varied systems was labor intensive and prone to errors, leading to productivity losses and a compromised security posture. The product owner at a financial services firm noted that: “We had a very complicated three-tier, on-prem proxy configuration, and it was very frustrating to get the right companies on a call [when there was an issue]. That’s not the case anymore.”
Business disruptions from unpredictable downtime. The interviewees’ organizations dealt with outages of on-premises security components, which were often caused by hardware failures, misconfigurations, or maintenance requirements. For some interviewees — particularly those in highly competitive and highly regulated industries — each business disruption could cost millions of dollars in fines, revenue losses, and reputational damage. In addition, these disruptions often led to productivity loss for internal employees, as they lost access to vital applications. The cybersecurity operations lead at a manufacturing firm described how this changed since their migration to Symantec SSE: “Before Broadcom, we had a lot of downtime and issues with the agents and deployment configurations. After [the deployment], I don’t see any issues.”
Latency and poor user experience. As more applications and data migrate to the cloud and a remote, distributed workforce becomes the norm, interviewees shared that backhauling traffic through centralized, on-premises security stacks introduced significant latency. This slow access to critical cloud applications and resources frustrated users, degraded application performance, and negatively impacted employee productivity. The head of security operations at an insurance organization described the challenge: “We had a lot of on-prem infrastructure that was capacity constrained, and there was lots of maintenance to do updates. With more people working from home, we were tromboning all the traffic back into our on-prem estate to go out again.”
The interviewees searched for a solution that could:
Enhance overall security posture with advanced threat protection. A primary goal for interviewees was to achieve a more unified security posture by improving threat detection and prevention capabilities, securing access to cloud applications and resources, and minimizing the attack surface.
Simplify security management and reduce operational overhead. Interviewees’ organizations sought to centralize policy enforcement, reduce multiple vendor product complexity, and enable IT staff to spend less time managing on-prem infrastructure (e.g., patching, hardware upgrades, etc.).
Facilitate secure cloud adoption. Interviewees shared that as they increasingly used cloud services and embraced hybrid work models, they needed a security solution like Symantec SSE that could adapt and scale with their digital transformation initiatives, while ensuring compliance and protecting sensitive data.
Optimize infrastructure costs. The interviewees also noted that they needed a cloud-delivered security model to reduce capital expenditures on hardware, lower operational costs associated with infrastructure maintenance, and optimize network expenses by reducing the need for costly backhaul.
Improve reliability and performance for customers and internal users. The interviewees reported needing a solution that could guarantee a high level of reliability and performance across their global operations. Interviewees shared that Symantec SSE emerged as their ideal choice, largely due to the solution’s deep integration with GCP, which ensured consistent, high-speed access to applications and data.
Based on the interviews, Forrester constructed a TEI framework, a composite company, and an ROI analysis that illustrates the areas financially affected. The composite organization is representative of the interviewees’ organizations, and it is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics:
Description of composite. The composite is a global organization with headquarters in the United States, $12 billion in annual revenue, and 40,000 employees. The organization operates in a highly regulated industry and incurs financial penalties for any customer-impacting downtime events. The cost of downtime varies considerably based on the length and number of users impacted; on average, each hour of downtime costs the composite $400,000.
Deployment characteristics. The composite organization begins using Symantec SSE after a five-month implementation period. In Year 1, Symantec SSE supports 65% of the composite’s workforce; the percentage increases to 90% and 100% in Years 2 and 3, respectively.
$12 billion revenue
40,000 employees
28 security operations FTEs
Eight infrastructure manager FTEs
| Ref. | Benefit | Year 1 | Year 2 | Year 3 | Total | Present Value |
|---|---|---|---|---|---|---|
| Atr | Improved reliability from Symantec SSE | $3,944,850 | $5,462,100 | $6,069,000 | $15,475,950 | $12,660,089 |
| Btr | Avoided breach costs from improved security posture | $525,213 | $727,218 | $808,020 | $2,060,452 | $1,685,551 |
| Ctr | Network infrastructure cost savings | $2,611,440 | $3,615,840 | $4,017,600 | $10,244,880 | $8,380,816 |
| Dtr | Security operations time savings | $326,592 | $381,024 | $408,240 | $1,115,856 | $918,514 |
| Etr | Improved end-user productivity | $1,580,150 | $2,187,900 | $2,431,000 | $6,199,050 | $5,071,128 |
| Total benefits (risk-adjusted) | $8,988,245 | $12,374,082 | $13,733,860 | $35,096,188 | $28,716,098 |
Evidence and data. Interviewees shared that prior to adopting Symantec SSE, they dealt with occasional outages that could cost their organizations hundreds of thousands or even millions of dollars. Although their legacy infrastructure relied on fixed or centralized servers, Symantec SSE is cloud-delivered and automatically routes traffic through the fastest available path. After adopting Symantec SSE, the interviewees observed improved network performance, and the availability continued to increase as they onboarded more users. Better uptime resulted in improved profit retention, easier compliance processes, and improved internal productivity. Interviewees described how Symantec SSE enhanced reliability:
The amount of unplanned downtime that each customer encountered in their legacy environment varied, but each reported that adopting Symantec SSE reduced the number of outages. The product owner at a financial services firm stated: “We are fined a certain amount for downtime, so you might be fined a quarter of a million pounds if you’re down for an hour, or you might be fined £10 million if you’re down for 2 hours. … [With Symantec SSE], it’s around an 80% to 90% reduction in downtime and outages.” The interviewee went on to share that their current uptime is well within the 99.999% SLA that Broadcom provided them with.
Interviewees noted that Symantec SSE’s partnership with GCP significantly reduced downtime by providing higher bandwidth and more resilient, simplified, secure application and resource access, minimizing performance bottlenecks and infrastructure complexities that could lead to outages. The gateway security analyst at an insurance organization stated that: “I feel Broadcom has a key advantage as its point of presence because it utilizes Google for its backbone infrastructure. Its presence across the globe gives it a real competitive advantage and is a key benefit for us as a business due to the nature of our investors and having people dotted around the globe.” The same interviewee went on to say that: “We’ve seen a huge reduction in major incidents and a reduction in service impact for our business. There’s been an 80% to 90% reduction in network support tickets.”
The cybersecurity operations lead at a manufacturing firm agreed that Broadcom’s GCP partnership was vital to improving reliability at their firm: “We have a lot of offices around the globe. Because Broadcom uses GCP as the main environment, there is improved performance, improved time of connectivity, and of course less downtime. … Because of GCP, we see a very good improvement in the performance of surfing, accessing the portal, and traffic. It’s easily 20% to 30% less downtime.”
In addition to the financial benefits of improving reliability, interviewees also shared that the reduction in outages and service disruptions for their internal applications improved employee productivity and user experience. The product owner at a financial services firm reported, “Our [employee experience] scores have improved significantly over the past 12 to 18 months, and without a shadow of a doubt, it’s driven in part by the improvement in reliability.”
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
Symantec SSE supports 65% of the composite’s staff in Year 1, with 90% and 100% onboarded by Years 2 and 3, respectively.
Prior to adopting Symantec SSE, the composite organization experiences customer-impacting downtime or severe performance degradation. After deploying Symantec SSE, the composite reduces these unplanned service disruptions, with uptime improving as it onboards more employees onto Symantec SSE. By Year 3, the composite reduces downtime by 14 hours annually.
The composite operates in a highly competitive and highly regulated industry in which any downtime can lead to fines and customer loss. On average, each hour of downtime costs the composite organization $400,000, inclusive of direct revenue loss and regulatory penalties.
In addition to better protecting profits, the composite also improves employee productivity by reducing unplanned downtime. Unplanned downtime in the prior environment impacts 25% of the composite’s 40,000 employees.
These employees have a fully burdened hourly rate of $44 on average.
Forrester assumes a 25% productivity recapture since not all time savings are redeployed productively and because employees could potentially maintain some level of productivity during outages in the prior environment.
Risks. The financial impact of the improved reliability will vary depending on:
The total users Symantec SSE supports.
The annual hours of unplanned downtime that an organization encountered in its prior environment.
The expected hourly cost of downtime for an organization.
End users’ fully burdened hourly wages.
The likelihood that prior downtime events impacted end users, and the degree to which an outage affected their productivity.
Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10% for the time value of money) of $12.7 million.
Annual unplanned downtime eliminated
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| A1 | Total avoided time of unplanned downtime or severe performance degradation in the Symantec SSE environment (hours) | Interviews | 14 | 14 | 14 | |
| A2 | Percentage of users supported by Symantec SSE | Composite | 65% | 90% | 100% | |
| A3 | Average downtime cost | Composite | $400,000 | $400,000 | $400,000 | |
| A4 | Subtotal: Avoided unplanned downtime costs | A1*A2*A3 | $3,640,000 | $5,040,000 | $5,600,000 | |
| A5 | Total employees | Composite | 40,000 | 40,000 | 40,000 | |
| A6 | Percentage of employees affected by unplanned downtime in prior environment | Composite | 25% | 25% | 25% | |
| A7 | Fully burdened hourly rate for an end user (average) | Composite | $44 | $44 | $44 | |
| A8 | Productivity recapture | TEI methodology | 25% | 25% | 25% | |
| A9 | Subtotal: Avoided lost productivity from improved end-user availability | A1*A2*A5*A6*A7*A8 | $1,001,000 | $1,386,000 | $1,540,000 | |
| At | Improved reliability from Symantec SSE | A5+A9 | $4,641,000 | $6,426,000 | $7,140,000 | |
| Risk adjustment | ↓15% | |||||
| Atr | Improved reliability from Symantec SSE (risk-adjusted) | $3,944,850 | $5,462,100 | $6,069,000 | ||
| Three-year total: $15,475,950 | Three-year present value: $12,660,089 | |||||
Evidence and data. Interviewees shared that adopting Symantec SSE enabled them to improve their security posture significantly by consolidating cloud-centric security capabilities such as Cloud-SWG, CASB, and DLP into a unified platform. Furthermore, interviewees noted that leveraging the Symantec Global Intelligence Network provided real-time threat intelligence, URL filtering, and malware protection, ensuring comprehensive defense against emerging threats. Interviewees described several areas of security improvement with Symantec SSE:
Cloud-SWG and RBI. Interviewees shared that Symantec SSE’s Cloud-SWG capabilities enforced granular access policies, deep content inspection, and RBI to improve security. Interviewees particularly praised Symantec Web Isolation capabilities, which execute all web sessions in a remote, isolated environment, thereby preventing malicious data or malware from reaching and compromising devices. The cybersecurity operations lead at a manufacturing firm described the impact of Web Isolation: “We also have [RBI], so all risky and uncategorized sites are forwarded there. … So when you open a site, it’s not your PC accessing the site, it’s a remote computer accessing the site and transferring data and images to your computer, so the attacker cannot access your endpoint. … No doubt, implementing RBI and CASB has improved our security posture.”
The head of global security at an IT consulting organization described the value of Cloud-SWG with RBI: “We have policies where we block all websites that are categorized as seven and above in severity. We have also implemented RBI, which has significantly brought down any malware coming through our web channel. … Uncategorized traffic is significantly less than it was, so we’ve seen very good improvements in that.”
The product owner at a financial services firm also praised Symantec Cloud-SWG capabilities, particularly calling out RBI as a standout feature: “The feedback that we have received on RBI is incredible. It’s incredible the difference in terms of providing the isolation function in a virtually invisible manner to our colleagues. … We rolled out isolation because it integrated seamlessly with Cloud-SWG, and the experience has been literally night and day.”
The gateway security analyst at an insurance organization stated simply, “Web Isolation has saved us quite a few times.”
Interviewees also noted the benefits of Cloud-SWG’s endpoint agent features, which redirect web traffic from client devices to the nearest Cloud-SWG data center, ensuring consistent application of security policies regardless of user location. The gateway security analyst at the insurance organization stated: “The endpoint agent for Cloud-SWG is genuinely a really good tool. You can get a packet capture from the agent that gives you the ability to identify where traffic is being routed, and that’s particularly important as you have the ability to call on the agent directly to get a clear view on where the traffic’s pointing to, and then it provides you a treatment plan to resolve the issue.”
CASB and application visibility. Interviewees also reported that Symantec SSE’s CASB features provided their organizations with visibility and control over cloud application use, including sanctioned and unsanctioned apps, enabling them to enforce consistent security policies, prevent data loss, and protect against threats. The product owner at a financial services firm stated: “We use CASB to create lists of applications that the bank doesn’t want people to have access to. It’s definitely helped us reduce the number of unsanctioned web applications that users can access.”
The cybersecurity operations lead at a manufacturing firm described the value of CASB: “We have CASB on Symantec SSE, so we investigate each application, and we can check for shadow IT from our users. We score each web application, and if we see that the score is very low, we block the application. It improves our security posture because we are blocking risky apps.”
The head of security operations at an insurance organization also praised CASB: “We have really increased our protection against unauthorized application usage because CASB has given us that visibility. … CASB has been a game changer for us and it’s very competitive with what’s in the market because of what it can do. It has a great catalog of apps, and it recognizes the threat intel of those apps.”
DLP. Interviewees reported strong protection from Symantec SSE’s DLP functionality, which enabled their organizations to protect sensitive data across endpoints, networks, cloud applications, and storage, preventing accidental exposure and malicious exfiltration. The head of global security at an IT consulting organization stated: “If I compare Symantec DLP with the other SSE players, the Symantec DLP solution is way ahead. It’s enterprise-built, whereas those [competitors] will need at least one to two years to reach the level where Symantec is in DLP.”
Firewalls. Some interviewees reported that they had deployed Symantec SSE’s cloud firewall features to define policies based on users, groups, and locations. The cybersecurity operations lead at a manufacturing firm described the benefit: “Last year we also implemented cloud firewalls from Symantec SSE, and we blocked all traffic from unknown ports to the internet, and this add-on of course helped us in our security.”
Threat intelligence capabilities backed by the Symantec Global Intelligence Network. In addition to the other features mentioned, interviewees reported that Symantec SSE’s threat intelligence features leveraged the Symantec Global Intelligence Network to provide real-time insights into emerging threats, protecting against malware, phishing, and zero-day attacks by updating security policies continuously. The head of security operations at an insurance organization described the power of the threat intelligence capabilities: “The fact that the intelligence network behind Symantec SSE is really good means that the feature set is reliable. From a security perspective, we tend to find that if there’s a rogue internet site, it’s already detected as suspicious and therefore blocked. … Its Global Intelligence Network is second to none. The web categorization that Symantec provides is superior to any other product.”
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
The composite organization expects $4.6 million in cumulative breach costs per year and has a 68% likelihood of experiencing a breach every year. Furthermore, 58% of those breaches originate either from external attacks or attacks targeting employees’ home or remote networks. Forrester estimates that Symantec SSE can address 70% of these breaches.2
Symantec SSE supports 65% of the composite’s staff in Year 1, with 90% and 100% onboarded by Years 2 and 3, respectively.
With Symantec SSE, the composite reduces the likelihood of a severe data breach caused by an external attack or attacks targeting employees’ home or remote networks by 75%.
Risks. The following factors may impact this benefit:
The number of users Symantec SSE supports.
An organization’s security posture and maturity prior to deploying Symantec SSE.
The likelihood and associated costs of security breaches each year.
The specific Symantec SSE features deployed.
Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.7 million.
Reduction in likelihood of a breach caused by an external attack or an attack on employees’ home or remote networks
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| B1 | Cumulative cost of breaches for the composite organization | Forrester Research | $4,591,000 | $4,591,000 | $4,591,000 | |
| B2 | Likelihood of experiencing one or more breaches for the composite | Forrester Research | 68% | 68% | 68% | |
| B3 | Percentage of breaches originating from external attacks or attacks targeting remote environments | Forrester Research | 58% | 58% | 58% | |
| B4 | Percentage of those attacks addressable with Symantec SSE | Forrester Research | 70% | 70% | 70% | |
| B5 | Percentage of users supported by Symantec SSE | A2 | 65% | 90% | 100% | |
| B6 | Annual risk exposure addressable with Symantec SSE | B1*B2*B3*B4*B5 | $823,864 | $1,140,735 | $1,267,483 | |
| B7 | Reduced risk of breaches with Symantec SSE | Interviews | 75% | 75% | 75% | |
| Bt | Avoided breach costs from improved security posture | B6*B7 | $617,898 | $855,551 | $950,612 | |
| Risk adjustment | ↓15% | |||||
| Btr | Avoided breach costs from improved security posture (risk-adjusted) | $525,213 | $727,218 | $808,020 | ||
| Three-year total: $2,060,452 | Three-year present value: $1,685,551 | |||||
Evidence and data. Interviewees reported that migrating to Symantec SSE enabled them to retire some of their legacy on-prem proxies and associated security appliances. In addition to the hardware cost savings, the interviewees reported that Symantec SSE was easier to manage and maintain than their legacy infrastructure, which allowed them to redeploy platform manager FTEs to other tasks. Interviewees described the factors driving the legacy cost savings:
On-premises proxies and hardware infrastructure. Interviewees stated that as more of their workforce migrated to Symantec SSE, they could consolidate multiple security solutions, such as on-premises proxies, VPNs, and hardware firewalls, into a single, cloud-based platform. The head of security operations at an insurance organization reported: “We had lots of on-prem infrastructure running, 16 proxies and other things like that. The cost of hosting all those was substantial, hundreds of thousands of pounds per year. We saw that obviously we would save all that money from using the cloud infrastructure instead.”
Legacy FTEs dedicated to infrastructure maintenance. Interviewees also shared that they found Symantec SSE easier to manage than legacy infrastructure because it is a cloud-delivered service, which eliminated the need for them to manage, patch, and upgrade physical appliances. The head of global security at an IT consulting organization described the change: “Earlier, we had a trifurcation of management teams, as we had one team for proxies, one team for DLP, and one team for CASB. With Symantec SSE, we have one team that manages the whole platform. We cut down this staff by almost 50%. We did not let people go; we just assigned them to different roles and they moved to different teams.”
The same interviewee went on to describe the impact of the infrastructure management time savings: “Now the team has more bandwidth to focus on finetuning policies and rules rather than managing the infrastructure. We want our team to focus only on the security part, and not the IT part.”
The cybersecurity operations lead at a manufacturing firm also reported that moving infrastructure from on-premises to a cloud-based solution led to operational efficiencies: “After migrating to the cloud solution, we no longer have to deal with the on-prem appliances. Because it’s a SaaS platform, we are not dealing with the infrastructure issues. It definitely saves a lot of time for our infrastructure team to not have to deal with all our hundreds of appliances that we had before migrating.”
The gateway security analyst at an insurance organization shared that policy management was significantly simpler to manage with Symantec SSE compared to their legacy on-premises approach: “We’ve been able to pull stuff into our scripts to provide data and streamline policy review processes. If it wasn’t for some of that work, we could require more headcount internally.”
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
In Year 1 of deploying Symantec SSE, the composite organization retires legacy infrastructure worth $2.3 million. As it migrates more of its traffic to the cloud, the cost savings increase to $3.2 million in Year 2 and $3.6 million in Year 3.
The composite organization has a team of eight FTEs dedicated to managing the organization’s legacy hardware. Over the course of the three-year analysis, the composite gradually deploys these employees to other tasks, saving labor costs.
Employees dedicated to managing infrastructure have an average fully burdened annual salary of $135,000 per year.
Forrester assumes an 80% productivity recapture since not all of these time savings are redeployed productively.
Risks. Legacy network infrastructure cost savings will vary depending on:
The cost of network infrastructure in the previous environment.
The internal labor dedicated to maintaining legacy infrastructure.
The speed at which organizations retire legacy infrastructure and migrate to Symantec SSE.
Network and security operations FTE salaries.
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $8.4 million.
Annual time savings on managing legacy infrastructure
Legacy networking costs eliminated by Year 3
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| C1 | Networking costs avoided with Symantec SSE | Composite | $2,340,000 | $3,240,000 | $3,600,000 | |
| C2 | FTEs dedicated to maintaining legacy hardware | Composite | 8 | 8 | 8 | |
| C3 | Time savings on managing legacy hardware | Interviews | 65% | 90% | 100% | |
| C4 | Fully burdened annual salary for a network operations employee | Composite | $135,000 | $135,000 | $135,000 | |
| C5 | Productivity recapture | TEI methodology | 80% | 80% | 80% | |
| Ct | Network infrastructure cost savings | C1+(C2*C3*C4*C5) | $2,901,600 | $4,017,600 | $4,464,000 | |
| Risk adjustment | ↓10% | |||||
| Ctr | Network infrastructure cost savings (risk-adjusted) | $2,611,440 | $3,615,840 | $4,017,600 | ||
| Three-year total: $10,244,880 | Three-year present value: $8,380,816 | |||||
Evidence and data. Interviewees shared that Symantec SSE reduced their attack surface by centralizing and securing all web and cloud application access, effectively making internal resources invisible to external threats. This proactive attack surface reduction meant fewer incidents for security operations teams to investigate and remediate, leading to time savings on responding to alerts.
The head of global security at an IT consulting organization described how the reduced attack surface translated directly to employee time savings: “[With Symantec SSE], we have cut down the total number of security alerts by 50% to 75%. Because there are less alerts to handle, a smaller team can manage the alerts.”
The head of security operations at an insurance organization agreed that Symantec SSE conferred security time savings, adding that: “The fact that the Global Intelligence Network is so good improves our security. A member of our staff might click a link in a phishing email, and nine times out of 10, if not more, that link is not usable because of the protection that SSE gives us. It prevents that incident from getting any further. … If these protections weren’t there, then instantly there would be significantly more management work.”
The cybersecurity operations lead at a manufacturing firm described the avoided security tickets from the improved policy enforcement and Web Isolation capabilities embedded in Symantec SSE: “[Symantec SSE] works perfectly. No issues. We blocked all suspicious, malicious, and risky sites. [Previously], we had a lot of [security] tickets from our users, but after implementing Web Isolation, there are almost zero tickets related to [users clicking on risky websites].”
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
The composite organization has a team of 28 security operations FTEs who dedicate much of their time to security alert response.
With Symantec SSE’s centralized management and policy enforcement, the number of security alerts shrinks, leading to time savings of 12% for security operations staff in Year 1. As the composite migrates more of its workforce to Symantec SSE, these time savings reach 15% in Year 3.
Security operations staff have an average fully burdened annual salary of $135,000.
Forrester assumes an 80% productivity recapture since not all time savings are redeployed productively.
Risks. The security operations time savings will vary depending on:
The number of security alerts an organization has in its legacy environment.
The specific Symantec SSE security features or capabilities adopted.
The average fully burdened annual salary of security operations FTEs.
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $919,000.
Time savings for the security operations team
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| D1 | Total security operations FTEs | Composite | 28 | 28 | 28 | |
| D2 | Productivity lift for security operations work | Interviews | 12% | 14% | 15% | |
| D3 | Fully burdened annual salary for a security operations FTE | Composite | $135,000 | $135,000 | $135,000 | |
| D4 | Productivity recapture | TEI methodology | 80% | 80% | 80% | |
| Dt | Security operations time savings | D1*D2*D3*D4 | $362,880 | $423,360 | $453,600 | |
| Risk adjustment | ↓10% | |||||
| Dtr | Security operations time savings (risk-adjusted) | $326,592 | $381,024 | $408,240 | ||
| Three-year total: $1,115,856 | Three-year present value: $918,514 | |||||
Evidence and data. Interviewees shared that Symantec SSE significantly enhanced user experience and reduced latency. The performance improvement led to productivity boosts, particularly for geographically dispersed teams. Interviewees attributed the improved performance and end-user experience to the increased capacity provided by Symantec SSE’s global cloud infrastructure and to its dedicated egress points.
Improved capacity. Interviewees shared that Symantec SSE’s integration with GCP allowed their organizations to reduce latency by routing traffic over high-capacity private pathways instead of the public internet. The head of security operations at an insurance company stated: “[Symantec SSE] feels like an all-you-can-eat type capability. Previously, one of the big issues we had was fixed capacity, but now we can be less sensitive for our users in terms of usage.”
The same interviewee went on to say: “There’s a huge benefit around capacity. We would forever have major incidents where our proxies would be maxing out on CPU and memory and we would effectively just grind the business to a halt. Since we moved to Cloud-SWG, we don’t have anything like that.”
Dedicated egress capabilities. The gateway security analyst at an insurance organization described the value of Symantec SSE’s dedicated egress capabilities, which allow customers to route traffic through dedicated IP addresses and regional egress points, ensuring more direct connections: “Previously, if we had someone based in Ireland who was traveling to Dubai, they would have to backhaul all that traffic to their on-prem proxy in their local data center to then break out. Whereas now they can just hit the data center that’s nearest to Dubai and they’re going to log in a lot quicker.”
The cybersecurity operations lead at a manufacturing firm also spoke to the benefits of the dedicated egress features: “Before, if a user wanted to access some internet site, their traffic was forwarded from some office to the data center, and from the data center to the appliance, and from the appliance to the internet. It was very high latency, and of course user experience was very poor. But after migrating all our offices to the Symantec SSE offering, we have no claims regarding latency or internet accessing, nothing. We’re in a very good situation now.”
The head of global security at an IT consulting organization reported a significant reduction in latency: “Latency is much better compared to what it was earlier. Our metrics say it is fine, and we have not heard any complaints from users. … We saw a 25% to 30% improvement in latency in Asia Pacific.”
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
Prior to adopting Symantec SSE, the composite organization’s employees dealt with high latency due to fixed capacity and shared egress. Users supported by Symantec SSE avoid 1.5 minutes of wait time per day (6.5 hours per year).
In Year 1, Symantec SSE supports 26,000 of the composite’s employees. This increases to 36,000 in Year 2 before reaching all 40,000 employees in Year 3.
On average, these users have a fully burdened hourly rate of $44.
Forrester applies a productivity recapture of 25%.
Risks. The end-user productivity lift will vary depending on:
The level of latency and performance degradation in the prior environment.
The number of users supported by Symantec SSE.
End-user FTE salaries.
Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $5.1 million.
Annual employee time savings per user due to improved Symantec SSE performance
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| E1 | Avoided wait time per day due to performance degradation (minutes) | Interviews | 1.5 | 1.5 | 1.5 | |
| E2 | Time saved per user per year (hours) | E1/60 minutes*260 days | 6.5 | 6.5 | 6.5 | |
| E3 | Total employees | Composite | 40,000 | 40,000 | 40,000 | |
| E4 | Percentage of users supported by Symantec SSE | A2 | 65% | 90% | 100% | |
| E5 | Symantec SSE users | E3*E4 | 26,000 | 36,000 | 40,000 | |
| E6 | Fully burdened hourly rate for a Symantec SSE user | Composite | $44 | $44 | $44 | |
| E7 | Productivity recapture | Composite | 25% | 25% | 25% | |
| Et | Improved end-user productivity | E2*E5*E6*E7 | $1,859,000 | $2,574,000 | $2,860,000 | |
| Risk adjustment | ↓15% | |||||
| Etr | Improved end-user productivity (risk-adjusted) | $1,580,150 | $2,187,900 | $2,431,000 | ||
| Three-year total: $6,199,050 | Three-year present value: $5,071,128 | |||||
Interviewees mentioned the following additional benefits that their organizations experienced but were not able to quantify:
Potential cybersecurity insurance cost avoidance. Interviewees reported that as threats have become increasingly prevalent and complex, cybersecurity insurance premiums have climbed rapidly. However, some interviewees shared that using Symantec SSE has helped them either avoid insurance premium hikes or reduce their premiums. The head of global security at an IT consulting firm reported a drop in premiums, which they partially attributed to Symantec SSE: “[Using Symantec SSE] has significantly brought down our cyber insurance cost. Our peers were seeing increases in the costs, whereas there was a very significant reduction in our insurance costs due to the different security controls we have implemented.”
The head of security operations at an insurance organization agreed that using Symantec SSE was helpful in the application process: “When we’ve done the attestation for cybersecurity insurance, the fact that we have a strong toolset and a strong policy and it’s a market-leading product set has certainly helped.”
Improved user experience. Interviewees shared that prior to adopting Symantec SSE, latency was a significant source of frustration for their employee base. By improving performance, the interviewees could reduce the number of IT support tickets submitted for latency-related issues and ultimately improve user experience.
Interviewees also reported that their previous solutions unnecessarily blocked certain safe websites or applications, which prevented employees from accessing work-related information and forced them to open IT tickets for web browsing issues. With Symantec SSE’s Web Isolation features, interviewees’ organizations could quickly and easily identify which sites were benign, leading to a more seamless browsing experience. The cybersecurity operations lead at a manufacturing firm stated: “User experience has drastically improved after implementing isolation, because previously all uncategorized and risky sites were blocked. We used to open tickets to service desks to request to open this site because it’s needed for the business. After implementing Web Isolation, all types of these tickets are gone because we are allowing the traffic onto some remote computer. For user experience, this is a very, very good improvement. There have been 30% less tickets regarding web browsing issues.”
High-quality support from Broadcom. Interviewees shared that they worked with Broadcom’s support team to optimize their SSE deployment, including investigating any incidents, adding new features, and training new employees. The product owner at a financial services firm praised the quality and consistency of the Broadcom support team: “The support that we get from Broadcom is excellent. Other vendors, even those bigger than Broadcom, their support is not as good today, tomorrow, yesterday, as Broadcom’s is. … The support when we have an outage is absolutely vital. We will often know internally that the problem has nothing to do with Broadcom, and they will, at the drop of a hat, join our call. That, for a financial institute, is essential.”
The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement Symantec SSE and later realize additional uses and business opportunities, including:
Additional security improvements from adding Symantec SSE’s ZTNA feature. Some interviewees reported that they were piloting and planning to adopt Symantec SSE’s ZTNA capabilities, which implement a “never trust, always verify” model for every user and device accessing applications. The interviewees who spoke to this use case expect that ZTNA’s identity- and context-aware access control will minimize the attack surface by only granting access to specific applications, rather than the entire network. The head of global security at an IT consulting firm stated, “We are in the pilot rollout of ZTNA, so the first set of 5,000 users will be completed by [next month].”
Exploring mobile protection. Some interviewees also reported that they were exploring mobile security solutions from Broadcom to sync their Symantec SSE-set security policies to mobile devices, ensuring that employees accessing corporate resources are protected from mobile-specific threats. The gateway security analyst at an insurance organization stated: “We’re running a pilot at the moment around Symantec Endpoint Protection for mobile. [Our goal] is to gain more security controls around mobile and try to provide a more consolidated, unified policy across endpoint devices as a whole. Right now, we’re just focused on blocking the bad stuff, but in the future, we may be in a position where someone can do something on their laptop and also on their phone, and if they can’t do it on their laptop, they also can’t do it on their phone. We’d be bringing the endpoints together into a centrally managed policy.”
Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Total Economic Impact Approach).
| Ref. | Cost | Initial | Year 1 | Year 2 | Year 3 | Total | Present Value |
|---|---|---|---|---|---|---|---|
| Ftr | Broadcom SSE subscription costs | $0 | $3,575,000 | $4,950,000 | $5,500,000 | $14,025,000 | $11,473,140 |
| Gtr | Implementation and training costs | $283,712 | $6,864 | $6,864 | $6,864 | $304,304 | $300,782 |
| Htr | Ongoing management costs | $0 | $297,000 | $415,800 | $534,600 | $1,247,400 | $1,015,289 |
| Total costs (risk-adjusted) | $283,712 | $3,878,864 | $5,372,664 | $6,041,464 | $15,576,704 | $12,789,211 |
Evidence and data. Interviewees reported that Symantec SSE fees were typically structured on a per user, per year basis, with costs varying depending on which specific Symantec SSE features they deployed. As a baseline, the composite organization deploys Symantec SSE’s Cloud-SWG, CASB, DLP, threat protection, cloud firewalls, and RBI features. Pricing may vary. Contact Broadcom for additional details.
Modeling and assumptions. Based on the interviews, Forrester assumes the composite incurs annual subscription costs of $3.3 million in Year 1, when it onboards 65% of its employee base onto Symantec SSE. By Year 3, Symantec SSE supports 100% of the composite’s employee base and annual subscription costs are $5 million.
Risks. The impact of this cost will vary depending on:
Pricing changes.
Contract terms.
The number of users supported by Symantec SSE.
Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $11.5 million.
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 |
|---|---|---|---|---|---|---|
| F1 | Broadcom SSE subscription and licensing costs | Composite | $0 | $3,250,000 | $4,500,000 | $5,000,000 |
| Ft | Broadcom SSE subscription costs | F1 | $0 | $3,250,000 | $4,500,000 | $5,000,000 |
| Risk adjustment | ↑10% | |||||
| Ftr | Broadcom SSE subscription costs (risk-adjusted) | $0 | $3,575,000 | $4,950,000 | $5,500,000 | |
| Three-year total: $14,025,000 | Three-year present value: $11,473,140 | |||||
Evidence and data. Interviewees reported incurring internal labor costs associated with Symantec SSE implementation. Most interviewees reported that the implementation process took at least four months, with one smaller organization completing the implementation in two months. During the deployment process, interviewees reported requiring several FTEs to support the configuration, define policies, integrate SSE with existing infrastructure and tools, and assist with training new users.
In addition to the FTE hours leading the implementation, interviewees shared that network and security operations staff required a few days of training to become familiar with the various Symantec SSE capabilities.
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
The composite organization deploys Symantec SSE over the course of five months.
During the implementation process, the composite fully dedicates four FTEs to managing the deployment.
In addition, 32 employees receive Symantec SSE training, with some trained on using Cloud-SWG, some trained on using CASB, and others trained on using DLP. On average, each employee receives 24 hours, or three working days, of training.
Each year thereafter, four more employees receive training to account for new hires and turnover.
Each network and security operations employee has a fully burdened hourly rate of $65 per hour.
Risks. Implementation and training costs will vary depending on:
Implementation delays.
Employees’ familiarity with other Broadcom solutions.
The average fully burdened annual salaries for FTEs involved in implementation and training.
Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $301,000.
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 |
|---|---|---|---|---|---|---|
| G1 | FTEs dedicated to implementing Broadcom SSE | Composite | 4 | |||
| G2 | Time dedicated to implementing Broadcom SSE (months) | Composite | 5 | |||
| G3 | Total implementation time (hours) | G1*G2*160 hours per month | 3,200 | |||
| G4 | Fully burdened hourly rate for an implementation resource | Composite | $65 | $65 | $65 | $65 |
| G5 | Subtotal: Internal labor costs required for implementation | G3*G4 | $208,000 | |||
| G6 | Employees trained to use Broadcom SSE | Composite | 32 | 4 | 4 | 4 |
| G7 | Training time for a new user (hours) | Composite | 24 | 24 | 24 | 24 |
| G8 | Subtotal: Training costs | G6*G7*G4 | $49,920 | $6,240 | $6,240 | $6,240 |
| Gt | Implementation and training costs | G5+G8 | $257,920 | $6,240 | $6,240 | $6,240 |
| Risk adjustment | ↑10% | |||||
| Gtr | Implementation and training costs (risk-adjusted) | $283,712 | $6,864 | $6,864 | $6,864 | |
| Three-year total: $304,304 | Three-year present value: $300,782 | |||||
Evidence and data. Interviewees reported that managing Symantec SSE was significantly easier than managing their legacy on-premises network infrastructure. However, they dedicated some ongoing employee time to managing the Symantec SSE deployment, with most of the ongoing labor spent on modifying security policies, onboarding and deprovisioning users, generating reports, and integrating with other IT systems.
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
The composite organization has four FTEs responsible for managing the Symantec SSE deployment.
In Year 1, the composite dedicates 50% of the deployment team’s time to managing Symantec SSE. These employees spend less time managing legacy infrastructure in Years 2 and 3, and the composite redeploys them to manage Symantec SSE. By Year 3, these four FTEs dedicate 90% of their time to managing Symantec SSE.
Symantec SSE platform managers have an average fully burdened annual salary of $135,000.
Risks. Ongoing management costs will vary depending on:
The number of users supported by Symantec SSE.
The level of skill and ongoing internal effort per resource dedicated to managing Symantec SSE.
The average fully burdened annual salary for a platform manager.
Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.0 million.
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 |
|---|---|---|---|---|---|---|
| H1 | FTEs dedicated to managing Broadcom SSE | Composite | 4 | 4 | 4 | |
| H2 | Percentage of time dedicated to managing the Broadcom SSE platform | Composite | 50% | 70% | 90% | |
| H3 | Fully burdened annual salary for a Broadcom SSE platform manager | Composite | $135,000 | $135,000 | $135,000 | $135,000 |
| Ht | Ongoing management costs | H1*H2*H3 | $0 | $270,000 | $378,000 | $486,000 |
| Risk adjustment | ↑10% | |||||
| Htr | Ongoing management costs (risk-adjusted) | $0 | $297,000 | $415,800 | $534,600 | |
| Three-year total: $1,247,400 | Three-year present value: $1,015,289 | |||||
| Initial | Year 1 | Year 2 | Year 3 | Total | Present Value | |
|---|---|---|---|---|---|---|
| Total costs | ($283,712) | ($3,878,864) | ($5,372,664) | ($6,041,464) | ($15,576,704) | ($12,789,211) |
| Total benefits | $0 | $8,988,245 | $12,374,082 | $13,733,860 | $35,096,188 | $28,716,098 |
| Net benefits | ($283,712) | $5,109,381 | $7,001,418 | $7,692,396 | $19,519,484 | $15,926,887 |
| ROI | 125% | |||||
| Payback | <6 months |
The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.
These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.
The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.
From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment in Symantec SSE.
The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Symantec SSE can have on an organization.
Interviewed Broadcom stakeholders and Forrester analysts to gather data relative to Symantec SSE.
Interviewed six decision-makers at organizations using Symantec SSE to obtain data about costs, benefits, and risks.
Designed a composite organization based on characteristics of the interviewees’ organizations.
Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.
Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.
Benefits represent the value the solution delivers to the business. The TEI methodology places equal weight on the measure of benefits and costs, allowing for a full examination of the solution’s effect on the entire organization.
Costs comprise all expenses necessary to deliver the proposed value, or benefits, of the solution. The methodology captures implementation and ongoing costs associated with the solution.
Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. The ability to capture that benefit has a PV that can be estimated.
Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”
The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash flows.
The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made unless other projects have higher NPVs.
A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.
The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.
The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost.
Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists solution providers in communicating their value proposition to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of business and technology initiatives to both senior management and other key stakeholders.
1 Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists solution providers in communicating their value proposition to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of business and technology initiatives to both senior management and other key stakeholders.
2 Source: A regression analysis of the reported total cumulative costs of all breaches experienced by security decision-makers’ organizations in the past 12 months. The composite organization’s revenue is used as the input to the regression formula. We asked 1,660 global security decision-makers who have experienced a breach in the past 12 months, “Using your best estimate, what was the total cumulative cost of all breaches experienced by your organization in the past 12 months?” Source: Forrester’s Security Survey, 2024.
Readers should be aware of the following:
This study is commissioned by Broadcom and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.
Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Symantec SSE.
Broadcom reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.
Broadcom provided the customer names for the interviews but did not participate in the interviews.
Matt Dunham
July 2025
ABOUT FORRESTER CONSULTING
Forrester provides independent and objective research-based consulting to help leaders deliver key transformation outcomes. Fueled by our customer-obsessed research, Forrester’s seasoned consultants partner with leaders to execute on their priorities using a unique engagement model that tailors to diverse needs and ensures lasting impact. For more information, visit forrester.com/consulting.
© Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies.
https://mainstayadvisor.com/go/mainstay/gdpr/policy.html
PDF