A Forrester Total Economic Impact™ Study Commissioned By Microsoft, August 2024
As today’s enterprises optimize for hybrid and multicloud environments, they risk opening a multivariate attack surface to threat actors. Cloud workload security (CWS) plays an essential role in cloud adoption, cloud data, and threat protection. Savvy organizations leverage the business benefits of visibility as they migrate workloads and their security to the cloud.1
Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) that embeds security across the entire application lifecycle, from development to runtime. Defender for Cloud provides a unified platform for Cloud Security Posture Management, DevOps security management, and cloud workload protections across multicloud and hybrid environments.
Microsoft commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Microsoft Defender for Cloud.2 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Defender for Cloud on their organizations.
Return on investment (ROI)
99%
Net present value (NPV)
$4.25M
To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed five representatives with experience using Defender for Cloud. For the purposes of this study, Forrester aggregated the interviewees’ experiences and combined the results into a single composite organization that is a global, North America-based company facing mounting cybersecurity threats to its multicloud infrastructure.
Interviewees said that as their organizations grew, their consumption of cloud services and increased cloud-based collaboration with partners and third parties increased their attack surfaces. Their legacy CWS tools were inefficient and ineffective, and they drained resources’ abilities to proactively respond to a gamut of threats. This left the organizations’ cloud environments — including mission-critical apps and workloads related to the continuous integration and continuous delivery (CI/CD) lifecycle —vulnerable to costly breaches.
The interviewees said that after the investment in Defender for Cloud, their organizations reduced their risk and improved their security and compliance postures at scale. This helped the organizations keep pace with compliance requirements in a dynamically shifting regulatory climate with added context provided on their security postures compared to their peers based on Microsoft cloud security benchmarks.
At the same time, interviewees pointed out that Defender for Cloud helped their organizations better position themselves for secure, efficient software development and collaboration with third-party partners for purposes such as research and development. Interviewees discussed how this reduced development effort and improved time to value to develop secure products that enable business growth.
Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:
Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:
Costs. Three-year, risk-adjusted PV costs for the composite organization include:
The representative interviews and financial analysis found that a composite organization experiences benefits of $8.52 million over three years versus costs of $4.27 million, adding up to a net present value (NPV) of $4.25 million and an ROI of 99%.
Avoided potential costs related to data breaches
$292,000
“We are all looking for [more] speed and less risk, and … Microsoft is aligning themselves nicely with that. As you integrate any new solution, you are inevitably inviting the risk of a breach. So, having an extensible suite that is on the same platform helps to mollify that affect.”
Technical manager, B2B software
Return on investment (ROI)
Benefits PV
Net present value (NPV)
Avoided potential costs of a data breach
From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment in Defender for Cloud.
The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Defender for Cloud can have on an organization.
Interviewed Microsoft stakeholders and Forrester analysts to gather data relative to Defender for Cloud.
Interviewed five representatives at organizations using Defender for Cloud to obtain data about costs, benefits, and risks.
Designed a composite organization based on characteristics of the interviewees’ organizations.
Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.
Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.
Readers should be aware of the following:
This study is commissioned by Microsoft and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.
Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Defender for Cloud.
Microsoft reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.
Microsoft provided the customer names for the interviews but did not participate in the interviews. The scope of the cyber security practice within Forrester is founded in industry knowledge and survey information from global organizations, updated on an annual basis. Further information is available from Forrester Business Technographics or with a Forrester analyst.
Role | Industry | Total FTEs | Percent of workloads on premises | ||
---|---|---|---|---|---|
Cyberdefense leader | Materials | 20,000+ | 15% | ||
Chief information security officer (CISO) | Technology | 20,000+ | NA | ||
Technical manager | B2B software | 5,000 to 19,999 | >40% and shrinking | ||
Senior director of IT operations | Healthcare | 20,000+ | 20% | ||
Chief technology officer (CTO) | Life sciences | 1,000 to 4,999 | 5% | ||
Before using Defender for Cloud, interviewees’ organizations were stymied by multivariate risks lurking amidst complex hybrid and multicloud infrastructures. Interviewees described how their organizations’ cloud security blind spots compounded risk, exacerbated vulnerabilities, and lengthened dwell time when attacks successfully penetrated cloud workloads. They further noted how their organizations struggled with further challenges, including:
“If we are noncompliant with terms of our contracts, we cannot share data, and that means that our products are ineffective. The business does not work.”
CTO, life sciences
“The major pain points were lack of investigation and remediation capabilities due to lack of advanced [cloud security] technologies. We were not able to defend our environment against advanced and state-sponsored attacks with legacy tools and antivirus solutions. We could not investigate a breach and respond in a timely manner to meet SEC and federal guidelines.”
CISO, technology
The interviewees’ organizations searched for a far-reaching solution that could improve their cloud security administration, reduce the complexity involved with the number of tools and manual processes needed, and proactively mitigate the costs and impacts of a security breach. The organizations also sought to:
“We were hoping to address simplicity within the platform itself. How can we really simplify and free up IT operations around automation to do that?”
Senior director of IT operations, healthcare
“Per the NIST (National Institute of Standards and Technology) best practices and CIS benchmarks, we need to have certain hardening standards for our endpoints and for our containers."
CISO, technology
The interviewees told Forrester that their organizations selected Microsoft Defender for Cloud for its product functionalities. Their goals were to improve their cloud security administration, reduce the complexity involved with the number of tools and manual processes they had, improve visibility with continuous monitoring and detection across multicloud and hybrid environments, and to help their organizations respond to threats in real time. Interviewees said other reasons their organizations invested in Microsoft Defender for Cloud include:
“We found that Microsoft has much better coverage on the logs, traces, and metrics that are being produced internally that they can then utilize to help Defender understand what’s going on in your environment. ”
CTO, life sciences
Description of composite. The global, $25 billion company based in North America spends 1% of its revenue on technology. It also employs 75,000 employees, of which 750 are developers and 150 are SecOps FTEs.
The composite organization faces mounting cybersecurity threats. In recent years, it investigated an average of 1,000 threats per week, growing 5% annually. These threats ranged from high-frequency, low-impact events such as phishing efforts to low-frequency, high-impact threats such as malware infections.
In its prior security technology environment, the composite organization deployed individualized tools to provide comprehensive cloud workload protection for various workloads. As part of a multivendor security stack, these workloads connected the organization’s distributed multicloud environment with a small, private data center.
Deployment characteristics. The composite increases the portion of its technology estate in the cloud from 50% of all workloads at the start of the investment period to 80% after three years. A further goal of this cloud transformation includes increasing overall cloud consumption, consolidating vendor tools and optimizing the multicloud security stack.
The composite also shifts more of the publicly hosted workloads to the Azure cloud with Defender for Cloud protection as the deployed configuration proves its value. This includes deploying Defender for Cloud protection to 25% of workloads hosted outside of Azure in Year 1. By Year 3, the composite organization increases the percent of non-Azure workloads in the cloud to the Defender for Cloud environment to 50% by the end of Year 3.
Ref. | Benefit | Year 1 | Year 2 | Year 3 | Total | Present Value |
---|---|---|---|---|---|---|
Atr | Multicloud and hybrid security infrastructure consolidation | $329,670 | $395,604 | $527,472 | $1,252,746 | $1,022,943 |
Btr | SecOps productivity gain | $1,790,100 | $2,148,120 | $2,864,160 | $6,802,380 | $5,554,555 |
Ctr | Threat investigation and remediation acceleration | $243,100 | $306,307 | $428,830 | $978,237 | $796,332 |
Dtr | Data breach-related cost reduction | $94,068 | $112,881 | $150,508 | $357,456 | $291,885 |
Etr | Audit compliance posture improvement | $329,670 | $341,604 | $365,472 | $1,036,746 | $856,602 |
Total benefits (risk-adjusted) | $2,786,608 | $3,304,516 | $4,336,441 | $10,427,565 | $8,522,317 | |
Evidence and data. Interviewees named the proliferation of multicloud security tools as a major source of complexity and risk in their organizations’ prior environments. Using Microsoft Defender for Cloud across multicloud and hybrid environments allowed their organizations to pull multiple levers of value across their cloud workload security stacks.
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
Risks. Forrester recognizes that these results may not be representative of all experiences. The following factors may impact this benefit:
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.0 million.
5 tools to 1 tool
Cloud security tool consolidation
>1,700 hours
Security tools management time avoided
“Rather than running a script separately, we can daisy-chain them and cut down the amount of data we’re processing. … We’ve gone over 30% in terms of average reduction in costs and run rates for our [cloud computing] processes over time.”
CTO, life sciences
Ref. | Metric | Source | Year 1 | Year 2 | Year 3 |
---|---|---|---|---|---|
A1 | Legacy multicloud and hybrid security software license and subscription costs in the prior environment | Composite | $6,000,000 | $6,000,000 | $6,000,000 |
A2 | Percent of workloads protected and addressable by Defender for Cloud | Composite | 50% | 60% | 80% |
A3 | Consolidation of legacy multicloud and hybrid security software licenses with Defender for Cloud | Interviews | 10% | 10% | 10% |
A4 | Subtotal: License savings from consolidated legacy multicloud and hybrid security software tools with Defender for Cloud | A1*A2*A3 | $300,000 | $360,000 | $480,000 |
A5 | Total avoided internal labor time to manage legacy multicloud and hybrid security software tool licenses with Defender for Cloud (hours) | Composite | 1,560 | 1,560 | 1,560 |
A6 | Average fully burdened hourly rate for a SecOps resource (rounded) | TEI standard | $85 | $85 | $85 |
A7 | Subtotal: Labor savings from managing consolidated legacy hybrid and multicloud cybersecurity tool with Defender for Cloud | A2*A5*A6 | $66,300 | $79,560 | $106,080 |
At | Multicloud and hybrid security infrastructure consolidation | A4+A7 | $366,300 | $439,560 | $586,080 |
Risk adjustment | ↓10% | ||||
Atr | Multicloud and hybrid security infrastructure consolidation (risk-adjusted) | $329,670 | $395,604 | $527,472 | |
Three-year total: $1,252,746 | Three-year present value: $1,022,943 |
Evidence and data. In addition to the labor saved from no longer managing sprawling legacy security stacks (see Benefit A) and beyond reactive threat mitigation (see Benefit C), interviewees revealed several ways in which Defender for Cloud instilled productivity improvements across their organizations compared to the prior environments.
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
Risks. Forrester recognizes that these results may not be representative of all experiences. The following factors may impact this benefit:
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $5.6 million.
$5.6M
SecOps productivity improvement
“[With Defender for Cloud,] if the tools are configured properly, the [global] efficiencies in your SOC can probably be up to 30% for a fine-tuned environment.”
Technical manager, B2B software
Ref. | Metric | Source | Year 1 | Year 2 | Year 3 |
---|---|---|---|---|---|
B1 | Total SecOps FTEs | Composite | 150 | 150 | 150 |
B2 | Percent of workloads protected and addressable by Defender for Cloud | A2 | 50% | 60% | 80% |
B3 | SecOps productivity improvement from enhanced visibility | Interviews | 30% | 30% | 30% |
B4 | Productivity recapture | TEI standard | 50% | 50% | 50% |
B5 | Average fully burdened salary for a SecOps resource (rounded) | Composite | $176,800 | $176,800 | $176,800 |
Bt | SecOps productivity gain | B1*B2*B3*B4*B5 | $1,989,000 | $2,386,800 | $3,182,400 |
Risk adjustment | ↓10% | ||||
Btr | SecOps productivity gain (risk-adjusted) | $1,790,100 | $2,148,120 | $2,864,160 | |
Three-year total: $6,802,380 | Three-year present value: $5,554,555 |
Evidence and data. With the Microsoft Defender for Cloud investment, interviewees’ organizations identified several levers through which the platform accelerated threat investigation and remediation labor.
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
Risks. Forrester recognizes that these results may not be representative of all experiences. The following factors may impact this benefit.
Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $796,000.
Ref. | Metric | Source | Year 1 | Year 2 | Year 3 |
---|---|---|---|---|---|
C1 | Prior number of threats requiring investigation | Interviews; 1,000/week +5% YOY |
52,000 | 54,600 | 57,330 |
C2 | False positive rate in the prior environment | Composite | 50% | 50% | 50% |
C3 | Total number of false positives investigated in the prior environment | C1*C2 | 26,000 | 27,300 | 28,665 |
C4 | Average hours to investigate threats in the prior environment | Interviews | 0.25 | 0.25 | 0.25 |
C5 | Average fully burdened hourly rate of a SecOps resource, rounded | B5/2,080 | $85 | $85 | $85 |
C6 | Percent of workloads protected and addressable by Defender for Cloud | A2 | 50% | 60% | 80% |
C7 | Reduction in threat false positives with Defender for Cloud | Interviews | 50% | 50% | 50% |
C8 | Subtotal: Avoided threat investigation labor from reduced false positives with Defender for Cloud | C3*C4*C5*C6*C7 | $138,125 | $174,038 | $243,653 |
C9 | Total number of threats requiring investigation using Defender for Cloud | C1*C6*(1-C7) | 13,000 | 16,380 | 22,932 |
C10 | Decrease in time to investigate threats with Defender for Cloud | Interviews | 30% | 30% | 30% |
C11 | Subtotal: Accelerated threat investigation effort from improved visibility with Defender for Cloud | C4*C5*C9*C10 | $82,875 | $104,423 | $146,192 |
C12 | Total number of investigated threats requiring remediation using Defender for Cloud | C9*C2*(1-C7) | 3,250 | 4,095 | 5,733 |
C13 | Average hours to remediate true threats in the prior environment | Composite | 1 | 1 | 1 |
C14 | Decrease in time to remediate threats with Defender for Cloud | Interviews | 30% | 30% | 30% |
C15 | Subtotal: Accelerated threat remediation effort from improved visibility with Defender for Cloud | C4*C5*C12*C14 | $82,875 | $104,423 | $146,192 |
Ct | Threat investigation and remediation acceleration | C8+C11+C15 | $303,875 | $382,884 | $536,037 |
Risk adjustment | ↓20% | ||||
Ctr | Threat investigation and remediation acceleration (risk-adjusted) | $243,100 | $306,307 | $428,830 | |
Three-year total: $978,237 | Three-year present value: $796,332 |
50%
Reduction in threat false positives
30%
Decrease in MTTR threats
“[Defender for Cloud] just takes out the weird stuff happening on our network that ends up on the cybersecurity desk. We’ve already probably cut back about 60% of the workload, and a lot of that revolves around false positives, so I can get better data. The systems assess the data properly. ... I’m not even going to give it to the analyst. I’m going to auto-close.”
CTO, life sciences
Evidence and data. Interviewees said that prior to investing in Defender for Cloud, they and their organizations were ill-equipped to face a new era of cyberthreats. The organizations often deployed a layered approach with the best tools capturing the most workloads to secure against an increasingly hostile and unmanageable attack surface.
Multiple interviewees reported their organization’s best-of-breed approach served to increase its Azure cloud consumption and deploy more multicloud workloads to the Defender for Cloud environment.
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
Risks. Forrester recognizes that these results may not be representative of all experiences. The following factors may impact this benefit.
Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $292,000.
Ref. | Metric | Source | Year 1 | Year 2 | Year 3 |
---|---|---|---|---|---|
D1 | Likelihood of experiencing one or more breach per year | Forrester Research | 89% | 89% | 89% |
D2 | Breaches attributable to source of attack | Forrester Research | 49% | 49% | 49% |
D3 | Mean cumulative cost of data breaches | Forrester Research | $5,065,000 | $5,065,000 | $5,065,000 |
D4 | Percent of workloads protected and addressable by Defender for Cloud | A2 | 50% | 60% | 80% |
D5 | Risk reduction with Defender for Cloud | Interviews | 10% | 10% | 10% |
Dt | Data breach-related cost reduction | D1*D2*D3*D4*D5 | $110,668 | $132,801 | $177,068 |
Risk adjustment | ↓15% | ||||
Dtr | Data breach-related cost reduction (risk-adjusted) | $94,068 | $112,881 | $150,508 | |
Three-year total: $357,456 | Three-year present value: $291,885 |
10%
Incremental protection against data breaches
“Microsoft is capturing 10% of real incidents [not caught by other solutions deployed, thereby] reducing our attack surface by 10%.”
CISO, technology
Evidence and data. Interviewees discussed how regular audits of their organizations’ compliance postures across multiple, repetitive compliance regimes put valuable resources toward efforts that were rarely designed for an effective compliance program. This complexity resulted in costly overhead, with significant portions of the audit and compliance workload dedicated to the level of rework necessitated from manually managing and correcting error-prone multicloud security policies.
Interviewees shared how Microsoft Defender for Cloud automated their organizations’ auditing and compliance efforts, which reduced the related workloads required from internal FTEs.
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
Risks. Forrester recognizes that these results may not be representative of all experiences. The following factors may impact this benefit:
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $857,000.
Ref. | Metric | Source | Year 1 | Year 2 | Year 3 |
---|---|---|---|---|---|
E1 | Total FTEs dedicated to audit compliance efforts in the prior environment | Composite | 5 | 5 | 5 |
E2 | Average fully burdened salary for an FTE dedicated to audit compliance efforts (rounded) | B5 | $176,800 | $176,800 | $176,800 |
E3 | Percent of workloads protected and addressable by Defender for Cloud | A2 | 50% | 60% | 80% |
E4 | Reduction in audit compliance overhead with Defender for Cloud | Interviews | 15% | 15% | 15% |
E5 | Subtotal: Reduced audit compliance overhead costs with Defender for Cloud | E1*E2*E3*E4 | $66,300 | $79,560 | $106,080 |
E6 | Subtotal: Savings from reduced auditing fees | Interviews | $300,000 | $300,000 | $300,000 |
Et | Audit compliance posture improvement | E5+E6 | $366,300 | $379,560 | $406,080 |
Risk adjustment | ↓10% | ||||
Etr | Audit compliance posture improvement (risk-adjusted) | $329,670 | $341,604 | $365,472 | |
Three-year total: $1,036,746 | Three-year present value: $856,602 |
15%
Audit compliance posture improvement
“[Defender for Cloud] is capable of saving up to 5% of [my organization's] engineering overhead around [audit and compliance] meetings and collaboration.”
CISO, technology
Interviewees mentioned the following additional benefits that their organizations experienced but were not quantified for the analysis:
Up to 4x
Reduction in SecOps FTE turnover
“With technologies like [Defender for Cloud, security teams] can learn from one another. They grow with the product, and they’re more inclined to do that with the company that they’re in rather than … jumping to another company. Now, you’re truly augmenting and complementing your workforce with a cohort that can help them do their job [and] that’s learning, contextualizing, [and] improving over time."
Technical manager, B2B software
The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement Defender for Cloud and later realize additional uses and business opportunities, including:
Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Appendix A).
15% to 20%
Improved revenue from secure partner R&D
“[Defender for Cloud] protects everything related to our B2B relationships on R&D projects. … As we’ve spun up a lot of bidirectional interfaces, we have become more focused on … relationships that have opened up all new workloads. We need to set up a [secure] cloud-hosting environment to be able to manage it effectively.”
Senior director of IT operations, healthcare
Ref. | Cost | Initial | Year 1 | Year 2 | Year 3 | Total | Present Value |
---|---|---|---|---|---|---|---|
Ftr | Microsoft Defender for Cloud fees | $0 | $1,228,500 | $1,351,350 | $2,079,000 | $4,658,850 | $3,795,620 |
Gtr | Implementation and maintenance | $250,228 | $126,143 | $93,154 | $47,124 | $516,648 | $477,294 |
Total costs (risk-adjusted) | $250,228 | $1,354,643 | $1,444,504 | $2,126,124 | $5,175,498 | $4,272,914 | |
Evidence and data. Interviewees’ organizations had a mix of the following Defender for Cloud products and cost drivers:
Modeling and assumptions. Based on the interviews, Forrester estimates the following for the composite organization:
Risks. Forrester recognizes that these results may not be representative of all experiences. The following factors may impact this cost:
Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $3.8 million.
Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 |
---|---|---|---|---|---|---|
F1 | Microsoft Defender for Cloud subscription fees | Composite | $0 | $1,170,000 | $1,287,000 | $1,980,000 |
Ft | Microsoft Defender for Cloud costs | F1 | $0 | $1,170,000 | $1,287,000 | $1,980,000 |
Risk adjustment | ↑5% | |||||
Ftr | Microsoft Defender for Cloud fees (risk-adjusted) | $0 | $1,228,500 | $1,351,350 | $2,079,000 | |
Three-year total: $4,658,850 | Three-year present value: $3,795,620 |
Evidence and data. Interviewees described various implementation and maintenance scenarios that correspond with their Defender for Cloud product deployments, including:
Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:
Risks. Forrester recognizes that these results may not be representative of all experiences. The following factors may impact this cost.
Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $477,000.
Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 |
---|---|---|---|---|---|---|
G1 | Total implementation resources | Composite | 4 | 3 | 2 | 0 |
G2 | Total implementation labor time per internal resource (hours) | Composite | 520 | 260 | 208 | 0 |
G3 | Total implementation labor time (hours) | G2*G1 | 2,080 | 780 | 416 | 0 |
G4 | Average fully burdened hourly rate for an implementation resource (rounded) | C5 | $85 | $85 | $85 | $85 |
G5 | Subtotal: Internal implementation labor costs | G3*G4 | $176,800 | $66,300 | $35,360 | $0 |
G6 | Total resources trained on Defender for Cloud | Composite | 4 | 75 | 90 | 120 |
G7 | Average time per resource (hours) | Interviews | 2 | 2 | 2 | 2 |
G8 | Subtotal: Internal training costs | Interviews | $680 | $12,750 | $15,300 | $20,400 |
G9 | Subtotal: External implementation cost | Interviews | $50,000 | $25,000 | $20,000 | $0 |
G10 | Percent of workloads protected and addressable by Defender for Cloud | A2 | 0% | 50% | 60% | 80% |
G11 | Total resource time dedicated to maintaining the Defender for Cloud environment (hours) | Interviews | 0 | 250 | 275 | 330 |
G12 | Average fully burdened hourly rate for an implementation resource | Composite | $85 | $85 | $85 | $85 |
G13 | Subtotal: Maintenance costs | G10*G11*G12 | $0 | $10,625 | $14,025 | $22,440 |
Gt | Implementation and maintenance | G5+G9+G13 | $227,480 | $114,675 | $84,685 | $42,840 |
Risk adjustment | ↑10% | |||||
Gtr | Implementation and maintenance (risk-adjusted) | $250,228 | $126,143 | $93,154 | $47,124 | |
Three-year total: $516,648 | Three-year present value: $477,294 |
The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.
These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.
Initial | Year 1 | Year 2 | Year 3 | Total | Present Value | |
---|---|---|---|---|---|---|
Total costs | ($250,228) | ($1,354,643) | ($1,444,504) | ($2,126,124) | ($5,175,498) | ($4,272,914) |
Total benefits | $0 | $2,786,608 | $3,304,516 | $4,336,441 | $10,427,565 | $8,522,317 |
Net benefits | ($250,228) | $1,431,965 | $1,860,013 | $2,210,317 | $5,252,067 | $4,249,403 |
ROI | 99% | |||||
Payback | <6 months | |||||
Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.
Benefits represent the value delivered to the business by the product. The TEI methodology places equal weight on the measure of benefits and the measure of costs, allowing for a full examination of the effect of the technology on the entire organization.
Costs consider all expenses necessary to deliver the proposed value, or benefits, of the product. The cost category within TEI captures incremental costs over the existing environment for ongoing costs associated with the solution.
Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. Having the ability to capture that benefit has a PV that can be estimated.
Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”
The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash flows.
The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made unless other projects have higher NPVs.
A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.
The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.
The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost.
The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.
1 Forrester defines CWS as a suite of cloud workload security solutions that secure, detect, and respond to threats while governing and protecting cloud workloads at the cloud service provider console (using cloud security posture management and cloud infrastructure entitlement management capabilities), guest operating system (using cloud workload protection), container runtime and container orchestration layer (container protection), infrastructure-as-code (IaC) layer, and serverless functions. Source: The Cloud Workload Security Landscape, Q3 2023, Forrester Research, Inc., September 15, 2023.
2 Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders. Unless otherwise noted, all dollar amounts in this study are in US dollars.
3 Forrester defines a breach as an incident resulting in the loss or compromise of data, accompanied by material remediation costs.
4 In 2022, the average enterprise dedicated 5.9% of its IT budget to cybersecurity (including personnel, hardware, software, and outsourcing). Source: Security Benchmarks And Recommendations For 2024, Forrester Research, Inc., February 20, 2024.
5 Forrester Technographics 2023. Forrester annually assesses cybersecurity metrics through interviews, surveys, and expertise in the field. Analyses are provided with information rooted with specific data sets most accurately applied to the situations that have been collected in the study.
6 Forrester Technographics 2023. Forrester annually assesses cybersecurity metrics through interviews, surveys, and expertise in the field. Analyses are provided with information rooted with specific data sets most accurately applied to the situations that have been collected in the study.
Forrester provides independent and objective research-based consulting to help leaders deliver key transformation outcomes. Fueled by our customer-obsessed research, Forrester’s seasoned consultants partner with leaders to execute on their priorities using a unique engagement model that tailors to diverse needs and ensures lasting impact. For more information, visit forrester.com/consulting.
© Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies.
Cookie Preferences
Accept Cookies
Decline
Close
This website uses cookies to deliver functionality and enhance your experience. GDPR requires that we obtain your consent before activating these cookies. Please accept the use of cookies or review your cookie settings now.
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions (data inputs, website navigation), so you don’t have to re-enter data when you come back to the site or browse from one page to another.
Behavioral information collected by our web analytics vendor is used to analyze data pertaining to visitor trends, plan website enhancements, and measure overall website effectiveness. We may also use cookies or web beacons to help us offer you products, programs, or services that may be of interest to you and to deliver relevant advertising. We may use third-party advertising companies to help tailor website content to users or to serve ads on our behalf. These companies may also employ cookies and web beacons to measure advertising effectiveness.
Please accept cookies and the collection of behavioral information to receive full functionality and enhance your experience. If you decline cookies, some features of the website may not function normally.
Please see our
Privacy Policy for more information.
https://mainstayadvisor.com/go/mainstay/gdpr/policy.html