The Total Economic Impact™ Of Akamai Guardicore Segmentation

Cost Savings And Business Benefits Enabled By Guardicore Segmentation

A Forrester Total Economic Impact™ Study Commissioned By Akamai, November 2024

Switch between the study data and your organization’s custom data below. Answering the questions on the “Custom Data” tab will allow you to customize the analysis and estimate the potential impact of using Akamai Guardicore Segmentation for your organization.

Study Data Custom Data

Study Data

What is your organization's annual revenue?

How many employees does your organization have?

How many “major” locations does your organization have?

How many workloads would your organization like to secure?

How many SecOps/NetOps professionals does your organization employ?

Advanced inputs

Your Organization

What is the name of your organization?

What is your organization's annual revenue?

How many employees does your organization have?

How many “major” locations does your organization have?

How many workloads would your organization like to secure?

How many SecOps/NetOps professionals does your organization employ?

Advanced inputs

Complex IT ecosystems coupled with legacy security protocols leave companies vulnerable to cybersecurity attacks. As companies move towards Zero Trust, microsegmentation solutions help protect against unknown exposures for malicious lateral traffic on the network. Akamai’s Guardicore Segmentation deploys an infrastructure-agnostic, agent-based approach to increase network visibility, protect critical applications, reduce attack surface area, and streamline cybersecurity operations while supporting legacy operating systems. Collectively, this enables enterprise network security platforms to be more dynamic and agile while protecting against malicious actors.

In today’s digital landscape, organizations face significant challenges in optimizing network visibility and security. As enterprises expand their IT infrastructures to include on-premises, cloud, and hybrid environments, the complexity of managing and securing these networks increases exponentially, and the traditional perimeter defense approach is inadequate. ¹ This is made even more complex with the proliferation of legacy systems, the rise of remote work, and the need for stringent regulatory compliance. Collectively, these dynamics feed into the broader challenges of the ever-changing cybersecurity landscape: preventing breaches and ransomware from spreading across IT landscapes.

Guardicore Segmentation from Akamai offers a robust solution to the challenges of network visibility and security. By providing comprehensive visibility into network communications, supporting legacy operating systems, enabling scalable microsegmentation, and simplifying policy management, Guardicore Segmentation empowers organizations on a Zero Trust journey to protect their networks effectively and maintain compliance with regulatory requirements.

Akamai commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Guardicore Segmentation.² The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Guardicore Segmentation on their organizations.

Return on investment (ROI)

152%152%

Net present value (NPV)

$5.82M$5.82M

To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed five representatives with experience using Akamai Guardicore Segmentation. For the purposes of this study, Forrester aggregated the interviewees’ experiences and combined the results into a single composite organization that is a global organization in a highly regulated industry with $1 billion in annual revenue and 5,000 employees at 10 global locations.

has an annual revenue of and employs 0 people, including 0 network and security operations professionals. The organization has 0 major locations and would like to secure 0 workloads. Custom results are based on user inputs and the TEI case study.

Interviewees said that prior to using Guardicore Segmentation, their organizations needed to improve network segmentation to prevent lateral movement of threats and enhance overall security. Cybersecurity teams required better visibility into network traffic and interactions between systems to detect and respond to potential threats more effectively. Cybersecurity teams managed networks of firewalls focused on protecting the external perimeters as well as externally postured software visibility tools. Additionally, the organizations had several legacy systems critical for their operations, but they were vulnerable to modern cyberthreats they also needed protection against.

“[Guardicore Segmentation] is absolutely worth it because we’ve been able to reduce our attack surface for all of our legacy systems and a number of applications. We haven’t had to fully replace anything, and we are preventing potentially impactful cyberattacks.”

Infosec officer, specialty manufacturer

After the investment in Guardicore Segmentation, the interviewees’ organizations drastically enhanced their visibility across applications and endpoints and streamlined their risk postures and policy management capabilities. This enabled them to proactively visualize east-west traffic on their networks. Interviewees said that with the deployment of Guardicore (which they reported was significantly easier to deploy compared to other legacy firewalls), their organizations increased security operations and productivity, reduced incident management effort, and reduced the likelihood of a security breach. They said Guardicore’s flexibility in supporting legacy operating systems also extended the life of legacy systems without the immediate need for costly replacements. These results created stronger security environments for the organizations and reduced their attack surface areas.

Net reduction in incident management effort with Guardicore Segmentation by Year 3

70%

Key Findings

Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:

Avoided revenue loss from a security breach of 1.4% to 2.0% per year. Guardicore Segmentation improves lateral visibility for the composite organization, leading to a 70% reduction in attack surface area by Year 3. The corresponding reduction in the risk of a material breach enables the composite organization to avoid significant downtime. By retaining 1.4% of its revenue in Year 1, 1.7% in Year 2, and 2.0% in Year 3, the composite organization manages to recoup a three-year profit of nearly $4.1 million.

For , this benefit might be worth over three years.

Incident management effort reduced by 70% by Year 3. With network microsegmentation with Guardicore, the composite organization’s security operations (SecOps) and network operations (NetOps) teams detect and respond to potential threats more quickly and effectively. These cybersecurity professionals reduce the time to investigate and remediate security incidents by 70% by Year 3. Based on 1,300 viable security incidents per year, the composite organization saves nearly $1.3 million over three years.

For , this benefit might be worth over three years.

Fewer cybersecurity resources required due to streamlined operations. With Guardicore Segmentation, the composite’s SecOps and NetOps teams easily visualize microsegmentation, implement policy in a single dashboard, and simplify security posture and validation. Compared with the resources required to manage traditional firewalls and legacy security tools to improve visibility in small increments, Guardicore allows the composite to redeploy many cybersecurity professionals to higher-value-added work. Above and beyond reduced incident management (Benefit B), the composite organization needs 33% fewer cybersecurity professionals, resulting in savings of nearly $1.4 million over three years.

For , this benefit might be worth over three years.

More than $2.9 million saved by reducing or eliminating legacy systems. Before using Guardicore Segmentation, the composite used firewalls in conjunction with legacy endpoint tools and did not have acceptable levels of network visibility. The organization also has several systems critical to business operations that would need to be replaced. With Guardicore Segmentation, the composite organization manages its existing firewalls more granularly, improves network visibility, and ensures continued network and security management for legacy systems. This benefit includes: 1) the avoided cost of upgrading firewalls being used in lieu of microsegmentation, 2) the elimination of one legacy cybersecurity tool, and 3) the deferred cost of replacing multiple legacy on-premises systems. Altogether, this results in cost savings of just over $2.9 million over three years.

For , this benefit might be worth over three years.

Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:

Integrations with existing security tools. Guardicore Segmentation’s integrations with other asset management solutions and security tools such as security incident and event management (SIEM), endpoint detection and response (EDR), and extended detection and response (XDR) provide a more comprehensive and integrated security environment for the composite organization. These integrations enhance its overall security posture and improve the efficiency of its security operations.
Leveraging professional services to identify additional use cases. Interviewees stated that Guardicore has a broad set of capabilities for policy creation as well as performing any automation or customized task. They said that by working with Akamai’s experienced services professionals, their organizations were able to expand and utilize additional use cases.
Improved job satisfaction for cybersecurity professionals. Interviewees said the centralized dashboard and ease of management of Guardicore reduces the time and resources required for ongoing management, which allows SecOps and NetOps teams to focus on other critical tasks. While the time savings are quantified for the composite organization, it is more difficult to measure the impact on cybersecurity team morale and job satisfaction and the organization’s ability to retain and hire talent.

Improved productivity for the IT team. Interviewees said Guardicore has an intuitive user interface that centralizes security controls, and that this helps IT teams with network visibility and troubleshooting. While quantified benefits of the solution include the productivity impact for SecOps and NetOps professionals directly involved with cybersecurity operations, there is also an unquantifiable benefit on IT operations employees.

Costs. Three-year, risk-adjusted PV costs for the composite organization include:

Akamai Guardicore Segmentation licensing and ongoing maintenance costs. Licensing costs for the composite organization are based on configuring 5,000 workloads with Guardicore agents with some level of discounting based on the size and technical characteristics of the composite’s configuration. Additionally, at full deployment, the composite organization requires two SecOps/NetOps professionals who spend 100% of their time providing ongoing support. These costs total just over $3.3 million over three years.

For , these costs could represent over three years.

Guardicore Segmentation deployment costs. While the composite’s deployment of Guardicore agents is relatively straightforward, setting policies across the organization and working with different application owners to derive the full value of microsegmentation requires significant effort — although it’s still less than what the organization would accomplish by attempting microsegmentation with only firewalls and legacy security tools. For the complete deployment of Guardicore, the composite organization utilizes two SecOps/NetOps professionals who spend 100% of their time for 12 months. Akamai also provides the composite with professional services to support its deployment. Its total deployment costs are just under $500,000 over three years.

For , these costs could represent over three years.

The representative interviews and financial analysis found that a composite organization experiences benefits of $9.66 million over three years versus costs of $3.84 million, adding up to a net present value (NPV) of $5.82 million and an ROI of 152%.

might experience benefits of over three years versus costs of , adding up to an NPV of and an ROI of .

33% fewer FTEs

Streamlined cybersecurity cost savings

“In the event that some other part of our cyber defense model fails, then [Guardicore Segmentation] will be the thing that saves us. Breaches happen to all businesses, and they may happen to us again. When it does, the blast zone will be far smaller, and it’ll be because of Guardicore.”

Head of infrastructure, enabling software

Key Statistics

Return on investment (ROI)

152%152%

Benefits PV

$9.66M$9.66M

Net present value (NPV)

$5.82M$5.82M

Payback

<6 months<6 months

Benefits (Three-Year)

Avoided downtime cost due to a security breach Increased efficiency of cybersecurity incident management Cost savings from streamlined cybersecurity operations Cost savings from reducing or eliminating legacy systems

“Is Guardicore worth it? It’s all about compartmentalizing and segmentation, which is key for any network. The benefits of automated discovery and visualization are paramount. When you talk about consistent deployment and less errors in deployment policies around the globe, [it’s] absolutely [worth it]. And when you talk about effective breach remediation, which is absolutely paramount and really being able to sleep at night knowing that we’ve done the right thing, [it’s] absolutely [worth it].”

Infosec director, financial services

TEI Framework And Methodology

From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment in Guardicore Segmentation.

The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Guardicore Segmentation can have on an organization.

Due Diligence

Interviewed Akamai stakeholders and Forrester analysts to gather data relative to Guardicore Segmentation.
Interviews

Interviewed five representatives at organizations using Guardicore Segmentation to obtain data about costs, benefits, and risks.
Composite Organization

Designed a composite organization based on characteristics of the interviewees’ organizations.
Financial Model Framework

Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.
Case Study

Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.

Disclosures

Readers should be aware of the following:

This study is commissioned by Akamai and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.

Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Guardicore Segmentation. For the interactive functionality using Configure Data/Custom Data, the intent is for the questions to solicit inputs specific to a prospect's business. Forrester believes that this analysis is representative of what companies may achieve with Guardicore Segmentation based on the inputs provided and any assumptions made. Forrester does not endorse Akamai or its offerings. Although great care has been taken to ensure the accuracy and completeness of this model, Akamai and Forrester Research are unable to accept any legal responsibility for any actions taken on the basis of the information contained herein. The interactive tool is provided ‘AS IS,’ and Forrester and Akamai make no warranties of any kind.

Akamai reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.

Akamai provided the customer names for the interviews but did not participate in the interviews.

Consulting Team:

Erach Desai

Drivers leading to the Guardicore Segmentation investment

Interviews

Role	Industry	Region	Revenue	Employees	Guardicore Segmentation deployment
Infosec director	Financial services	HQ: EMEA Operations: Global	$40 billion+	100,00+	Core Visibility and Enforcement
Director of IT security	Healthcare services	HQ: North America Operations: North America	$9 billion+	40,000+	Core Visibility and Enforcement
Infosec officer	Specialty manufacturing	HQ: North America Operations: Global	$8 billion+	30,000+	Core Visibility and Enforcement + Insight
Head of infrastructure	Enabling software	HQ: North America Operations: Global	$1 billion+	2,000+	Core Visibility and Enforcement
CISO	Fintech	HQ: South America Operations: Regional	$100 million+	2,000+	Core Visibility and Enforcement + Hunt + Deception

Key Challenges

Forrester interviewed five decision-makers who oversee cybersecurity and networking infrastructure at their organizations. Each interviewee holds a senior role in leading security operations and is actively involved in broader efforts for the use of the cybersecurity tools stack.

Prior to deployment of Guardicore Segmentation, interviewees’ organizations struggled with lateral or east-west visibility into their networks and insights into the data flowing internally. Cybersecurity efforts in the prior states included using networks of firewalls focused on protecting external perimeters, as well as externally postured software visibility tools like EDR. Malware that might have managed to break through the external firewalls was found to be collecting data and accessing critical servers for months. Additionally, the organizations had several legacy systems that were critical for their operations but that needed protection due to vulnerability to modern cyberthreats.

“We had a security breach in 2023. Post-recovery, we needed to increase the overall security posture of the organization. One of [the goals was to enhance] network segmentation to prevent lateral movement. That’s what led us to select Guardicore.”

Head of infrastructure, enabling software

The interviewees noted how their organizations struggled with common challenges, including:

Lack of visibility into east-west communications. Each interviewee said their organization’s legacy firewall-based networks had limited visibility and were unable to sufficiently track the data flowing between critical assets (servers). Security teams, network engineers, and application owners did not have the tools to monitor network traffic and therefore did not know exactly which applications were communicating and managing permissions. Controlling network traffic or isolating systems and applications was almost entirely reactive, and automating policy deployment was challenging. Limited visibility across endpoints prevented these organizations from proactively reducing their network attack surface areas.
Inefficient investigation and remediation protocols. The interviewed decision-makers reported that their organizations’ existing endpoint cybersecurity tools were generally external-facing. To drive positive change from a security standpoint, their organizations sought a new way to analyze and understand application and endpoint communication across a global IT environment. However, their organizations lacked the ability to troubleshoot east-west traffic between servers and across applications.
Complex and outdated network architecture not optimized for zero trust. Interviewees noted that their network infrastructure had grown over multiple years and often through acquisitions. Most of them had embarked on a multiyear Zero Trust journey, driving the need for a microsegmentation solution that was vendor- and technology-agnostic and that would function across a wide range of environments, legacy systems, and applications.
The expense and labor required for traditional segmentation. Each interviewee emphasized that their organization’s efforts to gain visibility into internal networks and implement microsegmentation with homegrown solutions or a network of firewalls were arduous and relatively expensive, if not outright impossible to implement. Complex network architectures coupled with legacy systems and applications made it time- and resource-intensive to deploy microsegmentation and to deploy and enforce policy. Additionally, some external solutions lacked ease of use or could not meet the organizations’ expectations.

“What tilted things in favor of Guardicore? Legacy operating system support was one of the big ones that some of the [competing products] did not support. The other piece was the scalability and visibility, as well as the ease of the learning period through enforcement.”

Infosec officer, specialty manufacturing

Solution Requirements

The interviewees’ organizations searched for a solution that could significantly enhance east-west visibility and traffic enforcement for their networks while providing the flexibility of not immediately upgrading legacy on-premises systems. Interviewees said they looked for a microsegmentation solution that could:

Improve the organization’s overall security posture using granular policy to block, segment, and lock (ring-fence) applications and, therefore, reduce the attack surface across the network.
Be deployed more quickly, especially compared to firewalls with out-of-the-box templates, while having flexibility of grouping and labeling and allowing for the ability to customize policies over time.
Streamline microsegmentation and policy creation by offering a single pane of glass workflow to define assets and simplify application-dependency mapping.
Support hybrid network and applications architectures, including support of legacy operating systems, which would allow for the deference of the cost of time (and the capital expense) of legacy systems upgrades.
Reduce network complexity while enhancing visibility to ensure cross-environment connections are secure and data sovereignty is upheld.
Enhance the ability of SecOps to dive deep into specific network segments and identify and remediate root cause issues with the inclusion of add-ons (e.g., Akamai Guardicore Segmentation Hunt, Insight, Deception, etc.).
Provide scalability and performance on a cloud-native technology stack while seamlessly supporting on-premises systems.

“With Guardicore, it was a lot easier for us to be able to develop a ring concept where you could easily move assets in and out of policy and achieve a security boundary that is more logical than it is physical. That’s what we liked about Guardicore.”

Head of infrastructure, enabling software

Composite Organization

Based on the interviews, Forrester constructed a TEI framework, a composite company, and an ROI analysis that illustrates the areas financially affected. The composite organization is representative of the five interviewees, and it is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics:

Description of composite. The composite is a global organization in a highly regulated industry (e.g., financial services, healthcare, precision manufacturing, etc.) with $1 billion in annual revenue. It employs 5,000 people who are located in 10 sites (including some data centers) in several countries around the world. The composite’s internal and customer-facing operations are highly reliant on technology and the flow of significant data across its networks.

has an annual revenue of and employs 0 people, including 0 network and security operations professionals. The organization has 0 major locations and would like to secure 0 workloads.

Prior state. The composite’s network is comprised of more than 10,000 physical and virtual servers that support in excess of 7,500 workloads. Furthermore, the organization routinely makes hardware updates to the existing IT infrastructure every three to five years to remain at the forefront of industry best practices and to be compliant with regulations. Additionally, the composite has a hybrid system in place. It has some legacy, on-premises systems that handle critical customer data that is not ready to be moved to the cloud. It relies on firewalls for east-west traffic with limited visibility.

Deployment characteristics and key modeling assumptions. Based on a collaborative assessment with Akamai, the composite decides to configure 5,000 of its most critical workloads with 5,000 agents of Guardicore Segmentation. For the financial model, Forrester assumes the following:

The initial deployment of the agents and first phase of policy setting is completed over the final three months of Year 0.
The second phase of the deployment — which involves gathering feedback, evaluating the configuration, and completing the policy setting — is done during the first three months of Year 1.
In terms of the effective value gained from Guardicore Segmentation, the composite derives 70% of the effective value in Year 1, 85% in Year 2, and 100% in Year 3 and onward. This is due to ongoing learning from using a newer technological solution.

Key Assumptions

Global organization in a highly regulated industry
$1 billion in annual revenue
5,000 employees located in 10 global locations
5,000 critical workloads protected with Guardicore Segmentation agents

Quantified benefit data as applied to the composite

The following table shows custom results for .

Total Benefits

Ref.	Benefit	Year 1	Year 2	Year 3	Total	Present Value
Atr	Avoided downtime cost due to a security breach	$1,384,616 $1,384,616	$1,661,539 $1,661,539	$1,938,462 $1,938,462	$4,984,618 $4,984,618	$4,088,310 $4,088,310
Btr	Increased efficiency of cybersecurity incident management	$438,048 $438,048	$525,658 $525,658	$613,267 $613,267	$1,576,973 $1,576,973	$1,293,410 $1,293,410
Ctr	Cost savings from streamlined cybersecurity operations	$550,800 $550,800	$550,800 $550,800	$550,800 $550,800	$1,652,400 $1,652,400	$1,369,758 $1,369,758
Dtr	Cost savings from reducing or eliminating legacy systems	$1,023,336 $1,023,336	$1,252,836 $1,252,836	$1,252,836 $1,252,836	$3,529,008 $3,529,008	$2,906,981 $2,906,981
	Total benefits (risk-adjusted)	$3,396,800 $3,396,800	$3,990,833 $3,990,833	$4,355,366 $4,355,366	$11,742,998 $11,742,998	$9,658,459 $9,658,459

Avoided Downtime Cost Due To A Security Breach

Evidence and data. Interviewees said Guardicore Segmentation enabled their organizations to apply detailed network segmentation, including separating production and disaster recovery environments. This segmentation limited the lateral movement of threats within the networks, which enhanced the companies’ overall visibility — especially east-west visibility that was minimalist in their prior states. For the interviewees’ organizations, improved visibility translated into a significant reduction in attack surface area.

The infosec officer for a specialty manufacturer noted: “I would just say [Guardicore] increased visibility to our assets and to our network. Our visibility was at maybe 10%, and now it’s about 60%, which is a big improvement.” In terms of the business impact of a ransomware attack, they went on to state: “It’s hard to quantify the financial impact of a security incident. One way or another, it could cost an organization like ours $20 million or more.”
The infosec director for a financial services provider described the impact on risk: “Without Guardicore, the risk of a breach from these horizontal network effects was about 20%. Post-Guardicore, we’re talking about maybe 5% to 6% risk. So, [it’s] definitely more than 50% risk reduction.”
The director of IT security for a healthcare services company said: “With our existing endpoint cybersecurity tools, I would say we had 80% visibility. Guardicore completed our visibility. It didn’t just fill the gap; it enhanced our visibility because it gave us full visibility. I’m able to see what communications are happening, how often they’re happening, and what data is communicating between servers.”
The CISO for a fintech enterprise stated: “The main benefit is the reduced risk of cyberattacks. The improved visibility gives us more security and resilience. Guardicore gives us full point-to-point visibility.”

“For the legacy systems and for the business applications that we have under coverage, Guardicore has significantly reduced our attack surface area. I would say [we’ve seen] about 70% to 80% reduction in attack surface area.”

Infosec officer, specialty manufacturing

Modeling and assumptions. This benefit focuses on how improved visibility through microsegmentation by Guardicore Segmentation enables the composite organization to reduce the attack surface area and thus meaningfully lower the risk of a material data breach. For the composite organization, Forrester assumes the following:

The composite organization experiences four material data breaches per year.³ Nearly two-thirds (62.5%) of such data breaches fall into the realm that is addressable by microsegmentation techniques (row A1).
The length of operational impact on the composite organization for a material data breach is two weeks. Because the composite operates globally for 12 working hours per day for five days a week, this is 120 hours before full restoration of business operations.
Prior to the deployment of microsegmentation, the risk of a material breach for the composite organization is 30%.
Guardicore provides a gross reduction in the composite’s attack surface area by 70%. The net reduction (row A4) is based on the effectiveness of the Guardicore solution by year, resulting in 50% attack surface area reduction in Year 1, 60% reduction in Year 2, and 70% reduction by Year 3.
Based on 3,120 hours of annual operations (52 weeks times five business days times 12 hours per day), the composite organization generates $320,513 in revenue per hour.
The composite retains 1.4% of its revenue in Year 1, 1.7% in Year 2, and 2.0% in Year 3 by avoiding downtime due to a material data breach.
To determine the net business impact for the composite, the revenue benefit is converted into operating profit. Forrester assumes that the operating margin for the composite’s industry is 12%.

Risks. Forrester recognizes that these results may not be representative of all experiences and that the profit gains will vary among organizations depending on the following factors:

The reduction in attack surface area with Guardicore will depend on the number of agents deployed to protect the right set of critical assets (e.g., servers, etc.) and the relative sophistication of the microsegmentation set up by the security team.
The cost of downtime will depend on the revenue, product, and customer profile of the organization, including hours of business operations.
The length of time for a material data breach (i.e., when all operations are effectively at a standstill) could vary by industry and the relative expertise of the organization’s SecOps team.

Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of nearly $4.1 million.

For , this benefit may have a three-year, risk-adjusted total PV of .

Net reduction in overall attack surface area with Guardicore Segmentation by Year 3

70%

Avoided loss of annual revenue with Guardicore Segmentation by Year 3

2.0%

“The biggest benefit [of Guardicore] is having more security resilience to avoid security incidents and cyberattacks. And that’s due to enhanced visibility.”

Director of IT security, healthcare services

The following table shows custom results for .

Avoided Downtime Cost Due To A Security Breach

Ref.	Metric	Source	Year 1	Year 2	Year 3
A1	Material data breaches addressable with microsegmentation	Forrester research	2.52.5	2.52.5	2.52.5
A2	Average length of a material data breach (hours)	Interviews	120120	120120	120120
A3	Risk of a breach before Guardicore Segmentation	Assumption	30%30%	30%30%	30%30%
A4	Net reduction in attack surface with Guardicore Segmentation	Interviews	50%50%	60%60%	70%70%
A5	Revenue per hour	CompositeScaled for	$320,513 $320,513	$320,513 $320,513	$320,513 $320,513
A6	Avoided revenue loss with Guardicore Segmentation	A1A2A3A4A5	$14,423,085 $14,423,085	$17,307,702 $17,307,702	$20,192,319 $20,192,319
A7	Operating margin	CompositeComposite	12%12%	12%12%	12%12%
At	Avoided downtime cost due to a security breach	A6*A7	$1,730,770 $1,730,770	$2,076,924 $2,076,924	$2,423,078 $2,423,078
	Risk adjustment	↓20%
Atr	Avoided downtime cost due to a security breach (risk-adjusted)		$1,384,616 $1,384,616	$1,661,539 $1,661,539	$1,938,462 $1,938,462
Three-year total: $4,984,618 $4,984,618		Three-year present value: $4,088,310 $4,088,310

Increased Efficiency Of Cybersecurity Incident Management

Evidence and data. Interviewees noted that prior to Guardicore Segmentation, their organizations relied on traditional endpoint and extended detection and response tools that were designed for monitoring and remediating north-south network traffic. With Guardicore Segmentation, they were able to gain comprehensive visibility into lateral network traffic and interactions between critical systems. Besides improving visibility, this enabled SecOps and NetOps teams to detect and respond to potential threats more quickly and effectively, reducing the likelihood of material security incidents.

The infosec director for a financial services provider described the state of incident management before Guardicore: “Prior to Guardicore, we suffered from what they call false positives. There was always an issue in the network, and we could be talking about maybe 300 to 500 alerts a day globally. Our KPI for resolving these issues was 24 to 48 hours.”
The head of infrastructure for an enabling software provider spoke about overall productivity: “We do see operational productivity benefits for our cybersecurity team. I think it's probably 5% to 10% productivity improvement.”
The CISO for a fintech enterprise stated: “Before Guardicore, we needed to check maybe five or six tools to verify access, etc. With Guardicore, it’s just one solution that give us more accurate information. I would be comfortable saying that the incident management team is 20% more productive.”

Modeling and assumptions. This benefit quantifies how the composite organization improves SecOps and NetOps productivity by reducing the time to investigate and remediate credible incidents, thereby avoiding breaches. For the composite organization, Forrester assumes the following:

The composite organization encounters 1,300 security incidents per year (or about 25 per week).⁴
In the prior state, the composite required 12 hours of FTE effort for investigation and remediation.
The composite’s gross reduction in incident management effort with Guardicore is 70%. As an important note, this percentage coincides with the gross reduction in attack surface area in Benefit A, but these two metrics are not interlinked. The net reduction in incident management effort (row B3) is based on the effectiveness of the Guardicore solution by year.
The composite effectively saves four to five FTEs per year based on the overall time savings (row B4) directly due to higher productivity of incident management.
The fully burdened hourly salary for a SecOps/NetOps professional is $78. This is based on an average annual salary of $120,000 with a 35% loading for benefits, etc.
Forrester applies a productivity adjustment factor for the composite organization that represents the percentage of productivity savings realized. For example, 1 hour of time savings does not necessarily translate into 1 hour of productive work. For these productivity-based cost savings, the composite organization’s SecOps and NetOps professionals productively utilize 80% of their time savings.

Risks. Forrester recognizes that these results may not be representative of all experiences and that the profit gains will vary among organizations depending on the following factors:

The reduction in incident management effort with Guardicore will depend on the number of agents deployed, additional add-on capabilities purchased, and the granularity of microsegmentation set up by the security team.
The number of security incidents per year will vary by the complexity of the organization’s network, including the size of the organization.
The time required to investigate and remediate security incidents in the prior state will be dependent on the relative sophistication of the legacy cybersecurity toolset and the expertise of the security team.

Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV of under $1.3 million.

For , this benefit may have a three-year, risk-adjusted total PV of .

Net reduction in incident management effort with Guardicore Segmentation by Year 3

70%

“With Guardicore, we have that visibility and that segmentation to quickly identify exactly which areas of the network have been exploited. In terms of identifying, having the right fix, and remediating the issue, we went from 24 hours before down to 4 hours.”

Infosec director, financial services

The following table shows custom results for .

Increased Efficiency Of Cybersecurity Incident Management

Ref.	Metric	Source	Year 1	Year 2	Year 3
B1	Security incidents needing investigation	CompositeComposite	1,3001,300	1,3001,300	1,3001,300
B2	Time to investigate and remediate each security incident before Guardicore Segmentation (hours)	CompositeTEI case study	1212	1212	1212
B3	Net reduction in incident management effort with Guardicore Segmentation	Interviews	50%50%	60%60%	70%70%
B4	Time savings for SecOps and NetOps FTEs through faster resolution (hours)	B1B2B3	7,8007,800	9,3609,360	10,92010,920
B5	Fully burdened hourly salary for a SecOps/NetOps professional	TEI standardTEI standard	$78 $78	$78 $78	$78 $78
B6	Productivity adjustment factor	TEI standard	80%80%	80%80%	80%80%
Bt	Increased efficiency of cybersecurity incident management	B4B5B6	$486,720 $486,720	$584,064 $584,064	$681,408 $681,408
	Risk adjustment	↓10%
Btr	Increased efficiency of cybersecurity incident management (risk-adjusted)		$438,048 $438,048	$525,658 $525,658	$613,267 $613,267
Three-year total: $1,576,973 $1,576,973		Three-year present value: $1,293,410 $1,293,410

Cost Savings From Streamlined Cybersecurity Operations

Evidence and data. Interviewees said their organizations’ previous firewall segmentation and legacy network visibility solutions lacked control and that this resulted in performing manual intervention to understand, isolate, and prevent illegitimate east-west traffic throughout their complex networks. Additionally, their organizations lacked a clear understanding of their IT environments, which limited their insights into how applications and end users communicated with databases throughout the networks.

Interviewees noted that with Guardicore Segmentation, their organizations’ SecOps teams could easily visualize microsegmentation and implement policy (e.g., creation, monitoring, and enforcement) in a single workflow, as well as simplify posture validation. Interviewees said that with the overall productivity of the Guardicore Segmentation solution their organizations’ SecOps and NetOps professionals could be redeployed for higher-value-added work or their organizations could simply not hire as many FTEs as would have been needed using traditional firewalls and legacy security tools.

The infosec director for a financial services provider summarized their organization’s cybersecurity operational efficiency: “Previously, our team was about maybe 22 globally. And that would have had to increase to around maybe 30 to 35. Now, with Guardicore, that 22 has gone down to maybe 12, where we have someone who can back up and back up after that as well. [It’s] the ‘follow the sun’ model. Having Guardicore in place, we’ve gone from 22 to 12.”
The head of infrastructure for an enabling software provider spoke about overall productivity: “We do see operational productivity benefits for our cybersecurity team. I think it’s probably 5% to 10% productivity improvement.”

Modeling and assumptions. This benefit addresses how the composite organization streamlines its overall cybersecurity operations with the deployment of Guardicore Segmentation. While Benefit B focuses on the reduction in incident management efforts, this benefit focuses on the FTE savings derived above and beyond incident management by utilizing more FTEs for manual effort to compensate for the lack of east-west visibility and having to deal with somewhat overlapping legacy tools. For the composite organization, Forrester assumes the following:

In its prior state, the composite organization would require at least 11 SecOps/NetOps professionals, including personnel for incident management.
In addition to the time savings quantified in Benefit B, the composite organization only requires seven cybersecurity professionals with Guardicore Segmentation due to the streamlined operations efficiency. The number of cybersecurity FTEs redeployed for value-added work or that don’t need to be hired (row C3) would be higher if the productivity improvement from incident management (Benefit B) was included.
The fully burdened annual salary for a SecOps/NetOps professional is $162,000.
Forrester does not apply a productivity adjustment factor for FTE cost savings.

Risks. Forrester recognizes that these financial model results may not reflect the unique experiences of organizations using Guardicore Segmentation and that these cost savings can be impacted by the following factors:

The number of cybersecurity FTEs redeployed due to the streamlining of operations will depend on the Guardicore Segmentation configuration, including add-on capabilities and the relative sophistication of the team.
The number of cybersecurity FTEs before and after the deployment of Guardicore will vary by the complexity of the organization’s network, including the size of the organization.

Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV of under $1.4 million.

For , this benefit may have a three-year, risk-adjusted total PV of .

33% fewer FTEs

Streamlined cybersecurity cost savings

The following table shows custom results for .

Cost Savings From Streamlined Cybersecurity Operations

Ref.	Metric	Source	Year 1	Year 2	Year 3
C1	SecOps/NetOps FTEs on cybersecurity team before Guardicore Segmentation	CompositeComposite	1111	1111	1111
C2	SecOps/NetOps FTEs on cybersecurity team after Guardicore Segmentation	CompositeScaled for	77	77	77
C3	SecOps/NetOps FTEs redeployed to value-added work	C1-C2	44	44	44
C4	Fully burdened annual salary for a SecOps/NetOps professional	TEI standardTEI standard	$162,000 $162,000	$162,000 $162,000	$162,000 $162,000
Ct	Cost savings from streamlined cybersecurity operations	C3*C4	$648,000 $648,000	$648,000 $648,000	$648,000 $648,000
	Risk adjustment	↓15%
Ctr	Cost savings from streamlined cybersecurity operations (risk-adjusted)		$550,800 $550,800	$550,800 $550,800	$550,800 $550,800
Three-year total: $1,652,400 $1,652,400		Three-year present value: $1,369,758 $1,369,758

Cost Savings From Reducing Or Eliminating Legacy Systems

Evidence and data. Interviewees noted one of the primary reasons their organizations explored Guardicore Segmentation was to enhance east-west visibility. In the organizations’ prior environments, they used firewalls in conjunction with legacy endpoint tools without achieving an acceptable level of network visibility. Had their organizations not deployed Guardicore, they would have had to continue upgrading their legacy firewalls simply to comply with regulatory requirements and industry best practices. Additionally, some interviewees noted that, over time, their organizations had accumulated several somewhat overlapping network visibility point solutions that they already eliminated or planned to eliminate.

Equally significant, interviewees shared that their organizations had several legacy systems critical to their business operations but that were vulnerable to modern cyberthreats. They noted that Guardicore supports legacy operating systems, unlike some of its competitors. They said that with Guardicore their organizations were able to extend the life of their legacy systems without the immediate need for costly replacements and related capital expenditure.

The infosec officer for a specialty manufacturer explained: “A firewall solution wouldn’t scale, and you wouldn’t be able to put it into that many locations. If we tried to do this with firewalls in all those locations, we’d probably be spending $20,000 per location. But we would not even get close to the level of segmentation that we have with Guardicore. So, it really wasn’t even a consideration. … In terms of the deployment of firewalls, that’s probably two years and probably 10 times the amount of resources in terms of coordination and management.”
The head of infrastructure for an enabling software provider said: “You can use physical firewalls or logical firewalls that you have at a network segmentation layer, or you could use a software solution. In fact, we did look at firewalling. But we determined that firewalling wasn’t actually going to provide enough containerization to be practical.”
The director of IT security for a healthcare services company said: “Guardicore supports a lot of legacy operating systems, which is great, and that’s one of the reasons why we went with them. [Alternative solutions] did not support end of life. We have a lot of technical debt, just like a lot of big companies out there. That was the major reason why we decided to go with Guardicore.”
The CISO for a fintech enterprise stated: “Over the years, we have acquired more than 20 companies. [These are] very small companies with low maturity in security and other middle-sized companies with some security tools. So, we had too many legacy tools. Having Guardicore, we have been able to [stop using] many of these overlapping tools. … We estimated that it would take 18 months to implement a firewall solution. With Guardicore, the implementation was six months. And we could not have come close to the visibility of Guardicore with the firewall option.”

Modeling and assumptions. There are three sub-components for this benefit: 1) avoiding the cost of upgrading firewalls being used in lieu of microsegmentation, 2) eliminating one legacy cybersecurity tool, and 3) deferring the cost of replacing multiple legacy on-premises systems. For the composite organization, Forrester assumes the following:

The composite has 10 firewalls per location, 15% of which need to be upgraded each year.
The hardware expense and software licensing of an enterprise-grade firewall is $17,000 each. The composite sees no benefit in Year 1 as the deployment and usage of Guardicore Segmentation is still underway.
It takes two IT ops and/or NetOps professionals 20% of their time over six months to install and configure 15 firewalls.
The fully burdened hourly salary for an IT ops and/or NetOps professional is $65.
The composite eliminates one legacy endpoint cybersecurity tool due to the deployment of Guardicore.
The average cost of a legacy endpoint-based cybersecurity tool is $72 per user per year. Each employee at the composite organization has such an endpoint tool installed.
In the composite’s prior state, half of its locations had a different on-premises legacy system (e.g., for manufacturing, trading assets, or medical testing).
The composite’s incremental annual cost of licensing and maintaining an upgraded replacement system is $150,000.

Risks. Forrester recognizes that these financial model results may not reflect the unique experiences of organizations using Guardicore Segmentation, and this cost savings benefit can be impacted by the following factors:

The specifics of the legacy infrastructure (e.g., firewalls, endpoint tools, on-premises systems) will vary by company and industry.
Hardware, software, and maintenance costs will vary depending on what type of legacy systems the company has in place.

Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV of more than $2.9 million.

For , this benefit may have a three-year, risk-adjusted total PV of .

The following table shows custom results for .

Cost Savings From Reducing Or Eliminating Legacy Systems

Ref.	Metric	Source	Year 1	Year 2	Year 3
D1	Legacy firewalls needing upgrade	CompositeScaled for	1515	1515	1515
D2	Avoided cost of planned hardware, maintenance, and software firewall upgrades	CompositeScaled for	$0 $0	$255,000 $255,000	$255,000 $255,000
D3	Avoided IT ops/NetOps FTE time required for deployment (hours)	Interviews	416416	416416	416416
D4	Fully burdened hourly salary for an IT ops/NetOps professional	TEI standardScaled for	$65 $65	$65 $65	$65 $65
D5	Subtotal: Avoided cost of upgrading legacy firewalls	D2+(D3*D4)	$27,040 $27,040	$282,040 $282,040	$282,040 $282,040
D6	Legacy cybersecurity tools retired	CompositeTEI case study	11	11	11
D7	Cost of legacy endpoint cybersecurity tool	CompositeScaled for	$360,000 $360,000	$360,000 $360,000	$360,000 $360,000
D8	Subtotal: Retired tool subscription cost savings	D6*D7	$360,000 $360,000	$360,000 $360,000	$360,000 $360,000
D9	Locations with legacy systems	CompositeScaled for	55	55	55
D10	Avoided cost of upgrading legacy on-premises systems	Interviews	$150,000 $150,000	$150,000 $150,000	$150,000 $150,000
D11	Subtotal: Avoided cost of replacing legacy on-premises systems	D9*D10	$750,000 $750,000	$750,000 $750,000	$750,000 $750,000
Dt	Cost savings from reducing or eliminating legacy systems	D5+D8+D11	$1,137,040 $1,137,040	$1,392,040 $1,392,040	$1,392,040 $1,392,040
	Risk adjustment	↓10%
Dtr	Cost savings from reducing or eliminating legacy systems (risk-adjusted)		$1,023,336 $1,023,336	$1,252,836 $1,252,836	$1,252,836 $1,252,836
Three-year total: $3,529,008 $3,529,008		Three-year present value: $2,906,981 $2,906,981

Unquantified Benefits

Interviewees mentioned the following additional benefits that their organizations experienced but were not able to quantify:

Integrations with existing security tools. Many interviewees called out how Guardicore integrates with existing security tools (e.g., SIEM, EDR, XDR) and other asset management solutions, and said it provides a more comprehensive and integrated security environment. This integration enhances their organizations’ overall security postures and improves the efficiency of their security operations. The infosec officer for the specialty manufacturer explained: “[Guardicore Segmentation] has integrated with some of our other tools so that we can kind of combine the power of what Akamai gives us with some of the visibility we have through other tools and integrations. That has allowed us to basically have a more integrated approach for our overall security tooling. It integrates well with our SIEM, and it integrates well with our CAASM (cyberattack asset management) [tool].”
Leveraging professional services to identify additional use cases. Interviewees noted that Akamai’s professional services team helped their organizations realize additional benefits and use cases. They stated that Guardicore has a broad set of capabilities for policy creation as well as for performing any automation or customized tasks. By working with Akamai’s experienced services professionals, their organizations were able to expand and utilize additional use cases.
Improved job satisfaction for cybersecurity professionals. Interviewees noted that deployment of Guardicore was straightforward and that their organizations’ cybersecurity teams were able to install agents on the necessary systems within a few months. Furthermore, they said the centralized dashboard and ease of management for Guardicore reduced the time and resources required for ongoing management, allowing the SecOps and NetOps teams to focus on other critical tasks. While the time savings are quantified for the composite organization, the impact on employee morale and job satisfaction on the organization’s cybersecurity team and the organization’s ability to retain and hire talent is not quantifiable.
Improved productivity for IT team. Interviewed decision-makers reported that the Guardicore Segmentation platform has an intuitive user interface that centralizes all security controls in a manner that even helps the IT team with network visibility and troubleshooting. While these benefits have quantified impact on the productivity of SecOps and NetOps professionals who are directly involved with cybersecurity operations, interviewees noted there is also a benefit on IT operations.

“It is not only the security team that uses this tool, but the IT team, as well. They are able to use Guardicore to perform troubleshooting for networking tickets. So, it’s helped them a lot."

CISO, fintech

Flexibility

The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement Guardicore Segmentation and later realize additional uses and business opportunities, including:

Securing cloud-based containerized workflows across a multicloud infrastructure. In the context of securing applications on a modern digital technology stack, interviewees said Guardicore Segmentation enabled their organizations to secure containers and virtual machines (VMs). They cited having the flexibility to secure both physical servers and VMs as critical, and they said it enables their organizations to leverage Guardicore as their digital transformation journeys evolve.
Leveraging AI capabilities. Several interviewees said their organizations benefited from the AI-enabled labeling capabilities of Guardicore Segmentation during the policy enablement phase. Segmenting across a larger portion of VMs using compiled labeling data allowed the organizations to grow the scope of their application segmentations. Interviewees said that over time and with increased usage, their organizations anticipate delivering faster and more comprehensively on their network segmentation initiatives.
Complying with a dynamic regulatory regime. Interviewees in highly regulated industries said that in their organizations’ prior states, they struggled to ensure compliance with various regulatory requirements across different geographies. By providing granular control over network interactions, Guardicore helped the organizations enforce security policies and achieve regulatory compliance. Interviewees said the solution’s detailed logging and reporting capabilities ensure that all network activities are documented and auditable.

Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Appendix A).

Quantified cost data as applied to the composite

The following table shows custom results for .

Total Costs

Ref.	Cost	Initial	Year 1	Year 2	Year 3	Total	Present Value
Etr	Ongoing costs: Akamai licensing, ongoing maintenance, etc.	$0 $0	$1,348,200 $1,348,200	$1,348,200 $1,348,200	$1,348,200 $1,348,200	$4,044,600 $4,044,600	$3,352,774 $3,352,774
Ftr	Up-front costs: Internal and external costs for Guardicore Segmentation deployment	$327,852 $327,852	$170,352 $170,352	$0 $0	$0 $0	$498,204 $498,204	$482,717 $482,717
	Total costs (risk-adjusted)	$327,852 $327,852	$1,518,552 $1,518,552	$1,348,200 $1,348,200	$1,348,200 $1,348,200	$4,542,804 $4,542,804	$3,835,491 $3,835,491

Ongoing Costs: Akamai Licensing, Ongoing Maintenance, Etc.

Evidence and data. Interviewees noted that their organization’s Guardicore licensing costs were based on the number of agents deployed for their most critical workloads. These costs include the resources needed for ongoing support of the Guardicore Segmentation platform.

Modeling and assumptions. For the composite organization, Forrester assumes the following:

The composite’s licensing costs are based on configuring 5,000 workloads with Guardicore agents with some level of discounting based on the size and specifics of the configuration.
The composite uses Core Visibility and Segmentation without any optional add-ons (E1).
At full deployment, the composite organization requires two SecOps/NetOps professionals who spend 100% of their time for ongoing support.
The average fully burdened annual salary for SecOps/NetOps professionals is $162,000.
Pricing will vary. Contact Akamai for additional details.

Risks. The following risks can potentially impact licensing and ongoing costs:

Potential add-ons and new features could increase the solution cost.
The amount of cybersecurity resources needed for ongoing application support could vary based on the organization’s needs.

Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of more than $3.4 million.

For , these costs may have a three-year, risk-adjusted total PV of . Please note that these licensing costs are based on high-level estimates and do not constitute a quote.

The following table shows custom results for .

Ongoing Costs: Akamai Licensing, Ongoing Maintenance, Etc.

Ref.	Metric	Source	Initial	Year 1	Year 2	Year 3
E1	Akamai Guardicore licensing costs	CompositeScaled for	$0 $0	$960,000 $960,000	$960,000 $960,000	$960,000 $960,000
E2	SecOps/NetOps FTE effort for ongoing support of Guardicore (FTEs)	CompositeScaled for	0.00.0	2.02.0	2.02.0	2.02.0
E3	Fully burdened annual salary for a SecOps/NetOps professional	TEI standardTEI standard	$162,000 $162,000	$162,000 $162,000	$162,000 $162,000	$162,000 $162,000
Et	Ongoing costs: Akamai licensing, ongoing maintenance, etc.	E1+(E2*E3)	$0 $0	$1,284,000 $1,284,000	$1,284,000 $1,284,000	$1,284,000 $1,284,000
	Risk adjustment	↑5%
Etr	Ongoing costs: Akamai licensing, ongoing maintenance, etc. (risk-adjusted)		$0 $0	$1,348,200 $1,348,200	$1,348,200 $1,348,200	$1,348,200 $1,348,200
Three-year total: $4,044,600 $4,044,600			Three-year present value: $3,352,774 $3,352,774

Up-Front Costs: Internal And External Costs For Guardicore Segmentation Deployment

Evidence and data. Interviewees stated that the initial deployment of Guardicore agents was relatively straightforward. Depending on the size of the organization and the nature of the configuration, the initial phase usually took 30 to 45 days. However, interviewees did note that setting policies across their organizations and working with different application owners to derive the full value of microsegmentation could take up to a year. Some interviewees said this is still an ongoing process. When asked, almost every interviewee stated that attempting to accomplish microsegmentation with firewalls and endpoint tools would take upwards of two years with twice as many FTEs and that this approach would not come close to providing the same level of visibility, flexibility, or control.

These internal and external deployment costs pertain to the overall process of deploying agents and establishing segmentation policy. This includes internal IT staff and some professional services from Akamai.

The head of infrastructure for an enabling software provider described their organization’s deployment journey: “Getting the agents out there so that you can see what’s going on is a pretty standard agent deployment. [It may take] one FTE for three months, and you may be done. For the next three months, we were locking down or segmenting some of our own tooling, some of the infrastructure tooling, and working with the applications owners. Ultimately, it was a 12- to 18-month project with three FTEs to get a full deployment in block mode completed.”
The CISO for a fintech enterprise explained how professional services from Akamai were critical for their organization’s deployment: “The first phase of the project is installing the agents for visibility, understand what’s going on, [and seeing] if it is set up correctly. After one month, or 45 days, we start to block the incorrect access. For this kind of the project [and a smaller company], you must have people from the vendor for the implementation phase. They are certified in Guardicore [Segmentation], [and they] do understand the products and all the capabilities and features.”

Modeling and assumptions. For the composite organization, Forrester assumes the following:

For the complete deployment of Guardicore (i.e., installing agents and establishing its microsegmentation policy), the composite organization utilizes two SecOps/NetOps FTEs who spend 100% of their time for 12 months. This overall deployment effort is split into six months in Year 0 and six months in Year 1.
The average fully burdened annual salary for a SecOps/NetOps professional is $162,000, or $78 per hour.
The average fully burdened annual salary for a SecOps role is $135,000.
The professional services assistance with deployment provided by Akamai in Year 0 is based on estimates for similarly scoped deployments.

Risks. The following risks can potentially impact the cost of deploying the Guardicore Segmentation platform:

The size of the organization and its specific configuration of Guardicore Segmentation.
The relative expertise of the organization’s cybersecurity team.

Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV of just under half a million dollars.

For , these costs may have a three-year, risk-adjusted total PV of .

The following table shows custom results for .

Up-Front Costs: Internal And External Costs For Guardicore Segmentation Deployment

Ref.	Metric	Source	Initial	Year 1	Year 2	Year 3
F1	Professional services implementation package with Akamai	CompositeScaled for	$150,000 $150,000	$0 $0	$0 $0	$0 $0
F2	SecOps/NetOps FTE time required for deployment (hours)	InterviewsScaled for	2,0802,080	2,0802,080	00	00
F3	Fully burdened hourly salary for a SecOps/NetOps professional	TEI standardTEI standard	$78 $78	$78 $78	$78 $78	$78 $78
Ft	Up-front costs: Internal and external costs for Guardicore Segmentation deployment	F1+(F2*F3)	$312,240 $312,240	$162,240 $162,240	$0 $0	$0 $0
	Risk adjustment	↑5%
Ftr	Up-front costs: Internal and external costs for Guardicore Segmentation deployment (risk-adjusted)		$327,852 $327,852	$170,352 $170,352	$0 $0	$0 $0
Three-year total: $498,204 $498,204			Three-year present value: $482,717 $482,717

Consolidated Three-Year Risk-Adjusted Metrics

Cash Flow Chart (Risk-Adjusted)

Total costs Total benefits Cumulative net benefits Initial Year 1 Year 2 Year 3

The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.

These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.

The following table shows custom results for .

Cash Flow Analysis (Risk-Adjusted Estimates)

	Initial	Year 1	Year 2	Year 3	Total	Present Value
Total costs	($327,852)($327,852)	($1,518,552)($1,518,552)	($1,348,200)($1,348,200)	($1,348,200)($1,348,200)	($4,542,804)($4,542,804)	($3,835,491)($3,835,491)
Total benefits	$0 $0	$3,396,800 $3,396,800	$3,990,833 $3,990,833	$4,355,366 $4,355,366	$11,742,998 $11,742,998	$9,658,459 $9,658,459
Net benefits	($327,852)($327,852)	$1,878,248 $1,878,248	$2,642,633 $2,642,633	$3,007,166 $3,007,166	$7,200,194 $7,200,194	$5,822,968 $5,822,968
ROI						152%152%
Payback						<6 months<6 months

Appendix A: Total Economic Impact

Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.

Total Economic Impact Approach

Benefits represent the value delivered to the business by the product. The TEI methodology places equal weight on the measure of benefits and the measure of costs, allowing for a full examination of the effect of the technology on the entire organization.
Costs consider all expenses necessary to deliver the proposed value, or benefits, of the product. The cost category within TEI captures incremental costs over the existing environment for ongoing costs associated with the solution.
Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. Having the ability to capture that benefit has a PV that can be estimated.
Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”

PRESENT VALUE (PV)

The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash flows.
NET PRESENT VALUE (NPV)

The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made unless other projects have higher NPVs.
RETURN ON INVESTMENT (ROI)

A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.
DISCOUNT RATE

The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.
PAYBACK PERIOD

The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost.

The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.

Appendix B: Supplemental Material

Related Forrester Research

The Three Principles Of Proactive Security, Forrester Research, Inc., May 1, 2024.

The Definition Of Modern Zero Trust, Forrester Research, Inc., April 22, 2024.

The Secrets Of Successful Zero Trust Deployments, Forrester Research, Inc., July 31, 2023.

Appendix C: Endnotes

¹ Source: The Microsegmentation Solutions Landscape, Q2 2024, Forrester Research, Inc., April 8, 2024.

² Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.

³ Source: Forrester’s Security Survey, 2023. Base: 1,166 security decision-makers with network, data center, app security, or security ops responsibilities at an organization that had sensitive data potentially compromised or breached during the past 12 months. Forrester annually assesses cybersecurity metrics through interviews, surveys, and expertise in the field. Analyses are provided with information rooted with specific data sets most accurately applied to the situations that have been collected in the study.

⁴ In the cybersecurity landscape, there are security alerts that are being monitored by SecOps professionals about out-of-the-ordinary activity on the network. For this study, a security incident is a specific kind of negative event that is likely to disrupt normal operations and requires further investigation by SecOps professionals.

ABOUT FORRESTER CONSULTING

Forrester provides independent and objective research-based consulting to help leaders deliver key transformation outcomes. Fueled by our customer-obsessed research, Forrester’s seasoned consultants partner with leaders to execute on their priorities using a unique engagement model that tailors to diverse needs and ensures lasting impact. For more information, visit forrester.com/consulting.

© Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies.

Cookie Settings

This website uses cookies to deliver functionality and enhance your experience. GDPR requires that we obtain your consent before activating these cookies. Please accept the use of cookies or review your cookie settings now.

A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions (data inputs, website navigation), so you don’t have to re-enter data when you come back to the site or browse from one page to another.

Behavioral information collected by our web analytics vendor is used to analyze data pertaining to visitor trends, plan website enhancements, and measure overall website effectiveness. We may also use cookies or web beacons to help us offer you products, programs, or services that may be of interest to you and to deliver relevant advertising. We may use third-party advertising companies to help tailor website content to users or to serve ads on our behalf. These companies may also employ cookies and web beacons to measure advertising effectiveness.

Please accept cookies and the collection of behavioral information to receive full functionality and enhance your experience. If you decline cookies, some features of the website may not function normally.

Please see our Privacy Policy for more information.

Customize These Results

Customize These Results

Executive Summary

Key Findings

Table Of Contents

Key Statistics

152%152%

$9.66M$9.66M

$5.82M$5.82M

<6 months<6 months

Benefits (Three-Year)

TEI Framework And Methodology

Due Diligence

Interviews

Composite Organization

Financial Model Framework

Case Study

Disclosures

The Akamai Guardicore Segmentation Customer Journey

Drivers leading to the Guardicore Segmentation investment

Interviews

Key Challenges

Solution Requirements

Composite Organization

Key Assumptions

Analysis Of Benefits

Quantified benefit data as applied to the composite

Total Benefits

Avoided Downtime Cost Due To A Security Breach

Avoided Downtime Cost Due To A Security Breach

Increased Efficiency Of Cybersecurity Incident Management

Increased Efficiency Of Cybersecurity Incident Management

Cost Savings From Streamlined Cybersecurity Operations

Cost Savings From Streamlined Cybersecurity Operations

Cost Savings From Reducing Or Eliminating Legacy Systems

Cost Savings From Reducing Or Eliminating Legacy Systems

Unquantified Benefits

Flexibility

Analysis Of Costs

Quantified cost data as applied to the composite

Total Costs

Ongoing Costs: Akamai Licensing, Ongoing Maintenance, Etc.

Ongoing Costs: Akamai Licensing, Ongoing Maintenance, Etc.

Up-Front Costs: Internal And External Costs For Guardicore Segmentation Deployment

Up-Front Costs: Internal And External Costs For Guardicore Segmentation Deployment

Financial Summary

Consolidated Three-Year Risk-Adjusted Metrics

Cash Flow Chart (Risk-Adjusted)

Cash Flow Analysis (Risk-Adjusted Estimates)

Appendixes

Appendix A: Total Economic Impact

Total Economic Impact Approach

PRESENT VALUE (PV)

NET PRESENT VALUE (NPV)

RETURN ON INVESTMENT (ROI)

DISCOUNT RATE

PAYBACK PERIOD

Appendix B: Supplemental Material

Appendix C: Endnotes

ABOUT FORRESTER CONSULTING