A Forrester Total Economic ImpactTM Study Commissioned By Broadcom Software Group, September 2021
Managing endpoint protection is a vital task for today’s security analysts. Large enterprises often have thousands of endpoints to monitor and protect, and they need accurate assessments in real time to best eliminate cyber threats before they become attacks. A comprehensive strategy with broad coverage, centralized control, and efficient remediation is essential to protect against the increasing incidences and sophistication of malware and ransomware.
Symantec Endpoint Security (SES) Complete offers endpoint protection against malware and ransomware attacks with a centralized, user-friendly platform that can be managed as on-premises, cloud-based, or as a hybrid solution. The single agent solution provides protection, detection, and response across a broad range of virtual and physical devices. The IT security team can monitor thousands of endpoints and customize application configurations, while leveraging multiple layers of protection. Detected threats are quickly contained and remediated, and historical and ongoing security assessments provide users with relevant information for both internal and external audits.
Deploying an effective security plan gives customers and stakeholders confidence and serves as a tool for attracting new investment. The streamlined user interface and increased efficiencies allow security and IT staff to focus on higher-level tasks.
Broadcom commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Symantec Endpoint Security Complete.1 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of SES Complete on their organizations.
To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed four decision-makers with experience using SES Complete. For the purposes of this study, Forrester aggregated the experiences of the interviewees and combined the results into a single composite organization.
Prior to using SES Complete, the interviewees noted how their organizations relied on on-premises or software-as-a-service (SaaS) solutions with signature-based protection combined with manual threat hunting and remediation. They lacked the efficiencies needed to manually cover the large number of endpoints and growing risk of sophisticated threats.
After the investment in SES Complete, the interviewees’ organizations have greater protection with an automated, streamlined, and effective endpoint solution. Key results from the investment include the cost avoidance of a security breach, the consolidation and simplification of the organization’s security stack, and efficiencies in remediation time.
Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:
Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:
Costs. Three-year, risk-adjusted PV costs for the composite organization include:
The representative interviews and financial analysis found that a composite organization experiences benefits of $5.4M over three years versus costs of $1.0M, adding up to a net present value (NPV) of $4.4M and an ROI of 437%.
Return on investment (ROI):
Benefits PV:
Net present value (NPV):
Payback:
From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment SES Complete.
The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that SES Complete can have on an organization.
Forrester Consulting conducted an online survey of 351 cybersecurity leaders at global enterprises in the US, the UK, Canada, Germany, and Australia. Survey participants included managers, directors, VPs, and C-level executives who are responsible for cybersecurity decision-making, operations, and reporting. Questions provided to the participants sought to evaluate leaders' cybersecurity strategies and any breaches that have occurred within their organizations. Respondents opted into the survey via a third-party research panel, which fielded the survey on behalf of Forrester in November 2020.
Interviewed Broadcom stakeholders and Forrester analysts to gather data relative to SES Complete.
Interviewed four decision-makers at organizations using SES Complete to obtain data with respect to costs, benefits, and risks.
Designed a composite organization based on characteristics of the interviewees’ organizations.
Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the decision-makers.
Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.
Readers should be aware of the following:
This study is commissioned by Broadcom Software Group and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.
Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in SES Complete.
Broadcom reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.
Broadcom provided the customer names for the interviews but did not participate in the interviews.
Consulting Team:
Rachel Ballard
Interviewee | Industry | Organization description |
---|---|---|
Consulting security architect | Retail banking | Annual revenue of over $2 billion |
Senior IT security consultant | International department of finance | Annual budget of over $61 billion |
Managing director | Consumer credit | Manages credit information for more than 1 billion people and businesses |
Chief manager, cyber and information security division | National bank | Maintains 180 million customers |
The interviewees previously secured their organizations’ endpoints with a combination of third-party tools and in-house solutions. Many threats required manual attention for assessment and remediation. They sought greater coverage, streamlined and automated management, and a more efficient method for remediation.
The interviewees noted how their organizations struggled with common challenges, including:
The interviewees’ organizations searched for a solution that could:
Based on the interviews, Forrester constructed a TEI framework, a composite company, and a ROI analysis that illustrates the areas financially affected. The composite organization is representative of the four decision-makers that Forrester interviewed and is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics:
Deployment characteristics. The composite organization is a multinational financial services corporation protecting 25,000 endpoints. Its operations include an extensive digital network with over 20,000 employees, contractors, and connected third parties.
Ref. | Benefit | Year 1 | Year 2 | Year 3 | Total | Present Value |
---|---|---|---|---|---|---|
Atr | Total cost avoidance of security breaches | $1,405,574 | $1,405,574 | $1,405,574 | $4,216,722 | $3,495,454 |
Btr | Consolidation and simplification of security stack | $450,000 | $450,000 | $450,000 | $1,350,000 | $1,119,083 |
Ctr | Efficiencies in remediation time | $311,850 | $311,850 | $311,850 | $935,550 | $775,525 |
Total benefits (risk-adjusted) | $2,167,424 | $2,167,424 | $2,167,424 | $6,502,272 | $5,390,062 |
Evidence and data. The massive volume of proprietary data enterprise organizations receive requires constant monitoring for suspicious activity. Automating the monitoring process with SES Complete saves time and resources. Potential threats are identified more quickly, and the events that are handled automatically are assessed and rectified in real time.
Modeling and assumptions. For the financial analysis, Forrester assumes that:
.
Risks. The total cost avoidance of a security breach will vary with:
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of nearly $3.5 million.
Ref. | Metric | Calculation | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|
A1 | Total FTEs | Composite model | 20,833 | 20,833 | 20,833 | |
A2 | Total endpoints | Composite model, FTE count * 1.2x | 25,000 | 25,000 | 25,000 | |
A3 | Forrester security model base cost of breach, adjusted for composite size | Forrester security data | $1,260,968 | $1,260,968 | $1,260,968 | |
A4 | Total external cost of a security breach | A3 | $1,260,968 | $1,260,968 | $1,260,968 | |
A5 | Time required to secure endpoints | 0.25 hour | 0.25 | 0.25 | 0.25 | |
A6 | Fully loaded annual salary of a cybersecurity analyst | payscale.com*1.3 benefits multiplier | $100,100 | $100,100 | $100,100 | |
A7 | Total internal cost of productivity loss | A2*(A5/2080)*A6 | $300,781 | $300,781 | $300,781 | |
At | Total cost avoidance of security breaches | A4+A7 | $1,561,749 | $1,561,749 | $1,561,749 | |
Risk adjustment | ↓10% | |||||
Atr | Total cost avoidance of security breaches (risk-adjusted) | $1,405,574 | $1,405,574 | $1,405,574 | ||
Three-year total: $4,216,722 | Three-year present value: $3,495,454 |
Evidence and data. Prior to implementing SES Complete, interviewees used a combination of resources for endpoint protection. SES Complete allowed the security team to eliminate the need for other tools, significantly reducing its annual security spend.
Modeling and assumptions. For the financial analysis, Forrester assumes that:
Risks. The total consolidation and simplification of the security stack benefit will vary with:
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV of over $1.1 million.
Ref. | Metric | Calculation | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|
B1 | Previous annual license spend | Interviews | $5,000,000 | $5,000,000 | $5,000,000 | |
B2 | Percent decrease in license spend | Interviews | 10.0% | 10.0% | 10.0% | |
Bt | Consolidation and simplification of security stack | B1*B2 | $500,000 | $500,000 | $500,000 | |
Risk adjustment | ↓10% | |||||
Btr | Consolidation and simplification of security stack (risk-adjusted) | $450,000 | $450,000 | $450,000 | ||
Three-year total: $1,350,000 | Three-year present value: $1,119,083 |
Evidence and data. In its previous environment, most threats required manual intervention and often required work on individual endpoints. With the SES Complete EDR feature, threats are detected and remediated automatically. They are then rated and triaged based on the organization’s configuration. Only those requiring high-level attention are flagged for team review, while the lesser threats are captured and handled without the need for attention.
Modeling and assumptions. For the financial analysis, Forrester assumes that:
Risks. The total efficiencies in remediation time will vary with:
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV of nearly $776,000.
Ref. | Metric | Calculation | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|
C1 | Number of real threats per year | 7.5 per month* 12 months |
90 | 90 | 90 | |
C2 | Time saved per real threat | 2.5 days | 2.5 | 2.5 | 2.5 | |
C3 | Number of cybersecurity analysts required per real threat | Interviews | 4 | 4 | 4 | |
C4 | Fully loaded annual salary of a cybersecurity analyst | payscale.com*1.3 benefits multiplier | $100,100 | $100,100 | $100,100 | |
Ct | Efficiencies in remediation time | C1*(C2/260)* C3 *C4 |
$346,500 | $346,500 | $346,500 | |
Risk adjustment | ↓10% | |||||
Ctr | Efficiencies in remediation time (risk-adjusted) | $311,850 | $311,850 | $311,850 | ||
Three-year total: $935,550 | Three-year present value: $775,525 |
Additional benefits that customers experienced but were not able to quantify include:
The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement SES Complete and later realize additional uses and business opportunities, including:
Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Appendix A).
Ref. | Cost | Initial | Year 1 | Year 2 | Year 3 | Total | Present Value |
---|---|---|---|---|---|---|---|
Dtr | Annual subscription cost | $0 | $400,000 | $400,000 | $400,000 | $1,200,000 | $994,741 |
Etr | Initial and ongoing costs | $7,277 | $970 | $970 | $970 | $10,187 | $9,689 |
Total costs (risk-adjusted) | $7,277 | $400,970 | $400,970 | $400,970 | $1,210,187 | $1,004,430 |
Evidence and data. The interviewees revealed the following about their organizations’ use of SES Complete:
Risks. The total annual subscription cost will vary with:
Results. Given Broadcom’s simple pricing structure, Forrester did not risk-adjust this cost category, which yielded a three-year, total PV (discounted at 10%) of under $1 million.
Ref. | Metric | Calculation | Initial | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|---|
D1 | Number of protected endpoints | Interview | 25,000 | 25,000 | 25,000 | ||
D2 | Cost per endpoint per year | Interview | $16 | $16 | $16 | ||
Dt | Annual subscription cost | C1*C2 | $0 | $400,000 | $400,000 | $400,000 | |
Risk adjustment | 0% | ||||||
Dtr | Annual subscription cost (risk-adjusted) | $0 | $400,000 | $400,000 | $400,000 | ||
Three-year total: $1,200,000 | Three-year present value: $994,741 |
Evidence and data. The interviewees revealed the following about their organizations’ use of SES Complete:
Modeling and assumptions. . For the financial analysis, Forrester assumes that:
Risks. Initial and ongoing costs will vary with:
Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV of under $10,000.
Ref. | Metric | Calculation | Initial | Year 1 | Year 2 | Year 3 | |
---|---|---|---|---|---|---|---|
E1 | Implementing new features | (1 day/260) *$100,100 salary |
$385 | ||||
E2 | Alerting and training team members on new features | (1 day/260)* 17 team members* $100,100 salary |
$6,545 | ||||
E3 | Ongoing management | ((1 day per month*12 months)/260)* *$100,100 salary*20% |
$924 | $924 | $924 | ||
Et | Initial and ongoing costs | E1+E2+E3 | $6,930 | $924 | $924 | $924 | |
Risk adjustment | ↑5% | ||||||
Etr | Initial and ongoing costs (risk-adjusted) | $7,277 | $970 | $970 | $970 | ||
Three-year total: $10,187 | Three-year present value: $9,689 |
The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.
These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.
Initial | Year 1 | Year 2 | Year 3 | Total | Present Value | |
---|---|---|---|---|---|---|
Total costs | ($7,277) | ($400,970) | ($400,970) | ($400,970) | ($1,210,187) | ($1,004,430) |
Total benefits | $0 | $2,167,424 | $2,167,424 | $2,167,424 | $6,502,272 | $5,390,062 |
Net benefits | ($7,277) | $1,766,454 | $1,766,454 | $1,766,454 | $5,292,085 | $4,385,632 |
ROI | 437% | |||||
Payback period (months) | <6 |
Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.
Benefits represent the value delivered to the business by the product. The TEI methodology places equal weight on the measure of benefits and the measure of costs, allowing for a full examination of the effect of the technology on the entire organization.
Costs consider all expenses necessary to deliver the proposed value, or benefits, of the product. The cost category within TEI captures incremental costs over the existing environment for ongoing costs associated with the solution.
Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. Having the ability to capture that benefit has a PV that can be estimated.
Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”
The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.
1 Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.
2 Source: Forrester Consulting Cost Of A Cybersecurity Breach Survey, Q4 2020.
Cookie Preferences
Accept Cookies
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions (data inputs, website navigation), so you don’t have to re-enter data when you come back to the site or browse from one page to another.
Behavioral information collected by our web analytics vendor is used to analyze data pertaining to visitor trends, plan website enhancements, and measure overall website effectiveness. We may also use cookies or web beacons to help us offer you products, programs, or services that may be of interest to you and to deliver relevant advertising. We may use third-party advertising companies to help tailor website content to users or to serve ads on our behalf. These companies may also employ cookies and web beacons to measure advertising effectiveness.
Please accept cookies and the collection of behavioral information to receive full functionality and enhance your experience. If you decline cookies, some features of the website may not function normally.
Please see our
Privacy Policy for more information.