Organizations today continue to face major events that have the potential to disrupt business operations and threaten employee safety. From civil unrest to severe weather, organizations need a process to monitor, assess, and efficiently communicate and respond to all types of threats that could impact them. The Everbridge Critical Event Management platform helps teams efficiently identify, communicate, and respond to events affecting employees and company assets.
The Everbridge Critical Event Management (CEM) platform helps teams quickly identify and respond to relevant critical events to keep employees and company assets safe. The CEM platform integrates data feeds from weather to emergency incidents, delivers richer contextualized intelligence, provides an intuitive dashboard to visualize all the information in a singular location, and gives teams the ability to create and activate automated and templated communications with standard operating procedures so that organizations can make faster decisions to decrease the impact of events.
Everbridge commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying CEM.1 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of CEM on their organizations.
To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed six representatives from four organizations with experience using the CEM platform. For the purposes of this study, Forrester aggregated the interviewees’ experiences and combined the results into a single composite organization that is a global manufacturing firm with $16 billion in revenue and 30,000 employees.
Prior to using Everbridge CEM, interviewees noted their organizations utilized teams of analysts who relied on internet searches, news alerts, web-based maps, and other disparate tools to monitor potential safety or operational threats and assess their impact to employees and business assets. Interviewees’ organizations lacked an enterprisewide process to deal with events and needed a more robust enterprise communication system. With the manual process and limited threat intelligence capabilities to help accurately identify relevant weather, security, or disruptive events near their people and locations, it was difficult for security administrators to alert the correct set of employees accurately and efficiently. Therefore, interviewees found themselves reacting to critical events and scrambling to effectively identify the full extent of an impact to employees and company assets. After the investment in Everbridge’s CEM platform, interviewees’ organizations had the capabilities and resources to effectively respond to and contain critical events, allowing them to better protect employees, company assets, and business processes.
Return on investment (ROI)
358%358%
Net present value (NPV)
$6.6M$6.6M
Key Findings
Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:
- Reduced business interruption from critical events, resulting in up to $3 million in efficiency gains over three years. Everbridge CEM allows the composite organization to maintain business operations as it can react faster to unplanned business interruptions and get information to appropriate teams to resume operations and decrease the impact of critical events.
For , reduced business interruptions for critical events might result in in efficiency gains over three years.
- Decreased costs from IT downtime, saving up to $2 million over three years. With increasingly complex IT environments, the composite organization’s IT teams need intelligent alerting to react efficiently. Implementing CEM, the composite’s IT teams improve workflow and ensure teams are aware of issues and can quickly and easily collaborate to remediate them.
For , decreased costs from IT downtime might save over three years.
- Increased security team productivity, gaining $1.5 million over three years. Prior to implementing Everbridge CEM, the composite organization implemented a manual and time-consuming process to identify and assess events. By leveraging CEM, the composite organization obtains 24/7 support and security team members gain efficiencies in managing the various data sources and communicating to appropriate teams about the impact of critical events. Security analysts conduct more productive and valuable work for the composite organization.
For , increased security team productivity might yield in benefits over three years.
- Avoided inventory and property damages, saving $1.1 million over three years. Prior to CEM, teams used a manual process to identify locations that potentially damaging events could affect. Everbridge CEM utilizes a variety of data sets and an intuitive UI to help the composite’s teams quickly identify potential threats to assets and promptly send alerts to the appropriate employees and locations.
For , avoided inventory and property damages might save over three years.
- Recapture employee productivity with faster response management and coordination, totaling $861,000 over three years. Prior to Everbridge CEM, the composite organization did not have an efficient method of getting in touch with the right employees at the right time. With CEM, the composite organization can monitor threats, send out automated alerts, and provide information in a timely manner to all impacted employees, recapturing lost time.
For , recaptured employee productivity with faster response incident management and coordination might total over three years.
Unquantified benefits. Benefits that provide value for the composite organization but are not quantified in this study include:
- Improved duty of care for employees. With Everbridge, organizations can reach employees more efficiently through automated communication functionality, including while travelling, and ensures that each impacted employee receives the necessary alert with two-way, multi-modal notification capability.
- Proactive approach for event management. With CEM, rather than reacting to events, organizations gain a proactive approach allowing them to be nimbler and more efficient in planning for and managing the impact of the event. Additionally, with an enterprise plan, the right information reaches correct people in a timely fashion.
Costs. Three-year, risk-adjusted PV costs for the composite organization include:
- Subscription fees total $1.6 million over three years. Everbridge annual subscription fees are based on number of modules, number of assets, and number of users.
For , subscription fees might total over three years.
- Implementation fees cost $105,000 over three years. Implementation and professional services fees to set up the CEM platform include connecting data sources, company assets, and employees.
For , implementation fees might total over three years.
- Maintenance and operations cost $137,000 over three years. With composite organization’s continued usage of the CEM platform, tasks for continued operations include regular maintenance of assets, templates and workflows, and time spent responding to critical events.
For , maintenance and operations might cost over three years.
- Training for the CEM platform totals $39,000 over three years. The composite’s team members utilize trainings sessions and on-the-job work to learn about functionality and utilize the capabilities within the CEM platform.
For , training for the CEM platform might total over three years.
The representative interviews and financial analysis found that a composite organization experiences benefits of $8.47 million over three years versus costs of $1.85 million, adding up to a net present value (NPV) of $6.62 million and an ROI of 358%.
might experience benefits of over three years versus costs of , adding up to an NPV of and an ROI of .
Key Statistics
-
Return on investment (ROI)
358%
-
Benefits PV
$8.5M
-
Net present value (NPV)
$6.6M
-
Payback
<6 months
Benefits (Three-Years)
Revenue recaptured from reduced business interruptions Reduced IT downtime Increased security team productivity Avoided inventory and property damage Recaptured employee productivityTEI Framework And Methodology
From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment Everbridge CEM.
The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Everbridge CEM can have on an organization.
-
Due Diligence
Interviewed Everbridge stakeholders and Forrester analysts to gather data relative to CEM.
-
Interviews
Interviewed six representatives at four organizations using CEM to obtain data about costs, benefits, and risks.
-
Composite Organization
Designed a composite organization based on characteristics of the interviewees’ organizations.
-
Financial Model Framework
Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.
-
Case Study
Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.
Disclosures
Readers should be aware of the following:
This study is commissioned by Everbridge and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.
Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in CEM.
Everbridge reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.
Everbridge provided the customer names for the interviews but did not participate in the interviews.
Consulting Team:
Rishabh Dua
Sarah Lervold
Kim Finnerty
Drivers leading to the CEM investment
Interviews
| Role | Industry | Region | Revenue | Employees |
|---|---|---|---|---|
| Crisis management and global security operations senior manager | Pharmaceutical | Asia | $29 billion | 50,000 |
| Crisis management and global security operations director | Pharmaceutical | Asia | $29 billion | 50,000 |
| Security systems director | Pharmaceutical | Asia | $29 billion | 50,000 |
| Global security operations manager | Pharmaceutical | North America | $6 billion | 7,000 |
| Head of resilience | Marketing | United Kingdom | $18 billion | 45,000 |
| Security intelligence director | Financial services | North America | $11 billion | 16,000 |
Key Challenges
Before investing in and deploying Everbridge, the interviewees’ organizations used disparate intelligence sources with no formal process to manage event identification and response.
The organizations struggled with common challenges, including:
- Inefficient processes to identify a critical event relevant to the organization. Before Everbridge, interviewees noted that teams utilized various sources to learn of critical events, from news report alerts to risk intelligence feeds. Teams used a manual and time-consuming process of parsing through all the information available to determine the relevancy of the event and the potential impact to employees and business processes. The speed to identify and respond was a vital part of the process and one that interviewees acknowledged needed to improve.
- Inability to accurately alert all employees impacted of critical events in a timely manner. Upon identifying a relevant critical event, interviewees noted that they struggled with identifying and notifying all impacted employees in a timely manner. Depending on the type of event and organization structure, interviewees described how a notification of the incident could first be sent to a central office or even to an affected office’s HR team and then to employees. Moreover, with the challenges of accurately identifying the radius of impact, employees could be missed. Thus, communication accuracy varied greatly and could take a long time to reach employees.
- A lack of a formal enterprisewide process to manage identification or response criteria for events. Prior to implementing Everbridge’s CEM platform, interviewees noted a lack of an enterprisewide process to manage a critical event. From security teams to IT teams, there was a lack of communication between offices and varied sources of information spread. Without a singular source and common data set to work with, there was a greater chance that a potential threat could be missed and could cost organizations valuable time. Additionally, communications to employees were delayed, increasing the potential risks to employee safety and business continuity.
Solution Requirements
The interviewees’ organizations searched for a solution that could:
- Offer a more robust threat intelligence system that integrated with a communication solution.
- Integrate threat intelligence solutions and news feeds into one solution.
- Provide a scalable solution to implement enterprise wide.
- Cover all assets for the organization.
- Allow team members to work with a common data set, also known as a single pane of glass.
Composite Organization
Based on the interviews, Forrester constructed a TEI framework, a composite company, and an ROI analysis that illustrates the areas financially affected. The composite organization is representative of the six interviewees from four organizations, and it is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics:
Description of composite. The composite organization is a global manufacturer based in North America. The firm has annual revenues of $16 billion with 30,000 employees and operates 75 facilities around the world from factories to distribution centers to offices. The organization has 33,000 total assets managed in CEM, including — but not limited to — employees, offices, physical resources, supply chain resources, and traveler locations. The Everbridge CEM capabilities that the organization utilizes include emergency communication, mobile safety, data visualization, and IT alerting on desktop and mobile instances.
Quantified benefit data as applied to the composite
Total Benefits
| Ref. | Benefit | Year 1 | Year 2 | Year 3 | Total | Present Value |
|---|---|---|---|---|---|---|
| Atr | Revenue recaptured from reduced business interruptions | $1,200,000 | $1,200,000 | $1,200,000 | $3,600,000 | $2,984,222 |
| Btr | Reduced IT downtime | $796,500 | $796,500 | $796,500 | $2,389,500 | $1,980,778 |
| Ctr | Increased security team productivity | $607,500 | $607,500 | $607,500 | $1,822,500 | $1,510,763 |
| Dtr | Avoided inventory and property damage | $455,625 | $455,625 | $455,625 | $1,366,875 | $1,133,072 |
| Etr | Recaptured employee productivity | $345,600 | $345,600 | $345,600 | $1,036,800 | $859,456 |
| Total benefits (risk-adjusted) | $3,405,225 | $3,405,225 | $3,405,225 | $10,215,675 | $8,468,291 |
Revenue Recaptured From Reduced Business Interruptions
Evidence and data. Critical events, such as extreme weather and protests, could require organizations to pause or shut down operations. Interviewees said that prior to Everbridge CEM, they would react to events after receiving a news alert and were slow in getting information out to the appropriate teams and locations. Implementing Everbridge CEM allowed the interviewees’ organizations to maintain business operations as they could react faster to unplanned business interruptions and activate the appropriate standard operating plans to manage an event. Everbridge provided complete and integrated threat intelligence with all data feeds situated with the data visualization, the ability to automate alerts, multichannel notifications, and templated process plans to deal with critical events. Additionally, with all key locations and employees covered within Everbridge, security analysts could send information out faster to the appropriate stakeholders.
- The head of resilience at a marketing company said: “A business that doesn’t have a mass communications platform, you’re talking like a day to get on top of the detection, analyzing impact, and responding. Whereas with one … 4 to 8 hours.”
- The crisis management and global security operations director said, “The nature of the platform, it helps us and gives us the ability to help bolster business continuity for our internal global security team.”
Modeling and assumptions. For the composite organization, Forrester assumes:
- A conservative estimate of 24 hours of unplanned downtime at facilities and average downtime cost of $250,000 per hour.
might have an estimated hours of unplanned downtime and an average downtime cost of per hour.
- A 25% reduction in downtime attributable to CEM as a result of earlier alerts and faster response team communication.
Risks. Risks that could impact the realization of this benefit include the following:
- Organizations may experience more or less frequent unplanned downtime.
- The hourly cost of downtime.
- The reduction in downtime attributed to Everbridge.
Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $3.0 million.
For , this benefit might have a three-year, risk-adjusted PV of .
Revenue Recaptured From Reduced Business Interruptions
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| A1 | Average cost of unplanned downtime per hour | Composite | $250,000 | $250,000 | $250,000 | |
| A2 | Average annual hours unplanned downtime | Composite | 24 | 24 | 24 | |
| A3 | Annual cost of unplanned downtime | A1*A2 | $6,000,000 | $6,000,000 | $6,000,000 | |
| A4 | Reduction attributable to Everbridge | Interviews | 25% | 25% | 25% | |
| At | Revenue recaptured from reduced business interruptions | A3*A4 | $1,500,000 | $1,500,000 | $1,500,000 | |
| Risk adjustment | ↓20% | |||||
| Atr | Revenue recaptured from reduced business interruptions (risk-adjusted) | $1,200,000 | $1,200,000 | $1,200,000 | ||
| Three-year total: $3,600,000 | Three-year present value: $2,984,222 | |||||
Reduced IT Downtime
Evidence and data. The interviewees’ organizations had complex computing environments that ranged from on-premises servers to hybrid environments with multiple cloud providers. Interruptions to IT services could be from natural disasters at offices to outages at cloud data centers. Downtime at data centers and servers disrupted workflow, causing inaccessible external customer-facing websites, internal applications for employees, and more. Interviewees noted that IT teams improved operating workflows to detect, investigate, and respond to reduce IT downtime after implementing Everbridge CEM and utilizing Everbridge’s IT alerting on both desktop and mobile instances, along with its emergency communication functionality.
- The global security operations manager at a pharmaceutical firm explained: “A system goes down from an IT perspective, there was no easy way for the IT team to notify people except through email. They would get flooded with tickets and not be able to focus on the incident Now, since we’re integrated with our process and we now have the partnership with Everbridge, we know [when there] is a problem. We always use email and apps when we send out notifications. And if it’s something where we know we want people to have eyes on it, we will send it out via text message as well.”
Modeling and assumptions. For the composite organization, Forrester assumes:
- Each outage costs $8,850 per minute and lasts approximately 80 minutes.2
For , each outage might cost an estimated per minute and last approximately minutes.
- The composite organization experiences four outages per year.
might experience outages per year.
- The composite organization saves 30 minutes per outage attributable to CEM.
Risks. Risks that could impact the realization of this benefit include the following:
- The number and length of outages.
- The cost of an IT outage will vary based on the organization and industry.
- The time saved using CEM will vary based on maturity and complexity of the IT organization.
Results. To account for these risks, Forrester adjusted this benefit downward by 25%, yielding a three-year, risk-adjusted total PV of $2.0 million.
For , this benefit might have a three-year, risk-adjusted PV of .
Reduced IT Downtime
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| B1 | IT cost per minute | Composite | $8,850 | $8,850 | $8,850 | |
| B2 | Average minutes per outage | Ponemon | 80 | 80 | 80 | |
| B3 | Average frequency of outages per year | Composite | 4 | 4 | 4 | |
| B4 | Cost of IT downtime | B1*B2*B3 | $2,832,000 | $2,832,000 | $2,832,000 | |
| B5 | Average minutes saved due to faster response by the IT team applicable to Everbridge | Interviews | 30 | 30 | 30 | |
| Bt | Reduced IT downtime | B1*B3*B5 | $1,062,000 | $1,062,000 | $1,062,000 | |
| Risk adjustment | ↓25% | |||||
| Btr | Reduced IT downtime (risk-adjusted) | $796,500 | $796,500 | $796,500 | ||
| Three-year total: $2,389,500 | Three-year present value: $1,980,778 | |||||
Increased Security Team Productivity
Evidence and data. Prior to implementing the CEM platform, the interviewees’ organizations lacked a comprehensive solution that integrated data intelligence feeds and had a formalized plan to manage critical events, so teams were forced to use ad hoc tools like internet maps and alerts via news sites. This was a time-consuming and labor-intensive process that made it challenging to consistently and accurately identify threats relevant to their organizations and notify employees when an event was happening around their location. With CEM, interviewees’ organizations could take their existing resources on security teams and reallocate them to higher value-add activities.
With more comprehensive detection for critical events using the underlying technology and analytics within the platform and more efficient management of all assets, interviewees more efficiently managed critical events. Interviewees found that the ability to view all information in one location within the data visualization saved their team’s time. Interviewees further noted that Everbridge allowed security teams to create templated plans and get information out quickly to the right people with the easy-to-use UI and integrated data sources, saving security analysts time to work on other high-priority tasks.
- The security intelligence director at a financial services firm estimated a 60% efficiency gain for their security team of five analysts.
- The crisis management and global security operations director estimated a 50% efficiency improvement for their security analysts. They said: “We are dramatically faster using CEM today. It would have taken maybe three or four people to do the same task and same amount of work … whereas today, it’s one person in front of one screen just making several clicks and understanding exactly what they’re dealing with.”
- The global security operations manager estimated their security team decreased from 15 team members down to seven or eight. They said: “Had we not had [CEM], it would have been a lot of phone trees, it would have been a lot of relying on managers to put the word out themselves. We [now have] everything in one central location.”
Modeling and assumptions. For the composite organization, Forrester assumes:
- The composite organization has 10 employees on the security team and five are redeployed.
For , security analysts might be redeployed.
- Average annual salary per security analyst is $135,000.
Risks. Risks that could impact the realization of this benefit include the following:
- The size of the security team and number of employees redeployed.
- The annual salary will vary based on industry and organization.
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV of $1.5 million.
For , this benefit might have a three-year, risk-adjusted PV of .
Increased Security Team Productivity
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| C1 | Number of security analysts redeployed | Composite | 5 | 5 | 5 | |
| C2 | Security analyst fully loaded annual salary | TEI standard | $135,000 | $135,000 | $135,000 | |
| C3 | Security team productivity savings | C1*C2 | $675,000 | $675,000 | $675,000 | |
| Ct | Increased security team productivity | $675,000 | $675,000 | $675,000 | ||
| Risk adjustment | ↓10% | |||||
| Ctr | Increased security team productivity (risk-adjusted) | $607,5000 | $607,500 | $607,500 | ||
| Three-year total: $1,822,500 | Three-year present value: $1,510,763 | |||||
Avoided Inventory And Property Damage
Evidence and data. Representatives from organizations noted how prior to CEM, getting information out to locations was manual and time-consuming. After implementing CEM, they could inform teams and locations within a specified radius of a weather, protest, or other major event that could cause damage. With the CEM platform, interviewees noted that analysts found the ability to use the data across a variety of integrated data feeds to verify information and swiftly identify impacted areas and employees. The intuitive UI saved necessary time to inform the affected entities. Because Everbridge works with location data and data about an organization’s valuable assets, such as buildings and inventory to supply chains and employees, it allowed analysts to quickly identify potential threats to assets and rapidly notify the appropriate teams to act and decrease the impact of events.
- The global security operations manager for a pharmaceutical firm approximated that the supply chain team was 10% more efficient with the information received from CEM. They said: “If we know the routes or where these shipments are going, we can help them anticipate anything like that, especially with Russia-Ukraine situations. We were able to help them anticipate [for example] the sanctions and the route diversions. That was a big one. That’s probably the biggest assistance that we get for the supply chain team for sure.”
- The security intelligence director at a financial services firm said, “We went from having a very manual process to having a tool [with CEM] that we have one location where we get all of our intelligence, it’s triaged through the system based on proximity to our locations, and then from there it triggers out alerts to us”.
Modeling and assumptions. For the composite organization, Forrester assumes:
- An average loss per event of $1.5 million.
For , the estimated average loss per event might be .
- The composite has 75 facilities globally.
has facilities.
- With Everbridge, the composite avoids 15% of inventory loss due to advanced planning and rapid response.
Risks. Risks that could impact the realization of this benefit include the following:
- The average loss claims amount and likelihood of a claim.
- Number of facilities depending on the size of the organization and industry.
- Amount avoidable attributable to Everbridge
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV of $1.1 million.
For , this benefit might have a three-year, risk-adjusted PV of .
Avoided Inventory And Property Damage
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| D1 | Average loss claim | Composite | $1,500,000 | $1,500,000 | $1,500,000 | |
| D2 | Likelihood of claim per facility | Composite | 3% | 3% | 3% | |
| D3 | Number of facilities | Composite | 75 | 75 | 75 | |
| D4 | Projected loss per year | D1*D2*D3 | $3,375,000 | $3,375,000 | $3,375,000 | |
| D5 | Percent avoidable attributable to Everbridge | Interviews | 15% | 15% | 15% | |
| Dt | Avoided inventory and property damage | D4*D5 | $506,250 | $506,250 | $506,250 | |
| Risk adjustment | ↓10% | |||||
| Dtr | Avoided inventory and property damage (risk-adjusted) | $455,625 | $455,625 | $455,625 | ||
| Three-year total: $1,366,875 | Three-year present value: $1,133,072 | |||||
Recaptured Employee Productivity
Evidence and data. Prior to Everbridge CEM, the interviewees’ organizations did not have an efficient method of getting in touch with the right employees at potentially impacted locations from corporate offices to home locations. Interviewees struggled with identifying which employees to contact and if they had the most up-to-date and accurate contact information. Furthermore, with no way to check if employees received the alert regarding critical events like weather or an IT outage, interviewees’ organizations were left in the dark about if the information was correctly dispersed and resulted in employees not being able to complete their work effectively. Because Everbridge CEM uses data from both external and internal feeds, including the location of employees and assets, it helped security teams better assess what people and locations the event could impact.
With the CEM platform, the interviewees’ organizations were efficiently able to alert employees using the emergency communication capability and, with multimodal, two-way communication, confirm employees received the notification. With speed of utmost importance, the information through the platform allowed employees to continue work with less disruption, such as working away from an affected office or quickly getting back online from an IT outage.
- The security intelligence director at a financial services firm said: “Being able to connect our system using the Safety Connection [mobile safety] has given us more dynamic locations of where our people are. If I’m assigned to our Boston office but I’m traveling to the Dallas office, and I swipe my badge, the system then knows I’m in Dallas. So, anytime there’s a communication that goes out to the Dallas area, I’d be included in that. That makes it a lot more efficient when you’re trying to notify employees of a potential problem in the area that they’re in.”
- The global security operations manager for a pharmaceutical firm said: “It was a very manual process and then [we struggled to] try to remember who’s on that team, who do we actually have to send it to. [Now,] everything is templatized. The analysts just click a couple buttons and everything was listed. Before, it would have been, write this template or you have to write [it all] by yourself. … Employees were notified within seconds [with Everbridge] rather than a half hour.”
- The head of resilience at a marketing company said: “You’ve filtered the information and you’ve sent it to employees and prompted them to respond. There’s a higher level of confidence that there’s a requirement to respond. Whereas previously, you may have been looking at, let’s say half an hour to two hours for someone to think this is probably something we need to send out a message about. They need to speak to their boss and the boss wants to speak to a subject matter expert, etc. Now, this information has already gone through a criteria process and I’ve provided them with the criteria to say this is how Everbridge categorizes a severe event.”
Modeling and assumptions. For the composite organization, Forrester assumes:
- There are 2,000 employees impacted by weather and IT downtime with a total average of 30 hours missed.
might have employees impacted by weather and downtime with a total average of hours missed.
- An average industry margin of 10%.3
- 50% of hours are regained by employees with the CEM platform.
- That not all end users’ time saved is used for additional work. Breaks or socializing with colleagues are likely part of that time saved; hence, Forrester applied a 50% productivity realization factor.
Risks. Risks that could impact the realization of this benefit include the following:
- The number of total employees and number of employees affected by events will vary based on number and type of events.
- Revenue per employee and industry margin will vary based on size of organization.
- The number of hours and missed per employee and hours regained.
Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV of $861,000.
For , this benefit might have a three-year, risk-adjusted PV of .
Recaptured Employee Productivity
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| E1 | Revenue per employee per hour | Composite | $256 | $256 | $256 | |
| E2 | Average number of employees not working due to events (weather and IT downtime) | Composite | 2,000 | 2,000 | 2,000 | |
| E3 | Average hours missed | Composite | 30 | 30 | 30 | |
| E4 | Revenue lost due to lost productivity | E1*E2*E3 | $15,384,000 | $15,384,000 | $15,384,000 | |
| E5 | Average industry margin | Composite | 10% | 10% | 10% | |
| E6 | Profit impact of lost productivity | D5*D4 | $1,538,400 | $1,538,400 | $1,538,400 | |
| E7 | Portion regained with Everbridge | Interviews | 50% | 50% | 50% | |
| E8 | Productivity recapture rate | TEI standard | 50% | 50% | 50% | |
| Et | Recaptured employee productivity | D6*D7*D8 | $384,600 | $384,600 | $384,600 | |
| Risk adjustment | ↓10% | |||||
| Etr | Recaptured employee productivity (risk-adjusted) | $346,140 | $346,140 | $346,140 | ||
| Three-year total: $1,038,420 | Three-year present value: $860,799 | |||||
Unquantified Benefits
Interviewees mentioned the following additional benefits that their organizations experienced but were not able to quantify:
-
Improved duty of care for employees. With critical events, knowledge and speed are essential. With CEM’s integration of data sources, accessible UI, prebuilt templates, and alerting capabilities, the interviewees’ organizations were aware of critical events and notified employees with vital information more efficiently than with legacy manual processes. The CEM platform allowed security analysts to quickly identify threats to employees and escalate them for appropriate action. Additionally, with the capability of two-way communication and easily accessible, templated pages, employees confirmed receipt of an alert and found pertinent information on the event quickly.
- The security intelligence director at a financial services firm said: “We do get a lot of good feedback about the communications of the information that we get and send. Because at the end of the day, we have people all over the country and when something is happening in their neck of the woods and we send them something that says, ‘This is happening right now or in a couple of hours, just be aware of it and follow your emergency procedures if necessary.’”
- The head of resilience at a marketing company said, “We target reaching 90% of employees and having 70% respond within four hours and we typically meet or hit well above that target, nearly 100%.”
-
Proactive approach to event management. Interviewees described a lack of enterprisewide processes that led to a reactive approach to impactful events; however, after implementing the CEM platform, interviewees’ organizations gained a comprehensive solution that covered all assets from employees to working locations, and provided faster intelligence on critical events. For example, with weather events that affected an organization, interviewees could use templated plans that automatically triggered once the event was detected. This proactive approach made interviewees’ organizations nimbler and more efficient in managing the impact of the event. Additionally, with an enterprise plan and more standardized operating procedure, the right information went to the correct people in a timely fashion.
- The global security operations manager at a pharmaceutical firm said, “The CEM platform has allowed us to [become] very proactive when it comes to supply chain reasons, for business continuity reasons, for employee safety reasons; we [now] reach out to any impacted employees.”
- The security intelligence director for a financial services firm said, “We got really good feedback around the proactive intelligence communications we send out, which generate out of and are sent out of Everbridge.”
Flexibility
The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement CEM and later realize additional uses and business opportunities, including:
-
New and additional capabilities. Interviewees discussed how they would expand their use of the system by adding additional modules to the CEM platform. Two interviewees noted they were looking to add an additional module with Everbridge’s travel risk management solution to the platform.
The global security operations manager for a pharmaceutical firm said, “[Looking at] the travel portion with Everbridge’s acquisition … we’re looking forward to how those two big platforms merge efficiently.” They added they were also looking at Everbridge’s social media and dark web solution, noting, “[With] social media scrubbing and anything that we can alert on especially for executive protection … will be interesting to see how that pans out.”
The security intelligence director at a financial services firm noted they were looking at an additional module with Everbridge’s physical security management solution. They said, “We have a 24-hour alarm monitoring center, which is our security operations, and there may be some value in connecting all of our systems to Control Center [physical security management], which we are looking at.”
- The ability to scale the platform across the organization. Interviewees noted they looked to build the use cases for CEM modules and continue to grow usage across global offices of the organizations. The head of resilience for a marketing company said, “With Everbridge, we’re looking to enable those wider capabilities and reporting around mean time to respond or mean time to detect.” Additionally, the global security operations manager for a pharmaceutical firm said “[With] Everbridge right now, [we’re] trying to focus on scaling [it] to 80,000 people. Not that we’re going to turn it on immediately, but trying to little by little and inch [forward] that way.”
Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Appendix A).
Quantified cost data as applied to the composite
Total Costs
| Ref. | Cost | Initial | Year 1 | Year 2 | Year 3 | Total | Present Value |
|---|---|---|---|---|---|---|---|
| Ftr | Subscription fees | $0 | $630,000 | $630,000 | $630,000 | $1,890,000 | $1,566,717 |
| Gtr | Implementation costs | $105,000 | $0 | $0 | $0 | $105,000 | $105,000 |
| Htr | Maintenance and operations cost | $0 | $55,125 | $55,125 | $55,125 | $165,375 | $137,088 |
| Itr | Security team internal training | $25,740 | $5,148 | $5,148 | $5,148 | $41,184 | $38,542 |
| Total costs (risk-adjusted) | $130,740 | $690,273 | $690,273 | $690,273 | $2,201,559 | $1,847,347 |
Subscription Fees
Evidence and data. All the interviewees paid an annual subscription fee for the CEM platform. The amount was based on the solution type, number of assets, and number of users.
Modeling and assumptions. For the composite organization, Forrester assumes:
- An annual subscription of $600,000. This is based on Everbridge pricing for a company the size and structure of the composite organization, assets covered, and number of users.
For , an annual subscription to Everbridge might cost . This is an automated estimate only and does NOT constitute a quote. Please contact Everbridge for detailed pricing specific to .
Risks. Risks that could impact the realization of this cost include the following:
- The number of assets covered by the platform.
- The number of modules and/or solution type.
- The number of users.
Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.6 million.
For , this cost might have a three-year, risk-adjusted PV of .
Subscription Fees
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|---|
| F1 | Subscription fees | Composite | $0 | $600,000 | $600,000 | $600,000 | |
| Ft | Subscription fees | F1 | $0 | $600,000 | $600,000 | $600,000 | |
| Risk adjustment | ↑5% | ||||||
| Ftr | Subscription fees (risk-adjusted) | $0 | $630,000 | $630,000 | $630,000 | ||
| Three-year total: $1,890,000 | Three-year present value: $1,566,717 | ||||||
Implementation Costs
Evidence and data. Interviewees described a straightforward setup utilizing professional services from Everbridge. They worked with Everbridge to connect different data feeds and made sure all employees and company assets were connected to the CEM platform.
Modeling and assumptions. For the composite organization, Forrester assumes an initial cost of $100,000 for professional services and implementation fees during implementation.
might incur an initial cost of for professional services and implementation fees during implementation. This is an automated estimate only and does NOT constitute a quote. Please contact Everbridge for detailed pricing specific to .
Risks. Risks that could impact the realization of this cost include the following:
- The number of data sources to connect to the CEM platform.
- The number of employees and assets to connect to the CEM platform.
Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV of $105,000.
For , this cost might have a three-year, risk-adjusted PV of .
Implementation Costs
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|---|
| G1 | Implementation cost | Composite | $100,000 | $0 | $0 | $0 | |
| Gt | Implementation costs | G1 | $100,000 | $0 | $0 | $0 | |
| Risk adjustment | ↑5% | ||||||
| Gtr | Implementation costs (risk-adjusted) | $105,000 | $0 | $0 | $0 | ||
| Three-year total: $105,000 | Three-year present value: $105,000 | ||||||
Maintenance And Operations Cost
Evidence and data. Interviewees described minimal time and effort to maintain and continue operations for the CEM platform. A team member monitored and maintained the functionality of the system, including adding new modules and performs other tasks to ensure the quality of the data going into the system.
Modeling and assumptions. For the composite organization, Forrester assumes:
- One team member spends 35% of their time on maintenance and operations of the CEM platform.
At , team member(s) might spend 35% of their time on maintenance and operations of the CEM platform.
- An average annual salary of $150,000 for a senior team member on the security team, such as a senior analyst or manager.
Risks. Risks that could impact the realization of this cost include the following:
- The number of users and time required per user on maintenance and operations.
- The average salary per security team member.
Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV of $137,000.
For , this cost might have a three-year, risk-adjusted PV of .
Maintenance And Operations Cost
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|---|
| H1 | Number of users | Composite | 1.00 | 1.00 | 1.00 | 1.00 | |
| H2 | Time spent for ongoing management | Composite | 0% | 35% | 35% | 35% | |
| H3 | Total hours spent for ongoing management | H1*H2*2080 | 0 | 728 | 728 | 728 | |
| Security team member fully loaded annual salary | TEI standard | $72 | $72 | $72 | $72 | ||
| Ht | Maintenance and operations cost | H3*H4 | $0 | $52,000 | $52,000 | $52,000 | |
| Risk adjustment | ↑5% | ||||||
| Htr | Maintenance and operations cost (risk-adjusted) | $55,125 | $55,125 | $55,125 | $55,125 | ||
| Three-year total: $165,375 | Three-year present value: $137,088 | ||||||
Security Team Internal Training
Evidence and data. Interviewees noted that security team members only required some time and effort training with the CEM platform. The teams spent time learning how to use the system through training sessions and then worked with the system to become familiarized with the CEM platform. Interviewees noted ease of use with the system once implemented given the intuitive dashboard and alerts that were focused to criteria important to their organizations.
Modeling and assumptions. For the composite organization, Forrester assumes:
- Initially, all 10 members of the security team spend time on training.
At , member(s) of the security team might initially spend time on training.
- Two security analysts need to be trained in future years due to turnover, etc.
At , security analysts might need to be trained in future years due to turnover, etc.
- 36 total hours are spent annually on training, including training sessions and working with the system.
Risks. Risks that could impact the realization of this cost include the following:
- The size of the security team.
- Total training hours.
- Changes year over year to the size of the security team.
Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV of $38,500.
For , this cost might have a three-year, risk-adjusted PV of .
Security Team Internal Training
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|---|
| I1 | Number of users | Composite | 10 | 2 | 2 | 2 | |
| I2 | Dedicated training hours | Interviews | 16 | 16 | 16 | 16 | |
| I3 | On the job training hours | Interviews | 20 | 20 | 20 | 20 | |
| I4 | Security analyst fully loaded salary (hourly) | TEI standard | $65 | $65 | $65 | $65 | |
| It | Security team internal training | I1*(I2+I3)*I4 | $23,400 | $4,680 | $4,680 | $4,680 | |
| Risk adjustment | ↑10% | ||||||
| Itr | Security team internal training (risk-adjusted) | $25,740 | $5,148 | $5,148 | $5,148 | ||
| Three-year total: $41,184 | Three-year present value: $38,542 | ||||||
Consolidated Three-Year Risk-Adjusted Metrics
Cash Flow Chart (Risk-Adjusted)
Total costs Total benefits Cumulative net benefits-
The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.
These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.
Cash Flow Analysis (Risk-Adjusted Estimates)
| Initial | Year 1 | Year 2 | Year 3 | Total | Present Value | |
|---|---|---|---|---|---|---|
| Total costs | ($130,740) | ($690,273) | ($690,273) | ($690,273) | ($2,201,559) | ($1,847,347) |
| Total benefits | $0 | $3,405,765 | $3,405,765 | $3,405,765 | $10,217,295 | $8,469,634 |
| Net benefits | ($130,740) | $2,715,492 | $2,715,492 | $2,715,492 | $8,015,736 | $6,622,287 |
| ROI | 358% | |||||
| Payback period (months) | <6 |
Appendix A: Total Economic Impact
Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.
Total Economic Impact Approach
-
Benefits represent the value delivered to the business by the product. The TEI methodology places equal weight on the measure of benefits and the measure of costs, allowing for a full examination of the effect of the technology on the entire organization.
-
Costs consider all expenses necessary to deliver the proposed value, or benefits, of the product. The cost category within TEI captures incremental costs over the existing environment for ongoing costs associated with the solution.
-
Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. Having the ability to capture that benefit has a PV that can be estimated.
-
Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”
The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.
Appendix B: Endnotes
1 Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.
2 Source: “Cost of a Data Breach 2015,” Ponemon Institute, January 2016.
3 Source: Aswath Damodaran, “Margins By Sector (US),” NYU Stern School of Business, January 2023.
PDF 