The Total Economic Impact™ Of Varonis

Cost Savings And Business Benefits Enabled By Varonis

A Forrester Total Economic Impact™ Study Commissioned By Varonis, April 2024

Organizations today face security and data risks virtually everywhere, and those risks increase exponentially as generative AI (genAI) becomes more widely adopted. Excessive user permissions offer fertile ground for attackers in search of sensitive data (e.g., personal information, credit card numbers, intellectual property) for exploitation and malicious use. Emails, files, and content that employees work with daily also often contain sensitive business or personal data.

To remediate excessive access issues without interrupting business continuity, organizations require a solution that can intelligently remove access at scale based on which users need and use their granted access. To tackle sensitive data-exposure issues, companies need a tool to scan, classify, and monitor sensitive data to know where it lives, who has access to it, and who is accessing it. With this information, they can implement and maintain a least-privilege model and maintain a data-centric security policy to prevent and mitigate damage from cyberattacks, be in a position to safely adopt genAI, and meet regulatory compliance requirements.

The Varonis Data Security Platform stops and prevents cyberattacks by taking a data-centric approach to security. Varonis scans on-prem and cloud environments to automatically discover, classify, and label sensitive data, analyze permissions, and remediate excessive access to limit the impact of cyberattacks, manage the posture of cloud apps to proactively close security gaps, and monitor user and device behavior to detect and stop threats. The cloud-native platform uses machine learning and automation to detect threats and rapidly remediate data exposure, ultimately reducing risk and enabling compliance. Varonis’ rapid deployment delivers quantifiable data security outcomes with minimal manual effort. Even when users are not logged in, Varonis is classifying more data, correctly setting user permissions, enforcing policies, and triggering alerts for its incident response team to review on behalf of its customers.

Varonis commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Varonis.¹ The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Varonis on their organizations.

Return on investment (ROI)

421%

Net present value (NPV)

$3.4M

To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed four representatives with experience using Varonis solutions, including: Varonis for Windows File Shares and NAS, Varonis for Microsoft 365, and Varonis for Active Directory, for Varonis for Salesforce. For the purposes of this study, Forrester aggregated the interviewees’ experiences and combined the results into a single composite organization that generates approximately $900 million in annual revenue and has 2,500 employees, 105TB of data, and 3.3 million folders with file and data assets that have access and sharing available that may become a vulnerability.

Interviewees said that prior to using Varonis, their organizations suffered from excessive access, overexposed sensitive and critical data, and over-permissioned users. Some interviewees’ organizations had experienced data breaches that led to significant financial loss and organizational, technological, and business disruption.

Interviewees said after the investment in Varonis, their organizations gained visibility into user access, obtained significantly greater understanding of issues and their causes, accelerated threat notification, optimized the ability to remediate threats and incidents, and reduced data breaches and security risks.

Key Findings

Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:

Reduced risk of a security breach, worth $2.4 million over three years. Varonis limits the composite organization’s exposure and subsequently lowers the probability of a successful attack against it, which allows it to avoid significant financial risk. Previously, the composite organization was only able to know of and remediate about 15% of its access and sharing vulnerabilities. But because Varonis monitors and manages access and sharing for all folders, files, and data, the composite experiences a 90% reduction in breaches from internal and external attacks on these sources.
Increased productivity as a result of automated excessive access and shared link remediation with Varonis, worth $1.8 million over three years. Prior to using Varonis, the composite organization spent thousands of hours remediating file and folder access and sharing vulnerabilities, and that only covered a small percentage of vulnerable assets that were known. The vast majority was completely unknown to the organization. Varonis provides the composite’s IT and security organizations with the ability to increase productivity by automatically remediating the access and sharing vulnerabilities that used to take extensive time to manage manually, and it helps the organization continually find and avoid vulnerabilities for all other unknown exposed data assets.
Decreased security incident investigation time, worth $135,000 over three years. The threat detection and response capabilities of the Varonis platform helps the composite organization quickly identify and respond to the decreased number of potential security threats that still happen. It uses the capabilities provided by Varonis to reduce the amount of time it takes to investigate potential threats and take appropriate action. Due to this, the composite organization experiences an 80% reduction in time spent investigating security incidents.

Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:

Faster and more expedient threat notification. Interviewees told Forrester their organizations experienced an immediate and ongoing reduction of security exposures by improving detection and response practices through Varonis.
Greater visibility into data. Interviewees told Forrester that Varonis helps their organizations gain visibility into their data that they didn’t have before and that this helps them improve their data processes and policies.
Holistic view of risk. Interviewees told Forrester that Varonis offers dashboard views of where their organizations have sensitive data, where that information is exposed, and where that information might be at risk.
Avoidance of cost of data exfiltration. Interviewees told Forrester that Varonis drives the avoidance of potentially significant costs around losing files and other critical business information.
Comprehensive threat investigation and required mitigation. Interviewees told Forrester that Varonis offers their companies the ability to uncover and evaluate potential threats in their entirety and mitigate them swiftly.

Costs. Three-year, risk-adjusted PV costs for the composite organization include:

Varonis license costs of $805,000 over three years. The composite organization pays Varonis a risk-adjusted total of $805,000 over three years for Varonis license costs.
Implementation and management costs of Varonis totaling $12,000 over three years. Implementation and management costs for the composite organization are a risk-adjusted total of $12,000 over three years.

The representative interviews and financial analysis found that a composite organization experiences benefits of $4.3 million over three years versus costs of $817,000, adding up to a net present value (NPV) of $3.4 million and an ROI of 421%.

“Varonis gives us the visibility and additional security we need nowadays. We saw a huge bang for our buck right out of the gate.”

CIO, education administration

Key Statistics

Return on investment (ROI)

421%

Benefits PV

$4.3M

Net present value (NPV)

$3.4M

Benefits (Three-Year)

Reduced risk and cost of a security breach Increased productivity with automated remediation Decreased security incident investigation time

TEI Framework And Methodology

From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment Varonis.

The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Varonis can have on an organization.

Forrester Consulting conducted an online survey of 351 cybersecurity leaders at global enterprises in the US, the UK, Canada, Germany, and Australia. Survey participants included managers, directors, VPs, and C-level executives who are responsible for cybersecurity decision-making, operations, and reporting. Questions provided to the participants sought to evaluate leaders' cybersecurity strategies and any breaches that have occurred within their organizations. Respondents opted into the survey via a third-party research panel, which fielded the survey on behalf of Forrester in November 2020.

Due Diligence

Interviewed Varonis stakeholders and Forrester analysts to gather data relative to Varonis.
Interviews

Interviewed four representatives at organizations using Varonis to obtain data about costs, benefits, and risks.
Composite Organization

Designed a composite organization based on characteristics of the interviewees’ organizations.
Financial Model Framework

Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.
Case Study

Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.

Disclosures

Readers should be aware of the following:

This study is commissioned by Varonis and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.

Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Varonis.

Varonis reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.

Varonis provided the customer names for the interviews but did not participate in the interviews.

Consulting Team:

Roger Nauth

Drivers leading to the Varonis investment

Interviews

Role	Industry	Region	Revenue	Employees	No. of files
Systems infrastructure manager	Chemical manufacturing	United States	$701M	1,300	30,000
VP of information technology	Residential construction	United States	$1.7B	800	N/A
Group CIO	Financial, operational, and strategic consulting	Europe	$275M	1,000	N/A
CIO	Education administration	United States	N/A	7,000	37,000

Key Challenges

The interviewees noted how their organizations struggled with similar challenges, including:

No ability to classify, identify, and manage access of data. Interviewees told Forrester their organizations lacked a system to classify or identify data. The organizations also did not have the ability to pinpoint where data lived and did not know the access and sharing settings for most folders and files.
Up to hundreds of hours spent on excessive access remediation. Interviewees said their organizations spent dozens to hundreds of hours remediating excessive access, including tasks such as dumping the access control lists (ACLs) of every file and folder so they could parse through themselves.
Significant time spent managing incidents and risks. Interviewees said their organizations spent extensive amounts of time managing incidents and risks, which led to staff members losing productivity.
Widespread sharing of documents with confidential information. Interviewees said their organizations suffered from the unbridled sharing of documents, including those with confidential information such as passwords and other personally identifiable information (PII). Files were often shared across the organizations for everyone to see.
Vulnerability to cyberattacks. Two of the four interviewees said their organization had experienced cyberattacks and needed a way to be able to proactively mitigate and detect future attacks.

“We didn’t have a system to classify or identify our data, and we also didn’t have a process in place. We have quite a few security initiatives, and one of those is to find out what kind of data we have. That was the main driver to launch into this project.”

Systems infrastructure manager, chemical manufacturing

“We were the victim of a cyberattack. Data was hacked. With Varonis, one of the things that we discovered was we had a lot of sensitive data in various different places.”

CIO, education administration

Composite Organization

Based on the interviews, Forrester constructed a TEI framework, a composite company, and an ROI analysis that illustrates the areas financially affected. The composite organization is representative of the four interviewees, and it is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics:

Description of composite. The composite is a large, mid-market to enterprise corporation based in the United States that generates more than $900 million in annual revenue and has 2,500 employees with approximately 50 IT professionals. It has approximately 105TB of data and 3.3 million folders in which there are 34 million files, many containing sensitive data. The organization has already deployed Varonis solutions including Varonis for Windows File Shares and NAS, Varonis for Microsoft 365, and Varonis for Active Directory.

Key Assumptions

$900M+ in revenue
2,500 employees
50 IT professionals
105TB of data
3.3 million folders contain file assets with potential vulnerabilities

Quantified benefit data as applied to the composite

Total Benefits

Ref.	Benefit	Year 1	Year 2	Year 3	Total	Present Value
Atr	Reduced risk and cost of a security breach	$946,838	$946,838	$946,838	$2,840,513	$2,354,645
Btr	Increased productivity with automated remediation	$1,234,430	$411,493	$411,493	$2,057,415	$1,771,446
Ctr	Decreased security incident investigation time	$54,150	$54,150	$54,150	$162,450	$134,663
	Total benefits (risk-adjusted)	$2,235,418	$1,412,480	$1,412,480	$5,060,378	$4,260,754

Reduced Risk And Cost Of A Security Breach

Evidence and data. Interviewees highlighted several ways in which using the Varonis platform reduced the risk of a security breach at their organizations:

Regarding the avoidance of cost associated with an event, the VP of information technology at a residential construction company told Forrester: “You can figure out pretty quickly what an event would cost. It’s in the hundreds of thousands real quick.”
Interviewees said their organizations previously only knew about a fraction of their total access and sharing vulnerabilities but that Varonis automates monitoring and management of data in folders and files, in SaaS and IaaS apps, databases, and emails, which reduces the risk of a data breach by limiting accessible data.

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

The composite organization previously only knew about and was able to remediate about 15% of its improper data access and sharing issues. That means 85% were not remediated because the organization didn’t know about them or didn’t have enough time or resources to tackle it.
The composite has a 77% probability of experiencing one or more breach per year.²
The composite’s mean cumulative cost of one or more breach per year is $3,506,000.³
The composite’s percentage of breaches originating from external and internal attacks as a result of access or sharing vulnerabilities for file, folder, and data assets is 43.3%.⁴
The composite’s reduced risk of breaches from external and internal attacks on organizational data with Varonis is 90%. About 75% of the reduced risk and cost of a breach is related to improved global access, and 15% is due to improved detection and response (which add up to 90%).⁵

Risks. The value of this benefit can vary across organizations due to the following:

The cost per record lost in a security breach, which will vary by industry and geography.
The impact of Varonis on security threat detection and response, which will vary based on the sophistication of existing security solutions other than Varonis.

Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $2.4 million.

90%

Reduced risk of breaches from external and internal attacks related to access and sharing vulnerabilities

“The biggest risk is data exposure. So, being able to identify what’s being exposed — especially to the outside world — is important. Being able to shut that off is a nice reduction to that risk.”

Systems infrastructure manager, chemical manufacturing

Reduced Risk And Cost Of A Security Breach

Ref.	Metric	Source	Year 1	Year 2	Year 3
A1	Probability of experiencing one or more breaches per year	Forrester research	77%	77%	77%
A2	Mean cumulative cost of one or more breaches per year	Forrester research	$3,506,000	$3,506,000	$3,506,000
A3	Percent of external and internal attacks on organizational data and folder assets	Forrester research	43.3%	43.3%	43.3%
A4	Risk exposure from external and internal attacks on organizational data	A1A2A3	$1,168,935	$1,168,935	$1,168,935
A5	Reduced exposure by remediating excessive access	Interviews	75%	75%	75%
A6	Reduced exposure by improving detection and response practices	Interviews	15%	15%	15%
A7	Reduced risk of breaches from external and internal attacks on organizational data	A5+A6	90%	90%	90%
At	Reduced risk and cost of a security breache	A4*A7	$1,052,042	$1,052,042	$1,052,042
	Risk adjustment	↓10%
Atr	Reduced risk and cost of a security breach (risk-adjusted)		$946,838	$946,838	$946,838
Three-year total: $2,840,513			Three-year present value: $2,354,645

Increased Productivity Automated Remediation

Evidence and data. Interviewees highlighted several ways in which Varonis improves their organizations’ ability to remediate excessive access:

The VP of information technology at a residential construction company told Forrester: “For a company of our size, if somebody’s going to attack us with ransomware based on a file that’s sitting on either a file share or [email box] or [a messaging app], it’s going to cost us millions to fix.”
The systems infrastructure manager at a chemical manufacturing company explained: “Right now, if I wanted to go in and say, ‘What folders across the enterprise are shared with everyone?’, I can get a pretty quick list of those, and I can look over them and see that a lot of these folders probably shouldn’t be shared with everyone. And we can go and remediate that.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

Of the total folders and assets Varonis monitors for the composite organization, 1.5% have access or sharing vulnerabilities that should be remediated. That adds up to 49,500 in Year 1 and 16,500 in years 2 and 3.
Prior to using Varonis, the composite organization did not have the visibility or time to address all access and sharing issues and only remediated 15%. It was not able to remediate the remaining 85%. Even if the composite knew of those issues, there was not enough time or resources to handle everything. Varonis now manages access and sharing for 100% of the composite’s folders, files, and data.
Before using Varonis, the composite required 3.5 hours per folder to identify and remediate global access and sharing vulnerabilities. The total hours spent remediating were 25,988 in Year 1 and 8,663 in both years 2 and 3.
Varonis automation capabilities help the composite organization avoid these hours by managing and monitoring 100% of all assets to avoid issues before they happen. This leads to increased productivity for its network and security employees and significantly less time spent on global access remediation.
The fully burdened hourly rate of a network and security employee responsible for access remediation is $50.

Risks. The value of this benefit can vary across organizations due to the following:

The number of folders with global access in the company’s file systems prior to deploying Varonis.
The amount of sensitive data stored in the company’s file system.

Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.1 million.

More than 43,000 hours

Total time avoided remediating access and sharing vulnerabilities over three years

85%

Estimated percentage of access and sharing vulnerabilities that are not remediated or known

“It would probably take dozens if not hundreds of hours for global access remediation time without Varonis.”

Systems infrastructure manager, chemical manufacturing

Increased Productivity With Automated Remediation

Ref.	Metric	Source	Year 1	Year 2	Year 3
B1	Total folders with files and data with potential access and sharing capabilities monitored by Varonis	Composite	3,300,000	1,100,000	1,100,000
B2	Percent of folders with access and sharing vulnerabilities	Composite	1.5%	1.5%	1.5%
B3	Folders with files and data that have access or sharing vulnerabilities and should be remediated	B1*B2	49,500	16,500	16,500
B4	Percent of access and sharing vulnerabilities that were remediated before using Varonis	Composite	15%	15%	15%
B5	Folders with files and data that were remediated before using Varonis	B3*B4	7,425	2,475	2,475
B6	Time per folder required to identify and remediate excessive access and sharing before Varonis (hours)	Interviews	3.5	3.5	3.5
B7	Subtotal: Total time spent remediating excessive access and sharing before using Varonis (hours)	B5*B6	25,988	8,663	8,663
B8	Fully burdened hourly rate of a network or security employee responsible for excessive access remediation	TEI standard	$50	$50	$50
Bt	Increased productivity with automated remediation	B7*B8	$1,299,400	$433,150	$433,150
	Risk adjustment	↓5%
Btr	Increased productivity with automated remediation (risk-adjusted)		$1,234,430	$411,493	$411,493
Three-year total: $2,057,415		Three-year present value: $1,771,446

Decreased Security Incident Investigation Time

Evidence and data. Interviewees highlighted several ways the Varonis platform improved their organizations’ threat detection workflows:

The group CIO at a financial, operational, and strategic consulting company told Forrester: “Varonis provides us with daily alerts [that help us] investigate threats. Early on, we found five email boxes that had been hacked. We are now able to react quickly. For example, we can send information to all the clients that may have received emails from the hacked mailbox [and tell] them to be careful.”
The group CIO of a financial, operational, and strategic consulting company told Forrester: “You have a lot of information in Varonis to have a good idea. We discovered that we need to enroll the computers or do something else. This couldn’t be done without a tool like Varonis. I was able to check who has access. You have a lot of information in Varonis to have a good idea of what’s happening and lower risks, both internal and external. For example, Varonis lets you know when someone is copying 5,000 files on a USB stick to take them to another company.”
The VP of information technology at a residential construction company said: “We started seeing benefits almost within the first month. We found a couple of files actually named ‘password’ that contained someone’s passwords that they just saved on there.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

The composite investigates 300 security incidents annually.
The average time the composite spends investigating security incidents without Varonis is 4.8 hours.
The composite sees time savings of 80% (about 3.8 hours) by investigating incidents with Varonis.
The composite spends an average of 1 hour investigating security incidents with Varonis.

Risks. The value of this benefit can vary across organizations due to the following:

Other security solutions the organization has in place.
The number of security analysts required to investigate an alert.

Results. To account for these risks, Forrester adjusted this benefit downward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $135,000.

Decreased Security Incident Investigation Time

Ref.	Metric	Source	Year 1	Year 2	Year 3
C1	Security incidents investigated	Interviews	300	300	300
C2	Average time spent investigating security incidents without Varonis (hours)	Interviews	4.8	4.8	4.8
C3	Percentage of time savings from investigating incidents with Varonis	Interviews	80%	80%	80%
C4	Average time spent investigating security incidents with Varonis (hours)	C2*(1-C3)	1.0	1.0	1.0
C5	Hourly compensation of a security analyst responsible for alert investigation	TEI standard	$50	$50	$50
Ct	Decreased security incident investigation time	C1(C2-C4)C5	$57,000	$57,000	$57,000
	Risk adjustment	↓5%
Ctr	Decreased security incident investigation time (risk-adjusted)		$54,150	$54,150	$54,150
Three-year total: $162,450		Three-year present value: $134,663

80%

Reduction in time spent investigating security incidents

“We have had a significant reduction [in time investigating security incidents]. [We spent] 12 hours investigating prior to Varonis, and then one and a half roughly after, so significant reduction in time.”

VP of information technology, residential construction

Unquantified Benefits

Interviewees mentioned the following additional benefits that their organizations experienced but were not able to quantify:

Faster and more expedient threat notification. The CIO of an education administration organization told Forrester that they experienced an immediate 75% reduced exposure by improving detection and response practices, and 25% of this reduction ongoing year over year.

Greater visibility into data. Forrester learned from its interview with the CIO of an education administration organization that Varonis helps organizations gain visibility into their data that they didn’t have before, helping them improve their data processes and policies.

Holistic view of risk. The systems infrastructure manager at a chemical manufacturing company said that Varonis offers the composite organization a dashboard of files and folders that should not be shared with everyone as well as details regarding where and when users remotely access sensitive information.
Avoidance of cost of data exfiltration. The VP of information technology at a residential construction company told Forrester that a difficult to quantify but significant cost is around losing files and how Varonis helps their business avoid such a cost.
Comprehensive threat investigation and mitigation. The VP of information technology at a residential construction company went on to say that Varonis offers their company the ability to uncover and evaluate security threats in their entirety and mitigate them swiftly.

Flexibility

The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement Varonis and later realize additional uses and business opportunities, including:

Extension of data classification and DLP policy development. The systems infrastructure manager at a chemical manufacturing company told Forrester: “Next year’s going to be the classification project to identify what data we need to be classifying and protecting. Then, alongside that or shortly after, we plan to be building out those policies and remediation practices to act and alert on those classifications.”
Keep pace with the speed of cloud. Regarding the ability of the organization to be faster and more agile, the VP of technology at a residential construction company said: “Varonis has allowed us to quickly move away from the old file-share mentality. I think having the timeline of moving from their on-prem version to the cloud version helped push us. That was a good thing.”

The group CIO of a financial, operational, and strategic consulting company talked about the flexibility Varonis offers around speed and agility: “It’s better because we know better where our data is. We can be more proactive — or at least very reactive — when there is a breach or an alert.”
High satisfaction and interest in building off the Varonis platform and ecosystem. The systems infrastructure manager at a chemical manufacturing company said that their organization would like to build on the Varonis platform and ecosystem. They said: “We’ll be looking at all sorts of different solutions, and if Varonis has any of those solutions, we’ll certainly look at them because I would like to stay with [Varonis]. If we already have a platform that we’re happy with, then I like to stay in that ecosystem as much as possible.”

Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Appendix A).

Quantified cost data as applied to the composite

Total Costs

Ref.	Cost	Initial	Year 1	Year 2	Year 3	Total	Present Value
Dtr	Varonis license costs	$0	$323,841	$323,841	$323,841	$971,523	$805,345
Etr	Implementation and management of Varonis	$3,255	$3,465	$3,465	$3,465	$13,650	$11,872
	Total costs (risk-adjusted)	$3,255	$327,306	$327,306	$327,306	$985,173	$817,217

Varonis License Costs

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

The cost of Varonis for Windows/NAS+M365 (SaaS) is $105.
The cost of Varonis for Active Directory (SaaS) is $15.
The composite’s quantity of Windows/NAS+M365 (SaaS) and Active Directory (SaaS) is 2,501.
The composite’s annual contract value (ACV) for Varonis for Windows/NAS+M365 (SaaS) is $262,605.
The composite’s ACV for Varonis for Active Directory (SaaS) is $37,515.
The composite’s collector price per user is $2,075.
The composite has four collectors.
The composite’s collector cost total is $8,300 per year.

Risks. The value of this cost can vary across organizations due to:

Whether or not the organization receives preferred pricing if it is a desirable tier-one client.
Changes in pricing as the organization grows and requires additional functionality.

Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $805,000.

Varonis License Costs

Ref.	Metric	Source	Initial	Year 1	Year 2	Year 3
D1	Cost of Varonis for Windows/NAS+M365 (SaaS)	Composite		$105	$105	$105
D2	Quantity of Varonis for Windows/NAS+M365 (SaaS)	Composite		2,501	2,501	2,501
D3	ACV for Varonis for Windows/NAS+M365 (SaaS)	D1*D2		$262,605	$262,605	$262,605
D4	Cost of Varonis for Active Directory (SaaS)	Composite		$15	$15	$15
D5	Quantity of Varonis for Active Directory (SaaS)	Composite		2,501	2,501	2,501
D6	ACV for Varonis for Active Directory (SaaS)	D4*D5		$37,515	$37,515	$37,515
D7	Collectors price per user	Composite		$2,075.00	$2,075.00	$2,075.00
D8	Collectors	Composite		4	4	4
D9	Collectors total	D7*D8		$8,300	$8,300	$8,300
Dt	Varonis license costs	D3+D6+D9	$0	$308,420	$308,420	$308,420
	Risk adjustment	↑5%
Dtr	Varonis license costs (risk-adjusted)		$0	$323,841	$323,841	$323,841
Three-year total: $971,523			Three-year present value: $805,345

Implementation And Management Of Varonis

Evidence and data. The VP of information technology at a residential construction company told Forrester: “Quite frankly, [the cost of implementation and management] was very reasonable having done multiple implementations and professional services. [There were] minimal costs on our end. It was plug and play. It [required] three or four resources. [It] probably took us not even full time —two months, maybe.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

The composite dedicates two FTEs to manage the system annually through Year 3.
The composite spends 16 hours implementing Varonis.
The fully burdened hourly compensation of a dedicated FTE is $50.
The composite’s cost to implement Varonis is $1,600.
The composite initially assigns 15 hours of training for relevant employees to use Varonis. This time drops to 2 hours per year in years 1 through 3.
The composite dedicates two FTEs to training in the initial period and then twenty-five users are dedicated annually to training in years 1 through 3. These users who are being trained are not required to manage the system.
The cost of training employees during the initial period is $1,500 and then $2,500 per year in years 1 through 3.
Each employee spends 8 hours managing the system annually.
The composite’s cost to manage Varonis annually is $800.

Risks. The value of this cost can vary across organizations due to:

The intricacy and capabilities of the solution.
The level of expertise required to successfully deploy the solution.
The number of employees trained to use the Varonis platform.

Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $12,000.

Implementation And Management Of Varonis

Ref.	Metric	Source	Initial	Year 1	Year 2	Year 3
E1	FTEs dedicated to managing the system	Composite	2
E2	Total time spent implementing Varonis (hours)	Composite	16
E3	Hourly compensation of a dedicated FTE	TEI standard	$50	$50	$50	$50
E4	Cost to implement Varonis	E1E2E3	$1,600
E5	Training time to use Varonis (hours)	Composite	15	2	2	2
E6	FTEs involved in training	Composite	2	25	25	25
E7	Cost to train employees on Varonis	E3E5E6	$1,500	$2,500	$2,500	$2,500
E8	FTEs dedicated to managing the system	Composite		2	2	2
E9	Time spent managing the system annually (hours)	Composite		8	8	8
E10	Cost to manage Varonis	E3E8E9		$800	$800	$800
Et	Implementation and management of Varonis	E4+E7+E10	$3,100	$3,300	$3,300	$3,300
	Risk adjustment	↑5%
Etr	Implementation and management of Varonis (risk-adjusted)		$3,255	$3,465	$3,465	$3,465
Three-year total: $13,650			Three-year present value: $11,872

Consolidated Three-Year Risk-Adjusted Metrics

Cash Flow Chart (Risk-Adjusted)

Total costs Total benefits Cumulative net benefits

The financial results calculated in the Benefits and Costs sections can be used to determine the ROI and NPV for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.

These risk-adjusted ROI and NPV values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.

Cash Flow Analysis (Risk-Adjusted Estimates)

	Initial	Year 1	Year 2	Year 3	Total	Present Value
Total costs	($3,255)	($327,306)	($327,306)	($327,306)	($985,173)	($817,217)
Total benefits	$0	$2,235,418	$1,412,480	$1,412,480	$5,060,378	$4,260,754
Net benefits	($3,255)	$1,908,112	$1,085,174	$1,085,174	$4,075,205	$3,443,537
ROI						421%

Appendix A: Total Economic Impact

Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.

Total Economic Impact Approach

Benefits represent the value delivered to the business by the product. The TEI methodology places equal weight on the measure of benefits and the measure of costs, allowing for a full examination of the effect of the technology on the entire organization.
Costs consider all expenses necessary to deliver the proposed value, or benefits, of the product. The cost category within TEI captures incremental costs over the existing environment for ongoing costs associated with the solution.
Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. Having the ability to capture that benefit has a PV that can be estimated.
Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”

PRESENT VALUE (PV)

The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash flows.
NET PRESENT VALUE (NPV)

The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made unless other projects have higher NPVs.
RETURN ON INVESTMENT (ROI)

A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.
DISCOUNT RATE

The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.
PAYBACK PERIOD

The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost.

The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.

Appendix B: Supplemental Material

Related Forrester Research

The Forrester Wave: Data Security Platforms, Q1 2023, Forrester Research, Inc., March 22, 2023.

Appendix C: Endnotes

¹ Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders.

² Source: Forrester Consulting Cost Of A Cybersecurity Breach Survey, Q1 2021.

³ Ibid.

⁴ Ibid.

⁵ Ibid.

ABOUT FORRESTER CONSULTING

Forrester provides independent and objective research-based consulting to help leaders deliver key transformation outcomes. Fueled by our customer-obsessed research, Forrester’s seasoned consultants partner with leaders to execute on their priorities using a unique engagement model that tailors to diverse needs and ensures lasting impact. For more information, visit forrester.com/consulting.

© Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies.

Cookie Settings

This website uses cookies to deliver functionality and enhance your experience. GDPR requires that we obtain your consent before activating these cookies. Please accept the use of cookies or review your cookie settings now.

A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions (data inputs, website navigation), so you don’t have to re-enter data when you come back to the site or browse from one page to another.

Behavioral information collected by our web analytics vendor is used to analyze data pertaining to visitor trends, plan website enhancements, and measure overall website effectiveness. We may also use cookies or web beacons to help us offer you products, programs, or services that may be of interest to you and to deliver relevant advertising. We may use third-party advertising companies to help tailor website content to users or to serve ads on our behalf. These companies may also employ cookies and web beacons to measure advertising effectiveness.

Please accept cookies and the collection of behavioral information to receive full functionality and enhance your experience. If you decline cookies, some features of the website may not function normally.

Please see our Privacy Policy for more information.

Executive Summary

Key Findings

Table Of Contents

Key Statistics

421%

$4.3M

$3.4M

Benefits (Three-Year)

TEI Framework And Methodology

Due Diligence

Interviews

Composite Organization

Financial Model Framework

Case Study

Disclosures

The Varonis Customer Journey

Drivers leading to the Varonis investment

Interviews

Key Challenges

Composite Organization

Key Assumptions

Analysis Of Benefits

Quantified benefit data as applied to the composite

Total Benefits

Reduced Risk And Cost Of A Security Breach

Reduced Risk And Cost Of A Security Breach

Increased Productivity Automated Remediation

Increased Productivity With Automated Remediation

Decreased Security Incident Investigation Time

Decreased Security Incident Investigation Time

Unquantified Benefits

Flexibility

Analysis Of Costs

Quantified cost data as applied to the composite

Total Costs

Varonis License Costs

Varonis License Costs

Implementation And Management Of Varonis

Implementation And Management Of Varonis

Financial Summary

Consolidated Three-Year Risk-Adjusted Metrics

Cash Flow Chart (Risk-Adjusted)

Cash Flow Analysis (Risk-Adjusted Estimates)

Appendixes

Appendix A: Total Economic Impact

Total Economic Impact Approach

PRESENT VALUE (PV)

NET PRESENT VALUE (NPV)

RETURN ON INVESTMENT (ROI)

DISCOUNT RATE

PAYBACK PERIOD

Appendix B: Supplemental Material

Appendix C: Endnotes

ABOUT FORRESTER CONSULTING