The Total Economic Impact™ Of Carbon Black E-Book Featuring An XDR Market Overview A COMMISSIONED STUDY CONDUCTED BY FORRESTER CONSULTING ON BEHALF OF CARBON BLACK, DECEMBER 2023
2 © FORRESTER RESEARCH, INC. ALL RIGHTS RESERVED. Extended detection and response (XDR) is an evolution of endpoint detection and response (EDR), unifying it with other security tooling and giving analysts visibility, high-efficacy detection, and better response. It allows security professionals to improve security operations and automation, all within one tool. XDR enables organizations to conduct faster investigation and remediation of incidents, avoid downtime from debilitating breaches, streamline security operations, and drive compliance and audit efficiencies. In December 2023, Carbon Black commissioned Forrester Consulting to conduct a Total Economic Impact™(TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Carbon Black, a cloud-native XDR that provides extended visibility, depth of telemetry, automated root cause analysis, and crosstool threat hunting. Additionally, the XDR market overview features data from the commissioned Forrester Consulting study surveying 1,291 global security and risk professionals to evaluate their XDR strategies conducted in July 2022. Executive Summary
3 © FORRESTER RESEARCH, INC. ALL RIGHTS RESERVED. Improving security operations strategy is a key priority for technology leaders. In addition, increasing security automation and improving speed and accuracy are key concerns for today’s security leaders. Many organizations are looking to XDR to provide more effective security and meet the need for better security visibility across IT infrastructure. Most surveyed security professionals are in the discovery phase of their XDR journey. XDR is appealing, as it is expected to broaden the value of EDR to additional telemetry sources. While only one in four organizations have adopted XDR so far, the majority of non-users are interested in it, and 76% of all surveyed security professionals believe the XDR market will mature and be the way of the future. XDR delivers ROI and can benefit the overall tech stack. Among the most commonly cited benefits of XDR are enabling unification and scalability, flexibility, and greater automation. XDR adoption drives cost savings by reducing cyber incidents and costly breaches. In addition, ROI continues to build, with investment returns growing as XDR use matures. XDR Market Overview Key Findings
4 © FORRESTER RESEARCH, INC. ALL RIGHTS RESERVED. Different organizations include different security operations tools and services within their XDR program. Most commonly, EDR, vulnerability management, managed security service provider (MSSP) solutions, and identity and access management (IAM) tools are included within an XDR program. XDR Is Not One-Size-Fits-All 57% 48% 46% 45% Endpoint detection and response (EDR) solutions Vulnerability management Managed security service provider (MSSP) solutions Identity and access management tools (IAM) Top Security Operations Tools And Services Included In An XDR Program Base: 338 IT, networking, and security managers and above (including CIOs and CISOs) with responsibility for security and network strategy whose organizations have adopted XDR Note: Showing top four responses Source: A commissioned study conducted by Forrester Consulting on behalf of VMware (now Broadcom), July 2022
5 5 © FORRESTER RESEARCH, INC. ALL RIGHTS RESERVED. XDR Users: Drivers Of XDR Adoption 1. More effective security with better incident management (66%) 2. Need for better security visibility across our entire IT infrastructure (65%) 3. XDR has benefited peers/competitors in the industry (46%) 4. Overcoming the difficulty in recruiting and retaining skilled security staff (45%) 5. Improved speed/accuracy of threat detection (44%) XDR Non-Users: Organizational Needs 1. Improved speed/accuracy of threat detection (79%) 2. XDR has benefited peers/competitors in the industry (62%) 3. Improving productivity of existing security staff (59%) 4. Reducing/complementing our existing SIEM solution (57%) 5. Consolidation of security tools (54%) Although 74% still haven’t adopted XDR, drivers of adoption match the needs of non-users. Base: 1,291 IT, networking, and security managers and above (including CIOs and CISOs) with responsibility for security and network strategy Source: A commissioned study conducted by Forrester Consulting on behalf of VMware (now Broadcom), July 2022
6 © FORRESTER RESEARCH, INC. ALL RIGHTS RESERVED. Although some of the barriers decisionmakers are faced with when adopting XDR are typical of any new security solution adoption (e.g., silos between security and the rest of the organization), there are also other more specific XDR barriers: • Nearly half of decision-makers don’t fully understand XDR and lack a standardized definition, and a further 32% of non-users still need proof XDR exists. • Concerns about adequately resourcing XDR implementation and getting executive buy-in also serve as obstacles to adoption. 55% 40% 40% 37% 31% A risk assessment to understand the risks associated with adoption An education program for our employees to bridge the skills gap Proof of concept to get board and senior leadership buy-in A better understanding of time-tovalue Assistance creating a comprehensive deployment strategy Top Barriers To Investing In XDR Base: 1,291 IT, networking, and security managers and above (including CIOs and CISOs) with responsibility for security and network strategy Source: A commissioned study conducted by Forrester Consulting on behalf of VMware (now Broadcom), July 2022 Decision-Makers Face Difficult Barriers When Thinking About Adopting XDR
7 © FORRESTER RESEARCH, INC. ALL RIGHTS RESERVED. 67% 64% 60% 59% 57% 57% 42% Unifies security-relevant endpoint detections from security and business tools Optimization of threat detection in real time Provides flexibility, scalability, and opportunities for automation Improved visibility for security and IT teams Better, more contextualized threat intelligence Increase security automation More consistent security controls across cloud Top Technology Benefits Due To XDR Adoption Base: 338 IT, networking, and security managers and above (including CIOs and CISOs) with responsibility for security and network strategy whose organizations have adopted XDR Note: Showing top 7 responses Source: A commissioned study conducted by Forrester Consulting on behalf of VMware (now Broadcom) July 2022 XDR Delivers Many Key Technology Benefits Unification and visibility are among the top technology benefits that XDR adopters see and non-users can expect. Overall, XDR gives teams a better picture of the threat landscape and enables them to manage their security tools through one platform.
8 © FORRESTER RESEARCH, INC. ALL RIGHTS RESERVED. 75% 61% 58% 45% 44% Increased ROI Stop more breaches Stay ahead of evolving threats Drive high-fidelity alerts Provide broader visibility into your environment Top Business Benefits Experienced Due To XDR Adoption Base: 338 IT, networking, and security managers and above (including CIOs and CISOs) with responsibility for security and network strategy whose organizations have adopted XDR Note: Showing top 5 responses Source: A commissioned study conducted by Forrester Consulting on behalf of VMware (now Broadcom), July 2022 XDR Means Real Cost Savings For Organizations XDR means fewer breaches and, ultimately, XDR adopters realized better visibility, detection, and the ability to stay ahead of incoming threats and, therefore, increased ROI.
9 © FORRESTER RESEARCH, INC. ALL RIGHTS RESERVED. Results from the Carbon Black commissioned study titled, “The Total Economic Impact™Of Carbon Black” TEI Results
10 TEI Framework And Methodology Interviews DUE DILIGENCE Interviewed Carbon Black stakeholders and Forrester analysts to gather data relative to Carbon Black. INTERVIEWS AND SURVEY Interviewed six representatives and surveyed 52 respondents at organizations using Carbon Black to obtain data with respect to costs, benefits, and risks. COMPOSITE ORGANIZATION Designed a composite organization based on characteristics of the interviewees’ organizations. FINANCIAL MODEL FRAMEWORK Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees. CASE STUDY Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology. Role Industry Revenue • Head of information security • Network support services manager Educational system •No revenue •130,000 employees and students • Director of cyberdefense • Cyberdefense team leader Financial services •$800 million •2,000 employees Information security administrator Call center services •$65 million •500 employees (not including contractors) Cybersecurity specialist Healthcare services •$160 million •1,200 employees Source: A commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Carbon Black, December 2023
•“We did two POCs [proof of concepts]: one on [a competitive tool] and one on Carbon Black. We collectively agreed that Carbon Black was more user-friendly —something that we could evolve with —and had the key XDR functionality we wanted.” •—Information security administrator, call center services Source: A commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Carbon Black, December 2023
12 Key Findings Key Metrics ROI 427% BENEFITS PV $5.49 million NPV $4.45 million PAYBACK <6 months $2.3M $1.5M $1.2M $463.7K $116.0K Faster investigation and remediation of cybersecurity incidents Avoided downtime due to data breach Cost savings from streamlined security operations Audit and compliance efficiencies Savings from reduced reimaging of devices Benefits (Three-Year) Source: A commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Carbon Black, December 2023
“The question should be, how much is the business worth to you? We have been able to stay on top of everything with what Carbon Black gives us. So, it’s absolutely worth it.” — Information security administrator, call center services Source: A commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Carbon Black, December 2023
14 Total Benefits Quantified benefit data as applied to the composite Source: A commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Carbon Black, December 2023 Analysis Of Benefits
15 Total Benefits Faster investigation and remediation of cybersecurity incidents Avoided downtime due to data breach Cost savings from streamlined security operations Audit and compliance efficiencies Savings from reduced reimaging of devices $5.49 million three-year total benefits PV Source: A commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Carbon Black, December 2023 Total Benefits
Customers reported faster investigation and remediation of cybersecurity incidents enabled by a 75% reduction in mean time to resolution (MTTR). Prioritized alerts, robust visualization and tracking capabilities, and the ability to remotely triage endpoints are the capabilities that interviewees found critical to reducing investigation and remediation times. The composite organization’s productivity for incident management improved by 72.0% in Year 1, by 77.3% in Year 2, and by 82.5% in Year 3. Based on more efficient incident management, this benefit is valued at more than $2.2 million for the composite over three years. 42% $2.28 million three-year total benefits PV Faster Investigation And Remediation Of Cybersecurity Incidents Source: A commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Carbon Black, December 2023
27% More than 55% of survey respondents indicated that Carbon Black has either enabled them to stop more cyberattacks or have better visibility into attacks. Most interviewees noted their organizations experienced a significant cyberattack prior to adopting Carbon Black — specifically ransomware attacks — that prompted them to seek out and evaluate a next-generation cybersecurity solution. Carbon Black Cloud is able to detect and prevent threats by data collection and dynamically applying behavioral analytics to this data, as well as to uncover patterns and indicators to ascertain current threats and anticipate future ones. Due to a 40% reduction in risk of a large-scale breach, the composite organization retains $5.5 million of its revenues each year with Carbon Black. On an operating basis, the composite organization benefits by just under $1.5 million over three years. Avoided Downtime Due To Data Breach $1.46 million three-year total benefits PV Source: A commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Carbon Black, December 2023
Appendix A: Total Economic Impact Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists vendors in communicating the value proposition of their products and services to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of IT initiatives to both senior management and other key business stakeholders. . Total Economic Impact Approach Benefits represent the value delivered to the business by the product. The TEI methodology places equal weight on the measure of benefits and the measure of costs, allowing for a full examination of the effect of the technology on the entire organization. Costs consider all expenses necessary to deliver the proposed value, or benefits, of the product. The cost category within TEI captures incremental costs over the existing environment for ongoing costs associated with the solution. Flexibilityrepresents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. Having the ability to capture that benefit has a PV that can be estimated. Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.” ! Present value (PV) The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash flows. Net present value (NPV) The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made, unless other projects have higher NPVs. Return on investment (ROI) A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs. Discount rate The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%. The initial investment column contains costs incurred at “time 0” or at the beginning of month 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the eighteen-month period. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur. Payback period The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost. Source: A commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Carbon Black, December 2023
19 Explore More Download PDF Study: Evolving Security Operations Capabilities Read Now Contact Carbon Black Download PDF Study: The Total Economic ImpactTM Of Carbon Black Read Now
20
RkJQdWJsaXNoZXIy MjE3NDkyOQ==