The Business Value of Network-Based Intrusion Prevention Systems



Similar documents
The Business Value of VCE Vblock Systems: Leveraging Convergence to Drive Business Agility

Allstate Getting Much More from Its IT Services with ServiceNow Cloud-Based IT Service Management Solution

The Business Value of IT Certification

Achieving Organizational Transformation with HP Converged Infrastructure Solutions for SDDC

WHITE PAPER Linux Management with Red Hat Network Satellite Server: Measuring Business Impact and ROI

Pulsant Delivers Agile and Cost-Effective Hybrid Cloud Services with Cisco ACI

Quantifying the Business Benefits of Red Hat Enterprise Linux Solutions

The Business Value of Connected Support from HP

WHITE PAPER JBoss Operations Network: Measuring Business Impact and ROI

Equinix Increases IT and Employee Productivity with ServiceNow Cloud-Based IT Service Automation Solution

WHITE PAPER Using SAP Solution Manager to Improve IT Staff Efficiency While Reducing IT Costs and Improving Availability

WSSC Building on Oracle Engineered Systems to Become a Smart, Real-Time Utility Provider

Assessing the Business Value of SDN Datacenter Security Solutions

Assessing the Business Value of the Secured Datacenter

Nimble Storage Leverages Operational Data to Drive Its Business with Analytics Delivered by HP Vertica

Schiphol Telematics Moves to Avanade to Achieve More Value Through Business Partnership

AT&T Leverages HP Vertica Analytics Platform to Change the Economics of Providing Actionable Insights to Decision Makers

WHITE PAPER Business Value of JBoss Enterprise Application Platform

Using Converged Infrastructure to Enable Rapid, Cost-Effective Private Cloud Deployments

How To Know The Roi Of Cesp Workload Automation Software

Calculating the Business Value of Next Generation Firewall

W H I T E P A P E R T h e R O I o f C o n s o l i d a t i n g B a c k u p a n d A r c h i v e D a t a

Reducing Cost While Simplifying Administration: Monetizing the Benefits of SAP ASE

Quantifying the Business Value of Amazon Web Services

University of Kentucky Leveraging SAP HANA to Lead the Way in Use of Analytics in Higher Education

Metro Health Giving Time Back to Its Care Providers with VMware Horizon View

How To Understand Cloud Economics

Converged and Integrated Datacenter Systems: Creating Operational Efficiencies

Impact of Juniper Training and Certification on Network Management Activities

W H I T E P A P E R L i n u x M a n a g e m e n t w i t h R e d H a t S a t e l l i t e : M e a s u r i n g B u s i n e s s I m p a c t a n d R O I

W H I T E P A P E R B u s i n e s s V a l u e o f M a n a g e d S e r v i c e s

I D C A N A L Y S T C O N N E C T I O N

Global Headquarters: 5 Speen Street Framingham, MA USA P F

The SIEM Evaluator s Guide

How To Buy Nitro Security

Affordable, Scalable, Reliable OLTP in a Cloud and Big Data World: IBM DB2 purescale

W H I T E P A P E R T h e B u s i n e s s V a l u e o f t h e H P P r o a c t i v e I n s i g h t E x p e r i e n c e

Enterprise Workloads on the IBM X6 Portfolio: Driving Business Advantages

Worldwide Security and Vulnerability Management Forecast and 2013 Vendor Shares

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Meeting the Needs of Database Management for SaaS: Oracle Database 12c

ScienceLogic Offers Unified Infrastructure Monitoring and Analytics for Hybrid IT

McAfee Network Security Platform

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

Mobile Device and Application Trends Are Mobile Applications Moving to the Cloud?

IDC ExpertROI SPOTLIGHT

DevOps and the Cost of Downtime: Fortune 1000 Best Practice Metrics Quantified

WHITE PAPER ROI and Market Opportunity of Datacenter Print Environments

WHITE PAPER Determining the Return-on-Investment from Deploying Consolidated Event and Performance Management

DEMONSTRATING THE ROI FOR SIEM

Demonstrating the ROI for SIEM: Tales from the Trenches

Enterprises Adopting Mobile Messaging to Enhance Customer Service and Improve Customer Experience

The ROI of an Integrated Management Solution for the Mobile Enterprise

Data Management: Foundational Technologies for Health Insurance Exchange Success

Solutions Brochure. Security that. Security Connected for Financial Services

IDC MarketScape: Worldwide Hydrocarbon Accounting Software 2013 Vendor Assessment

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

IDC MarketScape: Worldwide Life Science Manufacturing and Supply Chain ITO 2015 Vendor Assessment

WHITE PAPER Assessing the Business Impact of Network Management on Small and Midsize Enterprises

IDC MarketScape Excerpt: Worldwide Life Science R&D Strategic Consulting Services 2014 Vendor Assessment

IDC MarketScape: Worldwide Life Science Sales and Marketing ITO 2015 Vendor Assessment

The Advantages of Converged Infrastructure Management

IBM Security QRadar Vulnerability Manager

Long Term Care Group Deploys Zerto for Data Protection and Recovery for Virtual Environments

Reduce IT Costs by Simplifying and Improving Data Center Operations Management

IDC MarketScape: U.S. Population Health Management 2014 Vendor Assessment

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

PPM Maturity Value Assessment for Your Company

W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

Extreme Networks Security Analytics G2 Vulnerability Manager

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

WHITE PAPER IN THIS WHITE PAPER EXECUTIVE SUMMARY. Sponsored by: Salesforce. August 2015

IDC MarketScape Excerpt: Worldwide HR BPO 2014 Vendor Assessment

Perspective: Cloud Solutions and Deployment for Healthcare Payers in 2014

Virtualization in Healthcare: Less Can Be More

McAfee Security Architectures for the Public Sector

W H I T E P A P E R T h e I m p a c t o f A u t o S u p p o r t: Leveraging Advanced Remote and Automated Support

Advanced Threat Protection with Dell SecureWorks Security Services

IDC MarketScape: Worldwide Digital Enterprise Strategy Consulting Services 2015 Vendor Assessment

McAfee Server Security

Executive Summary Factors Affecting Benefits And Costs Disclosures TEI Framework And Methodology Analysis...

Understanding the Business Value of Migrating to Windows Server 2012

IT as a Service Emerges as a New Management Paradigm in the Software-Defined Datacenter Era

McAfee Network Security Platform Services solutions for Managed Service Providers (MSPs)

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Symantec Messaging Gateway powered by Brightmail

IBM Security IBM Corporation IBM Corporation

Business Value of Microsoft System Center 2012 Configuration Manager

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Vulnerability Management

Total Protection for Compliance: Unified IT Policy Auditing

Assessing the Business Value of Cisco s Desktop and Application Virtualization Solution

"Why Didn't We Do It Sooner?" Deployment of a New BI Solution at The Pain Center of Arizona

Global Headquarters: 5 Speen Street Framingham, MA USA P F

IDC MarketScape: Worldwide Life Science Sales and Marketing BPO 2015 Vendor Assessment

IDC MarketScape Excerpt: Worldwide Life Science R&D ITO 2013 Vendor Assessment

Network Management Services: A Cost-Effective Approach to Complexity

Transcription:

Sponsored by: Intel Security Authors: Elizabeth Corr Pete Lindstrom Matthew Marden February 2015 The Business Value of Network-Based Intrusion Prevention Systems EXECUTIVE SUMMARY Organizations depend on identifying, addressing, and remedying network-based security threats to support their IT users and to keep their businesses available and running. These threats continue to evolve at breakneck speed, but network-based intrusion prevention systems (IPSs) remain at the center of most organizations efforts to handle these threats. Companies count on IPS solutions to help them proactively identify more threats before Business Value Highlights More productive hours per user per year 1.9 Faster response time to network security threats 61% Improvement in IT security staff efficiencies 36% Five-year total business benefits $5.7M Five-year ROI: 463% Payback period: 7.2 months they become security events and move to resolution swiftly and with minimal business interruption. Organizations surveyed for this study use the McAfee Network Security Platform (NSP) as their IPS solution to help guard against sophisticated network-based attacks that can negatively impact their business operations. These Intel Security customers reported achieving significant IT and business benefits by leveraging the capabilities of McAfee NSP and integrating it with Intel Security s broader security architectures to identify more threats and limit their impact. As a result, these Intel Security customers are realizing the following benefits with McAfee NSP:» Identifying more network-based threats proactively» Preventing more threats from becoming security events that impact users and customers» Minimizing the amount of productive employee time lost due to security events» Making their IT security operations more efficient» Instilling greater confidence in security architectures and supporting business agility» Realizing efficiencies by integrating McAfee NSP with other security products Document #253942 2015 IDC. www.idc.com Page 1

In This Whitepaper This study presents IDC s analysis of the business value that seven Intel Security customers are achieving by using the McAfee Network Security Platform. These customers have an average of 11,386 employees and range in size from 200 to 30,000 employees. Although these organizations are mostly based in the United States, several have worldwide operations, with security threats having a diffuse geographical footprint. These organizations come from the energy, healthcare, government, IT outsourcing, technology service provider, real estate, and financial services industries. Table 1 provides an aggregate profile of the organizations interviewed for this white paper. TABLE 1 Demographics of Interviewed Organizations Average number of employees 11,386 Average number of IT staff 300 Average number of users (internal) 7,728 Average number of McAfee NSP devices 10 Average amount of time using McAfee NSP Industries Regions 3.3 years Energy, healthcare, government, IT outsourcing, technology service provider, real estate, and financial services United States, Turkey, and worldwide Situation Overview Amid all of the IT architecture changes occurring within and around enterprises today, there is one underlying constant the network will never go away. Of course, this is by definition a necessary means for communications, whether wired or wireless, within the datacenter or across the public cloud, or local or remote. As networks become more complex, organizations create more paths between resources clients and servers, servers to servers, and ultimately component to component that must be protected from direct and indirect attack. Document #253942 2015 IDC. www.idc.com Page 2

Meanwhile, attackers are getting smarter. Though they must follow the network paths available to them for inbound attacks and outbound compromise activities, they are constantly creating new ways of manipulating technology to avoid and evade the security put in place. They use polymorphic malware, impersonation that is often initiated through phishing, and other forms of obfuscation to accomplish their mission. Defenders must continue to evaluate and develop their security programs based on this information. Because the network provides fixed paths that connect resources, security solutions deployed on the network can gain economies of scale as well as logical separation by protecting many endpoints and/or many server-based resources. The benefits of a network approach are also reflected at the market level as companies look for their highest returns. IDC projects that network security will become the largest market in the security products category by 2018 and that the intrusion detection and prevention submarket will grow from $1.9 billion in 2013 to approximately $2.4 billion by 2018. But spending doesn t happen in a vacuum. As attackers continue to find ways to breach organizations, network security solutions must evolve to address these issues. But spending doesn t happen in a vacuum. As attackers continue to find ways to breach organizations, network security solutions must evolve to address these issues. To do this, they begin to integrate capabilities from adjacent products including advanced threat protection, endpoint security technologies, Web security, security intelligence and event management (SIEM), and antimalware functions. Perhaps even more importantly, today s network security solutions are centralizing management and monitoring functions to better handle all the data that is being created with these new advanced and integrated products. These centralized capabilities are better positioned to turn the data that is being aggregated and correlated into actionable intelligence. In the wake of many large companies experiencing public data breaches, companies are adjusting their security needs. The ability to incorporate multiple products into one product and integrate products leads to a better and broader understanding of the security network, which helps IT departments that may have limited staff, especially because it is difficult to find qualified IT specialists. Products that incorporate and prioritize the data and breaches for IT departments can help allocate IT staff time more effectively. These improvements lead to a more efficient IT department that is more effective at preventing attacks on companies. Mcafee Network Security Platform The McAfee Network Security Platform is a key solution in the network security market. It offers a number of capabilities to meet the needs of both network and security professionals. The number 1 rule of network security is you can t impede legitimate network traffic. This means even as security capabilities are being added, attention must be paid to the need for speeds and Document #253942 2015 IDC. www.idc.com Page 3

feeds on the network along with a focus on maintaining connectivity. This makes performance and high availability crucial to success. McAfee NSP is architected to support up to 40GB of traffic and can be deployed in both activeactive high-availability architectures and active-passive architectures. After organizations ensure a solution is unlikely to disrupt the network, their second area of need involves suitability to the task. That is, a solution must be adept at providing security capabilities by leveraging various techniques to detect and respond to attacks. McAfee NSP leverages signatures, behavioral heuristics, and related techniques to detect attacks. In addition, McAfee NSP leverages its Global Threat Intelligence capability to crowdsource the identification of potential attacks and malicious files across its network of customers. At this stage of security evolution, context is crucial. Successful network security solutions can integrate and share with other components of an architecture sensors on endpoints, aggregators, and other security solutions drive a holistic perspective that speeds up responses and drives program effectiveness. At this stage of security evolution, context is crucial. Successful network security solutions can integrate and share with other components of an architecture sensors on endpoints, aggregators, and other security solutions drive a holistic perspective that speeds up responses and drives program effectiveness. McAfee NSP offers integration with other McAfee components to share security-related information and build up the contextual understanding of an attack, providing more opportunity to separate out false positives and home in on the most important issues. Finally, network intrusion detection and prevention solutions must be manageable via a single console to maintain the necessary contextual continuity with a low total cost of ownership. McAfee NSP provides that important console through its centralized management capability and further in its integration with the epolicy Orchestrator (epo). It also leverages multitenancy capabilities to extend the flexibility in assigning tasks and security activities. The McAfee Network Security Platform is following many of the trends IDC is seeing in intrusion detection and prevention systems products. By incorporating SIEM features, endpoint features, malware detection attributes, and advanced threat protection attributes, this product helps companies see all of their security policies in one view. The product also allows the company to integrate with other Intel Security products, which leads to the same goal of providing a cohesive view of security policies and products as well as their effectiveness. Financial Benefits Analysis IDC asked Intel Security customers qualitative and quantitative questions about their use of McAfee NSP and aggregated data taken from these interviews to determine the product s Document #253942 2015 IDC. www.idc.com Page 4

average financial impact. IDC calculates that these organizations will capture average annual benefits worth $1.61 million over five years, or $20,811 per 100 users of the business applications protected by McAfee NSP. Intel Security customers attributed their ability to capture these financial benefits to a number of characteristics of McAfee NSP, including:» Consolidated nature. Customers benefit from the improved visibility achieved with McAfee NSP as a result of its consolidated nature.» Ability to integrate with security infrastructure. Customers view their ability to integrate McAfee NSP with their existing security architectures, including other McAfee products, as an advantage. McAfee NSP is a great system. It allows you to manage everything from one central console. So all of your updates come in, and they deploy in real time.» Ease of use. Customers praised the ease with which their teams can use McAfee NSP and the efficiencies this enables. As one customer explained, McAfee NSP is a great system. It allows you to manage everything from one central console. So all of your updates come in, and they deploy in real time. The financial benefits Intel Security customers using McAfee NSP are achieving fall into four main areas (see Figure 1):» IT staff productivity gains: Intel Security customers are making their IT security teams more efficient and productive. These teams can do more with McAfee NSP in place without a commensurate increase in staff size, or they save time that can be reallocated to innovation or improving security policies. IDC calculates that these time savings and efficiencies have an average annual value of $332,200 per organization over five years, or $4,298 per 100 users.» IT infrastructure cost reduction: Intel Security customers are creating and maintaining a scalable and secure environment with McAfee NSP while avoiding the costs associated with previous security solutions and certain other costs such as travel. This is saving Intel Security customers an average of $33,100 per organization per year over five years, or $428 per 100 users.» Risk mitigation user productivity benefits: Intel Security customers are identifying and remedying more network-related security threats before they cause user disruption. This has lowered the amount of productive employee time lost as a result of such security threats and events. IDC calculates that reducing productive employee time lost has an average annual value of $644,900 per organization over five years, or $8,346 per 100 users.» Business productivity benefits: Intel Security customers are maintaining a more secure and robust network environment. This carries through to the ability of the organizations to conduct business; they have more confidence in their security architectures and are more willing to take Document #253942 2015 IDC. www.idc.com Page 5

business risks, resulting in more revenue and improved business operations. These benefits are worth an average annual value of $598,100 per organization over five years, or $7,739 per 100 users. FIGURE 1 Average Annual Benefits per 100 Users 25,000 ($ per 100 users) 20,000 15,000 10,000 5,000 0 $4,298 IT staff productivity benefits $428 IT infrastructure cost reduction $8,346 Risk mitigation user productivity benefits $7,739 Business productivity benefits Total average annual benefits per 100 users: $20,811 IT Staff Productivity Benefits With NSP, all of the sensors go into NSP and it talks to the SIEM. So we have one point of collection versus 80. There s time savings with that, and data savings. I d say that, because of that, we re saving the SIEM guys 5 10 hours per week. Intel Security customers reported that they have leveraged McAfee NSP to make their IT security staff more efficient and productive, in addition to better serving their constituents by more quickly identifying and resolving network-related security threats. The IT security staff at these organizations spend less time responding to network-related security incidents and need less time to maintain and monitor their network security environments, enabling these customers to provide better security services at a lower cost while also freeing up IT security staff time to innovate and drive business. IDC calculates that McAfee NSP helps these organizations maintain an IT security team with an average of just over 6 employees compared with almost 10 employees required in companies without McAfee NSP. Intel Security customers referenced several advantages of using McAfee NSP for their IT security staff:» Simplified threat management. One customer summarized how McAfee NSP has simplified its network security efforts as follows: With NSP, all of the sensors go into NSP and it talks to the SIEM. So we have one point of collection versus 80. There s time savings with that, and data savings. I d say that, because of that, we re saving the SIEM guys 5 10 hours per week. Document #253942 2015 IDC. www.idc.com Page 6

» Time saved reviewing incident logs and data. As one customer explained, Because McAfee NSP has dashboards and alerts, I spend less time down in the trenches looking at raw data. So I have more time to look at overall policy and what it all means. Working with McAfee NSP, we can integrate it and connect it with our endpoint protection system. So when you re doing investigations, we can query and pull information together more quickly.» Easy integration with other McAfee security products. As one customer noted, Working with McAfee NSP, we can integrate it and connect it with our endpoint protection system. So when you re doing investigations, we can query and pull information together more quickly. The efficiencies achieved with McAfee NSP enable these organizations to provide superior network security and better support at a lower cost. IDC calculates that the IT security staff at these organizations are on average 36.1% more efficient with McAfee NSP. These efficiencies enable Intel Security customers to lower the cost of providing network security support or achieve better security postures without an increase in staff size while also opening up the possibility of reallocating IT staff time saved to innovating and improving other parts of IT operations (see Figure 2). FIGURE 2 IT Security Staff Costs and Savings 14,000 12,000 Total: $11,976 $1,361 36.1% productivity gain / cost reduction ($ per 100 users per year) 10,000 8,000 6,000 4,000 $1,026 $855 $845 $7,715 $174 Total: $7,715 $7,715 IT security staff team with McAfee NSP IT security staff time savings Incident response time savings 2,000 IT security staff hires avoided IT security audit time savings 0 Without McAfee NSP With McAfee NSP Other IT security staff efficiencies and time savings Document #253942 2015 IDC. www.idc.com Page 7

Risk Mitigation Benefits We get a very complete view of what s going on in our network with McAfee NSP because we can see anything that comes into our network. Intel Security customers interviewed for this study praised McAfee NSP for providing them with the visibility they need to identify more network-related security threats and mitigate their impact. Improved visibility is the foundation for changing how these organizations approach network security threats and minimize the disruption these threats cause for users and operations when they become security events. As one customer explained, We get a very complete view of what s going on in our network with McAfee NSP because we can see anything that comes into our network. Intel Security customers using McAfee NSP have translated better visibility and integration of their network security operations to an improved ability to proactively identify security threats and reduce their threat response times. According to interviewed organizations, they proactively identify 47.7% more network-related threats with McAfee NSP. This means that, on average, they are now identifying almost two-thirds of networkbased threats proactively, which minimizes the number of security issues that cause disruption and lowers the likelihood of significant user-impacting events occurring. Meanwhile, these organizations have reduced their average threat response time from 15 minutes to 6 minutes, a 60.9% reduction, because they have better and more actionable information about threats. The result is that these customers are experiencing fewer user-impacting network-related security incidents and are resolving issues faster. One customer explained how McAfee NSP helps it reduce the impact of these incidents: We can identify threats before they become events with McAfee NSP because we see them come across as an event on there. We can then analyze it, and we can then go along with it, or we can create a policy for it, and we can restrict it at that point. As shown in Table 2 and Figure 3, these Intel Security customers have reduced the number of user-impacting security breaches and malware attacks substantially since deploying McAfee NSP. As a result, customers are losing 62.0% less productive time by incurring fewer security-related events. Document #253942 2015 IDC. www.idc.com Page 8

TABLE 2 Security KPIs Before McAfee After McAfee NSP NSP Benefit Advantage Proactively identifying threats 45.1% 66.6% 21.5 pp 47.7% before they become events Response time to threats (minutes) 14.9 5.8 9.1 60.9% User-impacting security breaches 1,018 562 456 44.8% and malware incidents User-impacting network-related 16.8 7.6 9.2 55.0% downtime incidents Security-related productive time 3.1 1.2 1.9 62.0 lost per user (hours) pp = percentage point Today, with McAfee NSP, we have about 50 malware attacks per month that require manual intervention. Before, all 2,000 malware attacks required manual intervention and were having an impact on users. Users of business applications running on the organizations networks are benefiting from fewer and less impactful disruptions from security events with McAfee NSP. Intel Security customers face relentless attacks that include advanced malware, zero-day threats, denial-ofservice (DoS) attacks, and botnets. McAfee NSP has enabled these customers to substantially reduce the number of user-impacting network security events they experience: 55.0% fewer downtime-causing incidents and 44.8% fewer user-impacting security breaches and malware incidents. As one customer explained, Today, with McAfee NSP, we have about 50 malware attacks per month that require manual intervention. Before, all 2,000 malware attacks required manual intervention and were having an impact on users. The bottom line for Intel Security customers using McAfee NSP is that their users now lose much less time to network-related downtime and performance degradation. Users are losing an average of 1.2 hours of productive time per year because of network-related security issues compared with 3.1 hours before deploying McAfee NSP. It is worth remembering that these are average figures across large user bases at some companies; some users gain back even more productive time. Intel Security customers have become more efficient as they reduce the cost that unproductive time exerts on their operations. In addition, Intel Security customers now finally understand the types of threats facing them. As one customer explained, We catch things with McAfee NSP and are like Gosh, this would have been bad. We see more and can analyze and either proactively address the situation or react in a quicker fashion. Document #253942 2015 IDC. www.idc.com Page 9

FIGURE 3 Cost of Unproductive Time Attributable to Network-Related Security Issues 15,000 Total: $13,123 ($ per 100 users per year) 12,000 9,000 6,000 3,000 0 $4,354 $4,565 $4,204 Before McAfee NSP 62% reduced impact Total: $4,992 $1,502 $1,372 $2,118 After McAfee NSP Security breaches Malware incidents Unplanned downtime Business Productivity Benefits Intel Security customers also reported leveraging improved network security outcomes with McAfee NSP to enhance their broader business positions. Fewer operational disruptions enable availability and continuity of operations providing organizations with the confidence they need to proactively address business opportunities. One customer described the impact of McAfee NSP as follows: I think we definitely have become more agile with NSP. We are more confident that we re protected, so we re able to do things within our network even when there are risks. Now that we know we re protected, and we know that we ve got our backs covered, we ll do more things than we would before. I think we definitely have become more agile with NSP. We are more confident that we re protected, so we re able to do things within our network even when there are risks. Now that we know we re protected, and we know that we ve got our backs covered, we ll do more things than we would before. Meanwhile, improved network performance with McAfee NSP can spur higher user productivity for some organizations as business applications perform better. Interviewed customers told IDC that an average of 15.1% of their users have become more productive with McAfee NSP, with the average impacted user gaining back more than four hours of productive time per year. Most interviewed Intel Security customers also said that improving their network security efforts with McAfee NSP either had enabled or likely had enabled them to capture more revenue. This revenue benefit accrues as these organizations face fewer operations-impacting Document #253942 2015 IDC. www.idc.com Page 10

downtime instances and other network-related outages, which helps them better serve their customers. For customers that depend on the performance of their networks to drive their businesses, minimizing disruptions is critical. As one Intel Security customer explained, We now handle probably one DoS attack manually per month compared with five before McAfee NSP. Our revenue can be impacted by these attacks, up to hundreds of thousands of dollars per attack. IDC assumes an operating margin of 20% on additional revenue to reflect the costs associated with gaining additional revenue. As a result, the $2,100,359 average annual revenue increase achieved by Intel Security customers using McAfee NSP is calculated as a financial benefit by applying a 20% operating margin, which results in a net revenue benefit of $420,072 (see Table 3). TABLE 3 Business Productivity Benefits Average per Organization Average per 100 Users Revenue increases Additional revenue with McAfee NSP $2,100,359 $27,179 Assumed operating margin 20% 20% Additional operating margin with McAfee NSP $420,072 $5,436 Productivity enhancements Users impacted 15.1% 15.1% Productivity increase 0.2% 0.2% User productivity gain $178,012 $2,304 Total business productivity benefits $598,084 $7,740 ROI Analysis IDC uses a discounted cash-flow methodology to calculate the return on investment (ROI) and payback period for the organizations investment in and use of McAfee NSP. ROI is the ratio of the net present value (NPV) and discounted investment. IDC has presented cost benefit and ROI analyses for both three- and five-year use cases for McAfee NSP (see Figure 4 and Table 4). Presenting results from both three- and five-year perspectives reflects the fact that Intel Security customers often view investment in McAfee NSP from a three-year perspective but consider it a five-year investment for purposes of accounting and depreciation. Document #253942 2015 IDC. www.idc.com Page 11

IDC assessed the cost, benefits, and value associated with the use of McAfee NSP by the seven Intel Security customers interviewed for this white paper. IDC calculates that these organizations are initially investing an average of $531,800 ($6,881 per 100 users) in McAfee NSP hardware, installation, consulting, and training. Annual costs for fees and support related to McAfee NSP total an average of $113,800 per organization ($1,472 per 100 users) over three years and $137,900 per organization ($1,784 per 100 users) over five years. IDC projects that in return, these Intel Security customers will achieve annual benefits worth an average of $1.47 million per organization ($19,062 per 100 users) over three years and $1.61 million per organization ($20,811 per 100 users) over five years (see Figure 4). FIGURE 4 Cost Benefit Analysis 100,000 80,000 Investment Benefits Cumulative net benefits $88,248 ($ per 100 users) 60,000 40,000 20,000 $15,738 $20,097 $45,884 $21,350 $22,704 $24,166 0-20,000 -$6,881 -$1,121 -$1,432 -$1,864 -$2,013 -$2,491 Initial Year 1 Year 2 Year 3 Year 4 Year 5 As shown in Table 4, Intel Security customers achieve substantial business value over both three- and five-year time frames. IDC s analysis shows that in terms of investment, the average organization interviewed for this white paper will spend $800,058 to implement and support McAfee NSP over three years ($10,353 per 100 users) and $1.01 million ($13,047 per 100 users) over five years. In return, the average organization will realize $3.50 million in benefits over three years ($45,270 per 100 users) and $5.67 million per organization ($73,411 per 100 users) over five years. Over three years, this results in a three-year net present value of $2.70 million per organization ($34,917 per 100 users) and an average ROI of 337%. This compares with a five-year net present value of $4.66 million per organization ($60,364) and an average Document #253942 2015 IDC. www.idc.com Page 12

five-year ROI of 463%. In either use case, interviewed organizations will have a time to value of just over seven months on average (i.e., the time it takes for them to break even on their investment in McAfee NSP). TABLE 4 ROI Analysis 3-Year Average 3-Year Average 5-Year Average 5-Year Average per Organization per 100 Users per Organization per 100 Users Benefit (discounted) $3.50 million $45,270 $5.67 million $73,411 Investment (discounted) $0.80 million $10,353 $1.01 million $13,047 Net present value (NPV) $2.70 million $34,917 $4.66 million $60,364 Return on investment (ROI) 337% 337% 463% 463% Payback period 7.2 months 7.2 months 7.2 months 7.2 months Discount rate 12% 12% 12% 12% Challenges/Opportunities Security markets can be fickle. Even while demonstrating benefits, product categories and individual solutions experience ups and downs associated with priorities as companies look to fill gaps in their coverage. As part of their strategic security programs, enterprises must evaluate network security as well. It is important for Intel Security to consider how its solution will fit in with the evolving network security architectures. Intel Security must ensure that its capabilities mirror the needs of changing architectures becoming more distributed and virtualized. In addition, integration with other security solutions is a must, including integration with other vendors solutions. As organizations work to optimize their full product portfolio, Intel Security must continue to develop this support in its solution. From an operational perspective, customers and vendors must work together for efficient implementations. While benefits are gained over the long term, there is some complexity associated with installing and configuring solutions as well as tuning their output. Careful consideration should be given to the old maxim garbage in, garbage out as enterprises increase the efficiency of their security programs. Document #253942 2015 IDC. www.idc.com Page 13

Conclusion As their networks grow more complex and connect more resources, organizations must be able to identify, deflect, and resolve as many security attacks as possible even as these attacks become smarter and more sophisticated. Failure to do so can create business interruptions that negatively affect employee productivity and ultimately organizations bottom lines. This IDC study demonstrates that Intel Security customers are achieving substantial business value by identifying more threats and limiting the impact of threats that turn into security events with McAfee NSP. As a result, these Intel Security customers have increased the efficiency of their IT security operations and reduced the amount of productive employee time lost while minimizing the possibility of security events that could harm their revenues or reputations. Appendix Methodology IDC utilized its standard ROI methodology for this project. This methodology is based on gathering data from current users of McAfee NSP as the foundation for the model. Based on these interviews, IDC performs a three-step process to calculate the ROI and payback period:» Measure the savings from reduced IT costs (staff, hardware, software, maintenance, and IT support), increased user productivity, and improved revenue over the term of the deployment.» Ascertain the investment made in deploying the solution and the associated training and support costs.» Project the costs and savings over a three-year period and a five-year period and calculate the ROI and payback for the deployed solution. IDC bases the payback period and ROI calculations on a number of assumptions, which are summarized as follows:» Time values are multiplied by burdened salary (salary + 28% for benefits and overhead) to quantify efficiency and manager productivity savings.» Downtime values are a product of the number of hours of downtime multiplied by the number of users affected.» The impact of unplanned downtime is quantified in terms of impaired end-user productivity and lost revenue. Document #253942 2015 IDC. www.idc.com Page 14

» Lost productivity is a product of downtime multiplied by burdened salary.» Lost revenue is a product of downtime multiplied by the average revenue generated per hour.» The net present value of the three- and five-year savings is calculated by subtracting the amount that would have been realized by investing the original sum in an instrument yielding a 12% return to allow for the missed opportunity cost. This accounts for both the assumed cost of money and the assumed rate of return. Because every hour of downtime does not equate to a lost hour of productivity or revenue generation, IDC attributes only a fraction of the result to savings. As part of our assessment, we asked each company what fraction of downtime hours to use in calculating productivity savings and the reduction in lost revenue. IDC then taxes the revenue at that rate. Further, because IT solutions require a deployment period, the full benefits of the solution are not available during deployment. To capture this reality, IDC prorates the benefits on a monthly basis and then subtracts the deployment time from the first-year savings. Note: All numbers in this document may not be exact due to rounding. IDC Global Headquarters 5 Speen Street Framingham, MA 01701 USA 508.872.8200 Twitter: @IDC idc-insights-community.com www.idc.com Copyright Notice External Publication of IDC Information and Data Any IDC information that is to be used in advertising, press releases, or promotional materials requires prior written approval from the appropriate IDC Vice President or Country Manager. A draft of the proposed document should accompany any such request. IDC reserves the right to deny approval of external usage for any reason. Copyright 2015 IDC. Reproduction without written permission is completely forbidden. About IDC International Data Corporation (IDC) is the premier global provider of market intelligence, advisory services, and events for the information technology, telecommunications and consumer technology markets. IDC helps IT professionals, business executives, and the investment community make fact-based decisions on technology purchases and business strategy. More than 1,100 IDC analysts provide global, regional, and local expertise on technology and industry opportunities and trends in over 110 countries worldwide. For 50 years, IDC has provided strategic insights to help our clients achieve their key business objectives. IDC is a subsidiary of IDG, the world s leading technology media, research, and events company. Document #253942 2015 IDC. www.idc.com Page 15

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information