Forrester Total Economic Impact™ Study Shows 316% ROI for CrowdStrike Falcon®

Payback Period of Under Three Months

“CrowdStrike delivers superior exploit and behavioral detection capabilities, and its OverWatch service provides proactive threat hunting to uncover the most stealthy, sophisticated threats”

 

The verdict is in. Forrester Consulting has done the math and determined that CrowdStrike Falcon® can deliver more than 300% ROI, with potential for payback in less than three months. This is, in our opinion, a fantastic validation of CrowdStrike’s single lightweight agent and cloud-native platform, protecting all types of workloads with a simple cloud-native architecture. It’s easy to look at endpoint protection as a costly but necessary burden. However, there is immense value in preventing breaches and doing it in a way that minimizes deployment efforts, infrastructure, support and other costs. But this value can be difficult to quantify and few organizations go through the exercise. Forrester developed it’s Total Economic Impact (TEI) methodology to solve this problem. TEI is designed to enhance a company’s technology decision-making processes, and assist the consulting firm’s clients to achieve a better understanding of the value delivered by the solutions they’re considering. To quantify the benefits, costs and risks associated with investing in an Endpoint Protection Platform (EPP), CrowdStrike® commissioned Forrester to interview customers that have several years of experience using the Falcon platform. Forrester’s detailed analysis in the CrowdStrike TEI study examines the potential return on investment (ROI) enterprises can realize by deploying Falcon. The study provides organizations of all types with a framework to evaluate the potential financial impact of the Falcon platform on their organizations.

Key Findings: CrowdStrike Delivers Unmatched Value

For the TEI analysis, Forrester developed a composite organization based on data gathered from customer interviews, to reflect the total economic impact that investing in Falcon could have on an organization. Forrester’s TEI model highlighted Falcon’s ability to increase endpoint visibility and improve speed-to-response in dealing with threats. The report also examines the benefits of consolidating endpoint security capabilities to minimize complexity, and outlines how an automated suite such as Falcon enables organizations to reduce the cybersecurity team’s support activities by more than 90%. Forrester’s interviews with customers found that by using CrowdStrike Falcon®, a composite organization can expect to see these

 

topline results:
  • An ROI of 316%
  • Total savings of $6.7M
  • Payback period of <3 months
The chart below shows a breakdown of the $6.7M in savings customers can realize:

pie chart with different colors showing cost savings

Visibility and Speed: A Powerful Combination

The Forrester study showed that organizations today struggle with achieving visibility into threats, and the speed required to respond to them effectively. The speed with which an organization can identify, understand and act against a cyberattack has become increasingly critical. One big reason for this is the acceleration of what CrowdStrike calls “breakout time,” the time it takes an adversary to jump from an initially compromised machine and begin moving laterally through the network.

 

To provide guidance regarding breakout time, CrowdStrike developed the 1-10-60 Rule, which advises companies to measure their response times and strive to detect threats in 1 minute, analyze them in 10 minutes, and remediate them in 60 minutes. We believe that an organization’s ability to adhere to this rule can spell the difference between stopping a breach and experiencing catastrophic data loss. Forrester found several ways in which CrowdStrike customers gain better visibility and respond to incidents faster to stay ahead of adversaries and stop a potential breach from occurring.

 

Evidence can be found in the quotes derived from the TEI interviews: “Last month’s metric was an average of 12 minutes to remediate, when with the prior solution it could be days, since we had to do it manually.” “To be honest with you, I’d been in retail all my 20-plus-year career, and when we lit up CrowdStrike, I was shocked seeing some of the stuff we saw and by how much we were missing just using traditional AV products.” “I often say to people that moving to CrowdStrike was kind of like going from Bruce Banner to the Incredible Hulk overnight. It was a very simple, quick transition, and the visibility was just Herculean in terms of how much visibility we got into our environment.” “We got a lot of visibility with CrowdStrike that our prior solution was completely blind to.”

Closing the Loop with Falcon Complete

As part of the financial analysis, Forrester gathered additional insight on the incremental benefits received from deploying Falcon CompleteTM, CrowdStrike’s fully managed endpoint protection service. Falcon Complete combines the effectiveness of the Falcon platform with the efficacy of a dedicated team of seasoned security professionals. Forrester’s research shows the utilization of managed security services is on the rise, in part due to the scarcity of skilled IT security hires. In fact, a recent survey found that 71% of endpoint security decision-makers said that using a managed security service will be a high or critical priority for their firm over the next 12 months. The TEI analysis found that the adoption of Falcon Complete had several positive impacts, including:
  • Reducing complexity of security operations: Forrester found that Falcon Complete handled all aspects of endpoint security, from deployment, configuration, maintenance and monitoring, to alert handling, incident response and remediation.
  • Enabling faster remediation: Forrester found a significant improvement in remediation time with Falcon Complete. They gave an example of a customer indicating a difference of

     

    just minutes

     

    to remediate with Falcon Complete, compared to days with their prior solution.
  • Reducing risks associated with a breach: Forrester found that organizations recognize the value of the Falcon Complete $1 million warranty for breach response expenses, and believe that it contributes to a reduction in their cyber insurance premiums.
  • Freeing up IT security resources: Forrester found that security teams were able to free up resources and focus on other value-added activities to reduce risk in the organization.

CrowdStrike: A Leader in Endpoint Security

We realize that it’s difficult for organizations to understand the true financial impact of cybersecurity investments. The TEI framework developed by Forrester can help IT decision-makers identify the cost benefit, flexibility and risk factors that should be considered when investing in solutions such as CrowdStrike Falcon®. In addition to the TEI study, Forrester recently named CrowdStrike a “leader” in the Forrester Wave™: Endpoint Security Suites, Q3 2019.

 

CrowdStrike secured the highest possible score in seventeen criteria, and earned the top score overall in the strategy category.

 

CrowdStrike is the only vendor to be named a Leader in both the 2019 Wave report for endpoint security suites and the Forrester WaveTM Endpoint Detection and Response, Q3 2018.

Additional Resources

Breaches Stop Here