To quantify the benefits to customers of implementing Fortinet security operations solutions, Enterprise Strategy Group (ESG) conducted an independent analysis that was reported by Fortinet. According to the analysis, customers significantly increased security teams’ operational efficiency by up to 86% while also significantly improving detection, containment, investigation, and response. Organizations improved productivity, decreased cyber risk, and gave existing teams the ability to accomplish more in less time. Additionally, the investment payback period for all of these improvements is as little as one month.
The Fortinet SecOps Fabric’s Quantified Benefits
In-depth interviews with end users served as the basis for the ESG analysis, allowing researchers to determine how long it takes for each organization to handle key security operations tasks like detecting, validating, and containing incidents as well as fully investigating and remediating them. ESG was then able to establish qualitative and quantitative benchmarks around these functions, particularly potential risk, time, and cost savings the average organization should expect, using technical documentation, existing case studies, third-party analyses, and industry data.
The ESG analysis found that businesses that adopted Fortinet Security Operations solutions experienced significant cost savings and advantages in the following three areas:
- EDP stands for early detection and prevention: Using Fortinet EDP technologies, which include FortiEDR, FortiDeceptor, FortiRecon, FortiSandbox, and FortiNDR that use artificial intelligence (AI) and other advanced behavioural analytics, the time to identify threats was reduced from 168 hours (21 business days), if detected at all, to less than an hour and frequently only seconds. Based on Fortinet’s integrated approach, the time to triage these threats was cut from eight hours to 10 minutes, and the time to contain them from 4.2 hours to one minute.
- Central analytics and response automation (CARA): Using the knowledge and automation of Fortinet CARA components, which include FortiAnalyzer, FortiSIEM, FortiXDR, FortiSOAR, and managed detection and response services, the time to investigate threats decreased from 6 hours to 1 minute (or less). More significantly, the time required to eliminate those threats was decreased, typically from 12.5 hours to 5–10 minutes.
- Training and preparation: Less time was spent responding to incidents by the security team as a result of improved incident readiness and response thanks to end-user and analyst training from Fortinet. According to one client, the percentage of users who clicked on harmful links decreased by 84 percent. A faster onboarding process and an improvement in the productivity, efficiency, and capabilities of security teams were also results of cybersecurity professional education.
Savings on operations thanks to Fortinet Technologies
ESG modeled the anticipated operational savings related to the security team productivity reported by participants, in addition to the accelerated time to detect, contain, investigate, and respond to incidents. Results revealed that Fortinet EDP technologies could cut the typical time spent on each incident by 86%, saving $993,000 annually while still accomplishing the same amount of work. Additionally, incorporating Fortinet CARA technologies could save 99% of the time spent on tasks, saving $1.14 million in annual operating expenses.
In the report, ESG also predicts that Fortinet products can reduce the average time exposed to risk by 97% with EDP and 99% with both EDP and CARA, helping organisations avoid the expected cost of cyberattacks by an average of $1.3 million.
Combining the improved productivity and costs with the risk avoidance savings leads to a payback period of 1 to 2.5 months for Fortinet EDP and 1 to 1.7 months for the combination of EDP and CARA.
Automating Security Operations
With distributed security controls that span network, endpoint, application, and cloud that are able to detect components and activity designed to bypass traditional security and blend in with legitimate operations, the Fortinet SecOps Fabric applies artificial intelligence, machine learning, and integration across the expanded digital attack surface. The speed of an organization’s return to safe operation is also accelerated by a centralized approach to wider investigation and response.