SaaS applications are a favorite of the software world. They enable you to work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software yourself. At the same time, the same features that make SaaS apps so popular – anywhere access and collaboration – can also be exploited by threat actors.
Recently, Adaptive Shield commissioned a Total Economic Impact™ (TEI) study conducted by Forrester Consulting. The study demonstrates the significant ROI achieved by a media company with annual revenues of $10 billion. While the quantitative ROI is significant at 201%, the qualitative improvements in security ROI were substantial.
Figure 1: Summary of the TEI study |
In this article we will review the study findings on the impact of Adaptive Shield’s SaaS Security Posture Management (SSPM) platform on this global company.
Learn how a $10 billion media company dramatically improved its security posture with SSPM
Your organization’s top SaaS challenges
In interviews with Forrester Consulting, the studied organization highlighted several key challenges it would face in its SaaS stack through 2022.
- The organization recognized that they did not have the knowledge and skills needed to handle the requests. They didn’t understand many of the unique configurations or the impact they had on security or compliance, which left them unaware of the risks or mitigation measures that needed to be implemented.
- The organization has seen an increase in SaaS adoption across IT, HR, sales, marketing and other departments. They recognized that sensitive assets and valuable data were moving into SaaS applications and being distributed in such a way that the security team could no longer oversee all its comings and goings. Additionally, they needed to foster collaboration between app owners, who control applications, and the security teams who are tasked with protecting them.
- They were also dealing with increasing complexity caused by their mergers and acquisitions (M&A) activity. Each merger and acquisition increased the number of applications to manage, many of which were geographically distributed tenants that could not be easily combined with the app’s existing tenants.
The organization began looking for a solution that could alleviate the SaaS configuration errors they were dealing with on a large scale. They needed a platform that integrated with multiple enterprise applications, mitigated communication issues between app owners and security teams, and helped them maintain regulatory compliance across their SaaS stack.
They were impressed with the Adaptive Shield platform which not only demonstrated the broadest coverage of supported applications but also encountered configuration issues during the proof of concept phase. In 2022, Adaptive Shield was selected and implemented to protect the organization’s stack.
Security Benefits Adaptive Shield introduced to your organization
Forrester Consulting found that Adaptive Shield allowed the security team to “gain complete control and greater visibility into the security posture of all business-critical applications.”
Increased SaaS security posture
The security team had previously addressed six security issues resulting from misconfigurations and a low security posture. However, the organization saw improvements in posture starting from the POC. They “realized a substantial improvement in their security score through visibility, troubleshooting guidelines, and continuous monitoring” while seeing a 30% increase in their security rating.
Improved collaboration
Forrester Consulting also found evidence of increased collaboration between security teams and app owners. They noted that entrepreneurs are key players in application security, as they hold “the key to the kingdom,” but lack the security expertise needed to protect their ecosystem. The implementation of Adaptive Shield has helped bridge this gap and foster collaboration between app owners and security teams.
Many other safety benefits
While some security benefits were quantifiable by the Forrester Consulting team, they couldn’t put a dollar value on everything that was offered by Adaptive Shield. For example, Forrester Consulting found that automated processes within the Adaptive Shield platform allow security teams to focus on managing security rather than conducting interviews with app owners about their configurations. It also helped the organization overcome challenges introduced by the democratization of SaaS security. It helped the organization achieve continuous compliance, avoiding any disruption to business operations and staying ahead of any SaaS security trends.
Find out how an SSPM can deliver significant ROI and security benefits
Because the economic benefits indicate an ROI of 201%.
The Total Economic Impact™ study measured the return on investment experienced by the surveyed organization. To quantify these results, Forrester Consulting first calculated the value of an improved SaaS security strategy. They took into account the number of breaches that occurred before Adaptive Shield was implemented and predicted the number of breaches over three years. Their calculations included decreased productivity, impacts on business users and security, and salary data. Their three-year present value estimate of an improved SaaS security posture was $1.49 million.
Figure 2: ROI breakdown by category |
Next, Forrester Consulting examined the operational efficiencies achieved through Adaptive Shield’s SSPM platform. They took into account the number of applications monitored, hourly pay, and the cost of protecting SaaS applications with and without an automated solution. Their estimated present value of three-year savings was $397,000.
Forrester Consulting then turned its attention to compliance. They calculated efficiency gains based on the time it took organizations to review their applications and ensure compliance with different standards. Their three-year current value was worth $260,000.
At today’s value, better collaboration between security teams and enterprise app owners saved another 32,000 over three years. While the study noted other areas of ROI, it was unable to quantify them.
Total benefits over three years (at present value) are $2.18 million. Total licensing and implementation costs over these three years, at present value, were $723,866. Payback was achieved in less than six months and ROI over three years was 201%.
A push towards SaaS security
Today, organizations are increasing the volume and value of data stored in the cloud. Modern SaaS apps contain highly sensitive data, including personal information, intellectual property, and confidential third-party information. Protecting this data is critical, and the only realistic way to protect it is through a SaaS Security Posture Management (SSPM) tool.
Organizations understand the need to secure their SaaS stack. At the same time, they must justify the cost of adding new security tools. By demonstrating significant and measurable ROI, organizations can finally justify implementing an SSPM solution.
For the full TEI study, click here.
Note: This article was expertly written by Maor Bin, CEO and co-founder of Adaptive Shield.