SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Fortinet customers experience up to 86% greater efficiency
Thu, 3rd Aug 2023

Fortinet has announced the results of an independent analysis by Enterprise Strategy Group (ESG) to quantify the customer benefits of deploying SecOps solutions from Fortinet.

The analysis determined that customers improved detection, containment, investigation, and response while making security teams up to 86% more operationally efficient. Organisations reduced cyber risk, improved productivity, and enabled existing teams to do more in less time.

The benefits of the Fortinet SecOps Fabric

The foundation of the ESG analysis was in-depth interviews with end-users, during which they established the time it took each organisation to handle critical SecOps functions, such as the time to detect, validate, and contain incidents as well as the time to fully investigate and remediate them.

Together with technical documentation, existing case studies, third-party analyses, and industry data, ESG was then able to establish qualitative and quantitative benchmarks around these functions, especially potential risk, time, and cost savings the average organisation should expect.

According to the ESG analysis, organisations that implemented Fortinet SecOps solutions realised significant savings and benefits in three areas:

  • Early detection and prevention (EDP): The time to identify threats was reduced from 168 hours (21 business days), if detected at all, to less than an hour and often only seconds using Fortinet EDP technologies, which include FortiEDR, FortiDeceptor, FortiRecon, FortiSandbox, and FortiNDR that use AI and other advanced behavioural analytics. The time to triage these threats was reduced from eight hours to 10 minutes, and the time to contain them dropped from 4.2 hours to one minute based on Fortinets integrated approach.
  • Central analytics and response automation (CARA): The time to investigate threats dropped from six hours to one minute (or less) using the insight and automation of Fortinet CARA components, which include FortiAnalyzer, FortiSIEM, FortiXDR, FortiSOAR, and managed detection and response services. More importantly, the time to remediate those threats was reduced from 12.5 hours to five to 10 minutes in most cases.
  • Training and preparation: End-user and analyst training from Fortinet reduced risks from phishing attacks and improved incident readiness and response, which resulted in fewer security team hours spent responding to incidents. One customer estimated the number of people that clicked on harmful links dropped by 84%. Additionally, cybersecurity professional education led to faster onboarding and increases in security team productivity, efficiency, and capabilities.

Operational savings from Fortinet technologies

Beyond the accelerated time to detect, contain, investigate, and respond to incidents, ESG modelled the expected operational savings related to security team productivity reported by participants.

Results showed that Fortinet EDP technologies could reduce the average time spent per incident by 86%, avoiding the expenditure of US$993,000 per year to accomplish the same amount of work. And adding Fortinet CARA technologies could result in a 99% time savings, avoiding US$1.14 million in annual operational cost.

In the report, ESG also predicts that Fortinet products can reduce the average time exposed to risk by 97% with EDP and 99% with both EDP and CARA, helping organisations avoid an expected cost of cyberattacks by an average of US$1.3 million.

Combining the improved productivity and costs with the risk avoidance savings leads to a payback period of one to 2.5 months for Fortinet EDP and one to 1.7 months for the combination of EDP and CARA.

Automating security operations

The Fortinet SecOps Fabric applies AI, machine learning, and integration across the expanded digital attack surface with distributed security controls that span network, endpoint, application, and cloud that detect components and activity designed to bypass traditional security and hide among legitimate operations. At the same time, a centralised approach to broader investigation and response speeds an organisations return to safe operation, the analysts state.