CrowdStrike has officially published the results from its Total Economic Impact™ (TEI) study, which was conducted by Forrester Consulting.
Going by the available details, these results reveal that customers, who leveraged the CrowdStrike Falcon® Identity Protection solution, were able to realize a 310% return on investment (ROI). This they were able to do by significantly reducing breach risks and replacing legacy point solutions, with a payback period of under six months.
Before we dig any further into the published results, we must take into account how more than seventy-five of attacks focused on gaining initial access are now malware-free, as attackers exploit identity and cloud like trusted entry points to move laterally across systems. In case this wasn’t bad enough, the larger chunk of solutions available to deal with the problem make for disjointed tools that often create gaps in visibility and protection, addressing only fragments of the identity attack surface.
In response, Falcon Identity Protection brings forth an industry-leading ability to mitigate identity-based attacks across the entire surface, something the technology achieves through unified visibility and protection across identities, cloud and endpoints. In fact, Forrester revealed that “none said their organization has experienced a breach since acquiring Falcon Identity Protection.”
“Sophisticated adversaries are logging on with compromised credentials instead of breaking in – leveraging identity as a foothold to move laterally and remain undetected,” said Raj Rajamani, head of products at CrowdStrike. “While robust identity protection is essential to modern cybersecurity, identity protection alone is not enough. For us, Forrester’s study validates what customers tell us every day: The power of Falcon Identity Protection and additional best-in-class modules lie in the power of the platform, delivering unified visibility and protection across every attack path.”
Talk about the given study on a slightly deeper level, we begin from how customers have achieved significant ROI with CrowdStrike’s Advanced Identity Security. You see, the company would go on to provide benefits of $1.26 million over three years by stopping identity-based attacks with advanced capabilities like misconfiguration detection, over-privileged account analysis, and lateral attack path prevention. Furthermore, the customers reported lower cyber insurance premiums due to robust identity controls, such as extending MFA coverage across all environments.
Next up, we must dig into how CrowdStrike was able to cut down on operational costs with, like we briefly touched on, a more unified brand of protection. This translates to how SOC teams can consolidate cybersecurity through Falcon Identity Protection to unify identity, cloud, and endpoint security on the Falcon platform. The stated facility alone has generated $167,000 cost savings over three years, thanks to the elimination of legacy point tools and a reduction in labor costs.
Then, the report moved on to CrowdStrike’s real-time detection and response capabilities. Here, the company has markedly beaten all its competitors by being the first to detect simulated attacks during penetration tests.
Another detail worth a mention is rooted in the prospect of enhanced SOC efficiency. You see, the given study found incident volume to decline significantly after deploying CrowdStrike Falcon® cybersecurity platform. This decline would be of more than 90% in some cases.
As for how the platform achieves that, the answer resides in its tendency to take proactive measures, as well as cut down on false positives. In essence, Falcon Identity Protection makes it possible for SOC teams to focus on strategic tasks, while simultaneously helping them clock faster incident resolution, reduced overtime hours, and improved work-life balance so to drive better retention and operational stability.
“We run an organization that’s highly distributed. We have over 1,000 locations around the globe, both franchises and managed. [Falcon Identity Protection] protects all of it.” – Director of Cyber Security Risk and Compliance at a Hospitality company.