Email Security Blog

Forrester: Agari Phishing Defense™ Works a 97% ROI Over Three Years

Michael Paiko June 22, 2020 BEC, Business Email Compromise

A new Total Economic Impact (TEI) Study from Forrester finds that Agari Phishing Defense™ (APD) delivered results 36% faster than competing solutions, and results in a 97% ROI in just three years.

But it turns out that’s just the warm-up act.

TEI reports are designed to help organizations accurately evaluate potential IT initiatives. In this instance, we commissioned the study so Forrester analysts could independently identify the costs, benefits, flexibility, and risk factors organizations should weigh when considering Agari for protection against inbound advanced email attacks.

In the course of its research, Forrester interviewed the chief information officer (CISO) of financial services at an international commercial bank that implemented our solution to block phishing attacks across 1,000 email accounts.

Prior solutions the bank had deployed let too many malicious emails slip into inboxes undetected. And a lack of integration between solutions meant higher implementation and management costs. Before looking at Agari, the bank needed two full time employees (FTEs) to manually investigate possible threats—and faced the prospect of needing a third.

As the Forrester findings bare out, choosing Agari made for eye-popping results.

Agari Economics: Phishing Protection Made Better, Faster, Stronger

According to analysis from Forrester, Agari was able to deliver results 36% faster than any of the other solutions the bank had under consideration.

These other solutions would have also taken nearly a year to implement, required a larger deployment team, and cost 2.4X more than Agari. These factors alone saved the bank $519,545 in internal and external resources.

Of course, the bank also got better email security—dramatically reducing the risk of data breaches, ransomware attacks, wire fraud and other email threats. Security analysts were able to spend less time on email security and more time on higher-value activities. And the organization also avoided hiring that third FTE, representing a $270,297 savings over three years.

Without Agari, the organization would also have needed to roll out a full-scale threat intelligence program to integrate and analyze threat data from multiple sources. But since APD streamlines and automates these functions, the bank was able to dodge solution costs and ongoing maintenance fees totaling $230,781 over the life of the study.

In all, Forrester’s financial analysis found that APD paid for itself in less than six months. And over the three-year study period, the bank realized $502,000 in savings—a 97% ROI.

But it’s what Forrester didn’t factor into its calculations that may make the biggest impact of all.

How Big Savings Get Even Bigger

According to Forrester analyst Johnathan Lipsitz, the data included in the TEI study deals primarily with total cost of ownership and savings that stems from the organization not having to add that additional FTE.

In truth, it’s the potentially-catastrophic financial losses Agari prevents that can matter even more to organizations facing a never-ending barrage of phishing attacks. But because losses from successful email attacks can vary so much from one organization to the next, Lipsitz said that they could not be reasonably related back to the organization featured in the study.

To get a sense of what kind of impact he’s talking about, just look at data coming from any number of other studies. Every month, advanced email attacks like Business Email Compromise (BEC) drive more than $700 million in direct business losses worldwide—$8.6 billion in just the last year—according to the FBI. In 2019, that added up to $1.7 billion in losses for US businesses alone.

When email attacks lead to a data breach, the costs only escalate from there. Today, the average business faces a 14.8% chance of falling prey to this kind of breach within the next 12 months, with average costs roughly $4.5 million per incident, according to Ponemon Institute.

“For any single breach, the cost to the organization in terms of lost business and remediation is $658,000,” says Lipsitz in an on-demand webinar about the study, “One of those a year is more than the total cost of ownership and efficiency piece that were included in this analysis—so obviously take this into consideration.”

An Unfair Advantage

When you consider that the attacks leading to the biggest losses don’t involve malware or malicious links (that are easily detected by most email security controls) the value of our identity-based defenses becomes even more clear.

Not only does Agari block the vast majority of advanced email attacks from ever reaching their targets, but our continuous detection and response technology sniff out latent threats that do manage to evade early detection, and instantly removes them from all employee inboxes automatically. And it’s all informed by real-time threat intelligence drawn from more than 2 trillion emails per year along with an intelligence sharing network comprised of top security operations center teams from organizations around the world.

So while it certainly won’t be surprising to hear me say this, I believe it to be true: Given the jaw-dropping financial risks posed by phishing, BEC and other advanced email threats, Agari Phishing Defense offers the kind of economic impact any business would love.

To learn more, download the Total Economic Impact of Agari Phishing Defense from Forrester.

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

August 5, 2020 Michael Paiko

Phishing & BEC Scams Soar 3000%: Agari H2 2020 Email Fraud and Identity Deception Trends Report

Coronavirus-related phishing attacks and business email compromise (BEC) scams skyrocketed 3,000% from mid-March through early…

Agari Blog Image

July 17, 2020 Patrick Peterson

Business Email Compromise: New Shift in BEC Threat Landscape Puts CISOs on Notice

A seismic shift in the email threat landscape has CISOs bracing for sophisticated new forms…

Agari Blog Image

July 7, 2020 Crane Hassold

Cosmic Lynx: A Russian Threat Hits the BEC Scene

“At some point, Russian and Eastern European cybercriminals are going to start thinking to themselves,…

Agari Blog Image

June 30, 2020 Michael Paiko

Agari Summer '20 Release: CISOs Gain Unique Threat Intel to Their Organizations

With business email compromise (BEC) scams up sharply amid the coronavirus pandemic, CISOs have been…

Agari Blog Image

May 29, 2020 Ronnie Tokazowski

Business Email Compromise (BEC): W2 Scams Make an Unexpected Comeback in 2020

After barely registering a pulse last year, W2-based business email compromise (BEC) scams are back…

mobile image