Unpacking the 278% ROI of Email Security: Forrester Shows Total Economic Impact™ of Abnormal

There is little denying that the macroeconomic environment has changed over the last six months, and security leaders are feeling the pressure to make smarter investments that provide tangible business value. Any new solution needs to prove that it can save the business money and time—with a fast and simple deployment that displaces other technologies.

To help security leaders build the most impactful business case for email security investments in 2023, Abnormal commissioned Forrester Consulting to research the cost savings and ROI companies can achieve from implementing Abnormal. The Total Economic Impact of Abnormal tells the stories of four large, global organizations that deployed Abnormal to secure their number one attack vector: email.

Forrester first interviewed real Abnormal customers to understand the value they received from implementing the cloud email security platform. The subsequent study summarizes those real customer accounts into a composite organization and financial model to show the financial benefits any organization can expect to realize from deploying Abnormal. The end result is a truly global perspective on the business value of email security; the four organizations interviewed to produce the study hail from three different countries across three different regions: the United States, United Kingdom, and Australia.

The study results prove that the average 10,000-employee organization that deploys Abnormal achieves a total return on investment (ROI) of 278% in three years, with a payback period of less than six months. During that period, the average organization displaces a legacy secure email gateway (SEG) solution, prevents $4 million dollars in losses due to business email compromise, and reduces SOC analyst hours spent on email security tasks by 95%.

Here are four ROI wins that the average organization can expect to see in 2023 as a result of deploying Abnormal Security, based on real-world accounts shared by Abnormal customers in the Forrester study.

“We effectively rolled right from POC into production. It was immensely easy for us because we didn’t have to change DNS records.” - Cybersecurity Manager, Manufacturing

Abnormal Security is shown to pay for itself—in terms of financial benefits realized—in less than 6 months. The key to fast time to value for Abnormal customers is speedy implementation enabled by Abnormal’s API-based approach to integration with cloud email solutions like Microsoft 365 and Google Workspace, which requires no changes to DNS records.

The composite organization evaluates Abnormal by integrating the solution to conduct a backward-looking, read-only analysis of a subset of mailboxes to identify email attacks that were getting through legacy solutions, then rolls directly into production post-purchase.

“I didn’t see the value that a SEG would provide on top of [our enterprise email] and Abnormal Security. We haven’t noticed any loss by not having a SEG, we just noticed gain. So I basically redeployed the budget I used to spend on the SEG to Abnormal Security.” - Global Technology Services Director, Commodities

Many CFOs are requiring that all new technology purchases supplant or replace an existing solution. Detection misses by SEG solutions and operational inefficiencies are often the key drivers that send security leaders searching for AI-based email security solutions like Abnormal.

According to the same Global Technology Services Director quoted above, with the SEG in place, “we spent a lot of time and effort updating rules trying to keep ahead of the bad guys.” But this is not the case with Abnormal.

Over time, the composite organization discovered that they could deploy native protections from their cloud email provider in combination with Abnormal Security to effectively displace their SEG, eliminating tens of thousands of dollars spent on hardware, software, and maintenance costs—without an adverse impact on detection efficacy.

“We benefited from VendorBase™, their capability for claims, fraud, and invoice fraud. After it’s passed through the other tools, Abnormal Security is finding an additional 6,000 to 8,000 emails that aren’t legitimate business emails, which it removes from a user’s mailbox.” - Manager of Corporate Email, Insurance

Attackers regularly compromise vendor accounts or spoof trusted identities and target unsuspecting employees with fake invoices or payment requests. Unlike standard email scams, these attacks are highly-targeted and take a great deal of research and personalization to persuade a victim to wire funds or change banking details.

Abnormal’s VendorBase™ capability helps prevent invoice fraud by building behavioral profiles of vendors based on past email communications and other risk signals. It then recognizes when vendor behavior deviates from the norm and blocks all suspicious emails from the sender.

The composite organization of 10,000 employees saved $1.8 million in prevented fraud losses by taking an AI-based approach to blocking fraudulent invoice emails and saved another $300,000 from reducing internal investigation and response efforts that typically follow these breaches.

“Account takeovers have been completely remediated with Abnormal Security.” - Chief Information Officer, FinTech

After implementing Abnormal, the composite company was able to remove nearly 100% of sophisticated inbound email attacks from employee inboxes, saving the organization over $4 million in data breach costs over four years.

Abnormal customers reported a high level of confidence that Abnormal’s AI-based approach to protection was stopping the full spectrum of email attacks in their environment, from account takeovers to executive impersonation, to financially-motivated business email compromise and vendor email compromise attacks.

According to the Manager of Corporate Email at an insurance company with 90,000 protected mailboxes, “There hasn’t been an incident in over five years. That’s quite an effective fence of protection in our environment.”

As the economy shifts and budgets tighten, it’s more important than ever to showcase the value of the security tools you use to protect your organization.

Download the Forrester TEI Study to learn more, or request a free Risk Assessment to see which attacks are already sitting in your inboxes.