How to maximize hard-dollar ROI on security technology investments

Fresh research from PWC has found that CIOs are far less likely to say that the IT function is prepared for reinvention, compared to 2023. The drop is considerable: 20 percentage points in just 12 months indicates a significant loss of confidence that IT is ready to modernize.

But modernization projects are pushing ahead: In the same PWC survey, 81% of CIOs said they prioritized cloud-based architecture as a positive and tangible step forward to improve readiness to handle future challenges. The question that remains is, can this be done with the funding available in 2025?

CIO doubts about preparedness recognize that the “same old way” of doing things simply won’t adapt to the needs of today, let alone tomorrow. Cost is a core concern; IT budgets are expected to increase by around 10%, but inflation will likely leave CIOs with—at best—the same spending power as in previous years. That fact shifts the conversation not just to one of investment but also one of ROI: what are the right investments to make, in which technologies, and how do teams know they’re getting full business value?

The ROI of modern security and networking

In separate research late last year, Forrester Consulting concluded that the benefits of cloud-based, edge services are significant for infrastructure and operations (I&O), networking, and security. Benefits ranged from improved efficacy and efficiency to bottom line cost savings; in short, these architectural changes could indeed support ‘reinvention’—efforts at future-readiness—within budgetary parameters.

Forrester’s researchers looked specifically at Security Service Edge (SSE)—the category that describes the convergence of cloud-native network and data security services—from Netskope. The study was used to assess the business value and benefits of re-architecture, and researchers discovered that the top three hard-dollar-value benefits came from consolidation, improved availability, and more efficient operations.

• Consolidated network security infrastructure generated $5.4M in cost reductions over three years for the average ‘composite’ organization on which researchers based their calculations. That amounted to 10% infrastructure cost savings.  These savings were found through decommissioning legacy data centers, physical equipment, and hardware, including sunsetting legacy DLP tools, SWG technology, firewalls, and related hardware and circuitry. One real-world customer who took part in the data collection reported the elimination of 30 firewalls and consolidation of switching ports from more than 1,800 to fewer than 500. Customers also saved on internal and external labor, equipment management, support, and maintenance.
• Improved network availability, performance, and user productivity drove $2.4M in cost reductions over three years for the researchers’ composite organization. Real-world customers involved in the data collection reported a reduction in the number of hours during which network services were effectively offline, resulting in a 10% increase in uptime for core network services. This enabled customers to mitigate outages and downtime impact and reduce latency.
• Increased network and security operation effectiveness was responsible for $1.5M in cost savings. Operational resources were 30% to 35% more productive, network operations were streamlined (including faster user provisioning), and real-world test customers were able to allocate resources to higher-value data security engineering activities. Customers also reduced engineering labor by more than 75% and decreased the patch SLA from weeks to effectively operate on-demand. SSE automated workflows and reduced the administrative burden for critical security processes (including compliance checking, pushing out patch updates, and investigating false positives). This resulted in labor reductions from fewer standing issues, reduced rework and an 80% reduction in lingering issues for networking and security teams.

The conclusion of the Forrester study was that the composite organization using Netskope One SSE saw a payback period of less than 6 months, with a 109% ROI over 3 years. Researchers also noted an additional reduction in help desk tickets (by 80%) and the mean time to resolve issues dropped by 50%.

Looking back to the PWC research and the concerns expressed by CIOs about their lack of preparedness for organizational reinvention, some of the anecdotal evidence within the Forrester research takes on a new resonance. Reports of accelerated time-to-value for mergers and acquisitions are evident, along with resolutions for inefficient processes, and references to improvements in the organization’s ability to respond to market pressures.

2025 is set to become a year where reinvention and agility will bring significant material advantage. Organizations that have the courage to reimagine legacy approaches will see the best returns. And it seems it is possible to step forward without spending more.

To learn more, visit Netskope’s website.