43% of enterprises say their AI and Machine Learning (ML) initiatives matter “more than we thought,” with one in four saying AI and ML should have been their top priority sooner.
50% of enterprises plan to spend more on AI and ML this year, with 20% saying they will be significantly increasing their budgets.
56% of all enterprises rank governance, security and auditability issues as their highest-priority concerns today.
In just over a third of enterprises surveyed (38%), data scientists spend more than 50% of their time on model deployment.
Enterprises accelerated their adoption of AI and machine learning in 2020, concentrating on those initiatives that deliver revenue growth and cost reduction. Consistent with many other surveys of enterprises’ AI and machine learning accelerating projects last year, Algorithmia’s third annual survey, 2021 Enterprise Trends in Machine Learning finds enterprises expanding into a wider range of applications starting with process automation and customer experience. Based on interviews with 403 business leaders and practitioners who have insights into their company’s machine learning efforts, the study represents a random sampling of industries across a spectrum of machine learning maturity levels. Algorithmia chose to limit the survey to only those from enterprises with $100M or more in revenue. Please see page 34 of the study for additional details regarding the methodology.
Key insights from the research include the following:
76% of enterprises prioritize AI and machine learning (ML) over other IT initiatives in 2021. Six in ten (64%) say AI and ML initiatives’ priorities have increased relative to other IT priorities in the last twelve months. Algorithmia’s survey from last summer found that enterprises began doubling down on AI & ML spending last year. The pandemic created a new sense of urgency regarding getting AI and ML projects completed, a key point made by CIOs across the financial services and tech sectors last year during interviews for comparable research studies.
83% of enterprises have increased their budgets for AI and machine learning year-over-year from 2019 to 2020. 20% of enterprises increased their budget by over 50% between 2019 and 2020. According to MMC Ventures’ The State of AI Divergence Study, one in ten enterprises now uses ten or more AI applications with chatbots, process optimization and fraud analysis leading all categories. A recent Salesforce Research report, Enterprise Technology Trends, found that 83% of IT leaders say AI & ML is transforming customer engagement and 69% say it is transforming their business. The following compares year-over-year AI and ML budget changes between FY 2018 – 2019 and FY 2019 – 20.
Improving customer experiences to drive greater revenue growth and automating processes to reduce costs are the two most popular use cases or application areas for AI and ML in enterprises today. It’s noteworthy that seven of the top 20 use cases are customer-centric, nearly half of all use cases tracked in Algorithmia’s survey. 46% of enterprises are using AI & ML to combat fraud, which will most likely grow given the growth and severity of breaches, including the SolarWinds cyberattack. Capgemini’s recent study of AI adoption in cybersecurity found network, data and endpoint security are the three leading use cases of AI in cybersecurity today, with each predicted to get more funding in 2021, according to CISOs interviewed for the report.
AI and ML business cases that provide greater customer revenue growth, reduced costs and greater financial visibility have the highest priority of being funded inside any enterprise today. The combination of improving customer experiences, automating processes (to reduce costs) and generating financial insights (for greater financial visibility) is the ideal combination for getting a proof of concept started for an AI or ML project. The proliferation of AI and ML use cases shown in the graphic below is attributable to how each contributes to enterprises achieving a tangible, positive ROI by combining them to solve specific business problems.
Bottom Line: Endpoint security business cases do much more than just quantify costs and benefits; they uncover gaps in endpoint and cyber protection that need urgent attention to avert a breach.
Bad actors and hackers prefer to attack threat surfaces that are isolated, vulnerable with out-of-date security patches, yet integrated into a corporate network to provide access. For these reasons and more, endpoints are now the popular choice for hacking attempts. Ponemon Institute’s Third Annual Study on the State of Endpoint Security Risk published in January of this year found that 68% of organizations were victims of successful endpoint attacks in 2019 that compromised data assets and IT infrastructure. Since 2017, successful endpoint attacks have spiked by 26 percent. The Ponemon study also found that it takes the typical organization 97 days to test and deploy patches to each endpoint. When the average endpoint is three months behind on updates, it’s understandable why breaches are increasing. In 2019 the average endpoint breach inflicted $8.94M in losses. The following graphic compares the escalating number of breaches and economic losses for the last three years:
Exploring Endpoint Security’s Many Benefits
Think of building a business case for endpoint security as the checkup every company needs to examine and identify and every threat surface that can be improved. Just as all efforts to preserve every person’s health is priceless today, organizations can’t let their guard down when it comes to keeping endpoint security strong.
The economic fallout of COVID-19 is hitting IT budgets hard. That’s why now is the time to build a business case for endpoint security. CIOs and CISOs have to make budget cuts due to revenue shortfalls. One area no one wants to compromise on, however, is allowing endpoint agents to degrade over time. Absolute Software’s Endpoint Security Trends Report found that the more complex and layered the endpoint protection, the greater the risk of a breach. Overloading every endpoint with multiple agents is counterproductive and leaves endpoints less secure than if fewer agents were installed. Additionally, Absolute just launched a Remote Work and Distance Learning Insights Center, providing insights into the impact of COVID-19 on IT and security controls. An example of the dashboard shown below:
Business Case Benefits Need To Apply To IT and Operations
Absolute and Ponemon’s studies suggest that autonomous endpoints are the future of endpoint security. Activating security at the endpoint and having an undeletable tether to every device solves many of the challenges every business’s IT and Operations teams face. And with the urgency to make IT and Operations as virtual as possible with budgets impacted by COVID-19’s economic fallout, team leaders in each area are focusing on the following shared challenges. COVID-19’s quarantine requirements make hybrid workforces instantly appear and make the budgets needed to support them vanish at the same time. The following are the shared benefits for IT and Operations that need to anchor any endpoint security business case:
The most urgent need is for greater IT Help Desk efficiency. While this is primarily an IT metric, the lack of real-time availability of resources is slowing down remote Operations teams from getting their work done.
Both IT and Operations share asset utilization, loss reduction, and lifecycle optimization ownership in many organizations today. Having a persistent, undeletable tether to every device at the hardware level is proving to be an effective approach IT, and Operations teams are relying on to track and improve these metrics. The Absolute and Ponemon studies suggest that the more resilient the endpoint, the better the asset efficiency and lifecycle optimization. Autonomous endpoints can self-heal and regenerate themselves, further improving shared metric performance for IT and Operations.
The more autonomous endpoints an organization has, the quicker Operations and IT can work together to pivot into new business models that require virtual operations. Education, Healthcare, Financial Services, Government, and Professional Services are all moving to hybrid remote workplaces and virtual operations as fast as they can. Using the business case for endpoint security as a roadmap to see where threat surfaces need to be improved for new growth is key.
Endpoint Security Benefits
The following are the benefits that need to be included in creating a business case for endpoint security:
Reduce and eventually eliminate IT Help Desk backlogs by keeping endpoints up-to-date. Reducing the call volume on IT Help Desks can potentially save over $45K a year, assuming a typical call takes 10 minutes and the cumulative time savings in 1,260 hours saved by the IT help desk annually.
Reduce Security Operations staff interruptions and emergency security projects that require IT’s time to run analytics reports and analyses. Solving complex endpoint security problems burns thousands of dollars and hours over a year between Security, IT, and Operations. Having a persistent, unbreakable connection to every endpoint provides the device visibility teams need to troubleshoot problems. Assuming the 2,520 hours IT Security teams alone spend on emergency endpoint security problems could be reduced, organizations could save approximately $130K a year.
Autonomous endpoints with an undeletable tether improve compliance, control, and visibility and is a must-have in the new hybrid remote workplace. For endpoint security to scale across every threat surface, having an undeletable tether to every device is a must-have for scalable remote work and hybrid remote work programs in the enterprise. They also contribute to lowering compliance costs and improve every aspect of asset management from keeping applications current to ensuring autonomous endpoints can continue to self-heal.
Reducing IT asset loss, knowing asset utilization, and system-level software installed by every device can save a typical organization over $300K a year. Autonomous endpoints that can heal themselves and provide a constant hardware connection deliver the data in real-time to have accurate IT asset management and security data teams need to keep software configurations up to date. It’s invaluable for IT teams to have this level of data, as it averts having endpoint patches conflict with one another and leave an endpoint vulnerable to breach.
Accurate asset lifecycle planning based on solid data from every device becomes possible. Having autonomous endpoints based on a hardware connection delivers the data needed to increase the accuracy of asset life cycle planning and resource allocation, giving IT and Operations the visibility they need to the device level. IT and Operations teams look to see how they can extend the lifecycle of every device in the field. Cost savings vary by the number of devices in the field and their specific software configurations. The time savings alone is approximately $140K per year in a mid-size financial services firm.
The more autonomous and connected an endpoint is, the more automated audit and compliance reporting can become. A key part of staying in compliance is automating the audit process to save valuable time. The Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and the Payment Card Industry Data Security Standard (PCI DSS) all require ongoing audits. The time and cost savings of automating audits by organizations vary significantly. It’s a reasonable assumption to budget at least a $67K savings per year in audit preparation costs alone.
Evaluating Endpoint Security Costs
The following are the endpoint security costs that need to be included in the business case:
Annual, often multi-year endpoint security licensing costs. Endpoint security providers vary significantly in their pricing models, costs, and fees. Autonomous endpoint security platforms can range in licensing costs from $750K to over $1,2M, depending on the size of the organization and the number of devices.
Change management, implementation, and integration costs increase with the complexity of IT security, Operations, and IT Service Management (ITSM) integration. Expect to see an average price of between $40K to over $100K to integrate endpoint security platforms with existing ITSM and security information and event management (SIEM) systems.
Creating A Compelling Business Case For Endpoint Security
The best endpoint security business cases provide a 360-degree view of costs, benefits, and why taking action now is needed.
Knowing the initial software and services costs to acquire and integrate endpoint security across your organization, training and change management costs, and ongoing support costs are essential. Many include the following equation in their business cases to provide an ROI estimate. The Return on Investment (ROI) for endpoint security initiative is calculated as follows:
ROI on Endpoint Security (ES) = (ES Initiative Benefits – ES Initiative Costs)/ES Initiative Costs x 100.
A financial services company recently calculated their annual benefits of ES initiative will be $475,000, and the costs, $65,000, will yield a net return of $6.30 for every $1 invested.
Additional factors to keep in mind when building a business case for endpoint security:
The penalties for non-compliance to industry-specific laws can be quite steep, with repeated offenses leading to $1M or more in fines and long-term loss of customer trust and revenue. Building a business case for endpoint security needs to factor in the potential non-compliance fees, and penalties companies face for not having autonomous endpoint security. The Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), California Consumer Privacy Act (CCPA), and other laws require audit reporting based on accurate endpoint security data.
Endpoint Security ROI estimates fluctuate, and it’s best to get started with a pilot to capture live data with budgets available at the end of a quarter. Typically organizations will allocate the remaining amounts of IT security budgets at the end of a quarter to endpoint security initiatives.
Succinctly define the benefits and costs and gain C-level support to streamline the funding process. It’s often the CISOs who are the most driven to achieve greater endpoint security the quickest they can. Today with every business having their entire workforces virtual, there’s added urgency to get endpoint security accomplished.
Define and measure endpoint security initiatives’ progress using a digitally-enabled dashboard that can be shared across any device, anytime. Enabling everyone supporting and involved in endpoint security initiatives needs to know what success looks like. Having a digitally-enabled dashboard that clearly shows each goal or objective and the company’s progress toward them is critical to success.
The hard economic reset COVID-19 created has put many IT budgets into freefall at a time when CIOs and CISOs need more funding to protect proliferating hybrid remote workforces. Endpoint security business cases need to factor in how they can create an undeletable resilient defense for every device across their global fleets. And just as every nation on the planet isn’t letting its guard down against the COVID-19 virus, every IT and cybersecurity team can’t let theirs down either when it comes to protecting every endpoint.
Autonomous endpoints that can self-heal and regenerate operating systems and configurations are the future of endpoint security management. The race to be an entirely virtual enterprise is on, and the most autonomous endpoints can be, the more cost-effective and valuable they are. The best business cases bridge the gap between IT and Operations needs. CIOs need endpoint security solutions to be low-cost, low maintenance, reliable yet agile. Operations want an endpoint solution that has a low cost of support, minimal if any impact of IT Service Help Desks, and always-on monitoring. Building a business case for endpoint security gives IT and Operations the insights they need to protect the constantly changing parameters of their businesses.
The human tragedy the COVID-19 pandemic has inflicted on the world is incalculable and continues to grow. Every human life is priceless and deserves the care needed to sustain it. COVID-19 is also impacting entire industries, causing them to randomly gyrate in unpredictable ways, directly impacting IT and tech spending.
Computer Economics and Avasant predict major disruption to High Tech & Telecommunications based on the industry’s heavy reliance on Chinese supply chains, which were severely impacted by COVID-19. Based on conversations with U.S.-based high tech manufacturers, I’ve learned that a few are struggling to make deliveries to leading department stores and discount chains due to parts shortages and allocations from their Chinese suppliers. North American electronics suppliers aren’t an option due to their prices being higher than their Chinese competitors. Leading department stores and discount chains openly encourage high tech device manufacturers to compete with each other on supplier availability and delivery date performance.
In contrast to the parts shortage and unpredictability of supply chains dragging down the industry, software is a growth catalyst. The study notes that Zoom, Slack, GoToMyPC, Zoho Remotely, Microsoft Office365, Atlassian, and others are already seeing increased demand as companies increase their remote-working capabilities.
Key insights from Forrester’s latest IT spending forecast and predictions are shown below:
Forrester is revising its tech forecast downward, predicting the US and global tech market growth slowing to around 2% in 2020. Mr. Bartels mentions that this assumes the US and other major economies have declined in the first half of 2020 but manage to recover in the second half.
If a full-fledged recession hits, there is a 50% probability that US and global tech markets will decline by 2% or more in 2020.
In either a second-half 2020 recovery or recession, Forrester predicts computer and communications equipment spending will be weakest, with potential declines of 5% to 10%.
Tech consulting and systems integration services spending will be flat in a temporary slowdown and could be down by up to 5% if firms cut back on new tech projects.
Software spending growth will slow to the 2% to 4% range in the best case and will post no growth in the worst case of a recession.
The only positive signs from the latest Forrester IT spending forecast is the continued growth in demand for cloud infrastructure services and potential increases in spending on specialized software. Forrester also predicts communications equipment, and telecom services for remote work and education as organizations encourage workers to work from home and schools move to online courses.
Every industry is economically hurting already from the COVID-19 pandemic. Now is the time for enterprise software providers to go the extra mile for their customers across all industries and help them recover and grow again. Strengthening customers in their time of need by freely providing remote collaboration tools, secure endpoint solutions, cloud-based storage, and CRM systems is an investment in the community that every software company needs to make it through this pandemic too.