Project Summary

AstraZeneca, a global pharmaceutical company with 83,000 employees across 100+ countries, launched a comprehensive cybersecurity transformation in 2019. Following several high-profile pharmaceutical industry breaches and increasing regulatory pressure around sensitive clinical and patient data, AstraZeneca embarked on a Zero Trust security implementation. The initiative, called “Secure Horizon,” aimed to protect intellectual property, ensure regulatory compliance, and enable secure digital innovation and collaboration.

Solutions Adopted

AstraZeneca implemented a comprehensive Zero Trust security architecture:

  • Microsoft Azure Active Directory and Okta for identity and access management
  • Zscaler Zero Trust Exchange for secure access service edge (SASE)
  • CrowdStrike Falcon for endpoint detection and response (EDR)
  • Palo Alto Prisma Cloud for cloud security posture management
  • SentinelOne for autonomous endpoint protection
  • Illumio for zero-trust micro segmentation
  • Cisco Duo for multi-factor authentication
  • Splunk for security information and event management (SIEM)
  • CyberArk for privileged access management
  • Tanium for endpoint management and security hygiene
  • Darktrace for AI-powered threat detection
  • Recorded Future for threat intelligence

Implementation Costs

  • Identity and access solutions: £14.5 million
  • Network security transformation: £18.2 million
  • Endpoint security: £12.8 million
  • Cloud security: £15.6 million
  • Security operations centre enhancement: £9.8 million
  • Data protection and encryption: £8.2 million
  • Third-party risk management: £6.5 million
  • Implementation services: £22.4 million
  • Staff augmentation and training: £11.6 million
  • Total investment: Approximately £119.6 million

Implementation Duration

  • Assessment and strategy: 5 months (March-July 2019)
  • Architecture design: 3 months (August-October 2019)
  • Identity foundation: 7 months (November 2019-May 2020)
  • Implementation phases:
    • Phase 1: Identity & Access (IAM/PAM): 8 months (April-November 2020)
    • Phase 2: Endpoint Security & EDR: 6 months (September 2020-February 2021)
    • Phase 3: Network Segmentation: 9 months (January-September 2021)
    • Phase 4: Cloud Security: 7 months (July 2021-January 2022)
    • Phase 5: Data Protection: 8 months (December 2021-July 2022)
  • Security operations transformation: 10 months (March-December 2022)
  • Continuous improvement and optimisation: Ongoing
  • Total duration: 3.5 years (March 2019-September 2022)

Savings and Benefits

  • 94% reduction in successful phishing attacks
  • The mean time to detect threats reduced from 108 hours to 15 minutes
  • The mean time to respond reduced from 72 hours to 35 minutes
  • 76% reduction in security incidents requiring manual intervention
  • Regulatory compliance rate improved to 99.5%
  • Insurance premiums reduced by £8.5 million annually
  • Avoided breach costs estimated at £45 million annually (based on the pharmaceutical industry average)
  • Enablement of secure cloud adoption, accelerating 120+ digital transformation initiatives
  • Device provisioning time reduced from 4 days to 2 hours while maintaining security standards
  • Secure remote work enablement for 83,000 employees during the COVID-19 pandemic
  • Shadow IT reduced by 82% through improved secure collaboration tools
  • Three-year ROI of 310% with breakeven achieved at 19 months