In today’s interconnected world, cyberattacks can inflict huge damage, be it at an individual, an organizational or a national level. While cyberattacks are not entirely new, the level of sophistication is sure a cause for concern, making the threat landscape more complex and challenging than ever before. This calls for enhanced security to combat such attacks.
Here's a look at how Microsoft (MSFT) is emerging as a strong player in the security business.
“Our goal is to help every organization strengthen its security capabilities through a Zero Trust architecture built on our comprehensive solutions that span identity, security, compliance, and device management across all clouds and platforms,” Microsoft’s CEO Satya Nadella said. These words define the premise on which its security systems are built.
Microsoft provides protection from cyberattacks in two formats. First, by enabling strong security mechanisms across its own product line and second, through security solutions offered to different entities. Today, Microsoft protects 785,000 customers around the world, including its own digital estate. Microsoft Azure is the second largest cloud computing platform capturing 22% of the market share.
Microsoft is taking share across all the major categories in the security segment. Gartner positions Microsoft as a leader across four areas of security, which include unified endpoint management tools, access management, enterprise information archiving and endpoint protection platforms. The security solutions by Microsoft have been recognized as a leader by Forrester in nine categories: endpoint detection and response providers, unified endpoint management, extended detection and response (XDR), identity as a service, security analytics platforms, enterprise email security, endpoint security software as a service, unstructured data security platforms and cloud security gateways. IDC Vendor Assessment MarketScape report for 2022 lists Microsoft as a leader in the unified endpoint management software.
These recognitions of Microsoft security across different categories speak not just of the wide range of offerings and excellence achieved but the commitment to security as a whole. During an , Nadella said, “We are the only cloud provider with protection for the top three cloud platforms, and we’re seeing more and more customers turn to us to protect their multi-cloud, multi-platform infrastructure.”
The figures for Microsoft’s security revenue were shared for the first time during the company’s Q2 FY2021 earnings call. It was then reported that Microsoft’s security revenue had surpassed $10 billion and was growing at 40%, outpacing the growth across all other business segments. This year, during the Q2 FY2022 in January, it was reported that revenue for Microsoft’s security business surpassed $15 billion over the past 12 months. Overall, for FY2022, the security revenue was up 40%. Companies such Siemens, FedEx, Nestle, NTT, Bridgewater Associates, Vodafone, London Heathrow Airport, Grundfos, illimity and Volkswagen are among Microsoft’s clients.
Microsoft has been adding new and improved products and services to its offerings to help companies combat cybersecurity incidents at all levels and intensities. In September 2021, the general availability of Azure Purview was announced. Azure Purview, a cloud-native data governance solution, enabled organizations of all sizes to manage and govern their on-premises, multi-cloud, and software as a service (SaaS) data. However, according to a survey in the U.S., to combat the increased risk of cybersecurity and manage compliance and data-protection, around 80% of entities purchased multiple products resulting in “increased operations costs, ineffective data governance, poor security outcomes, failed compliance audits, and damage to brand reputation.” To solve such issues, and bring a unified view of data across in the organisation, Microsoft Purview was introduced in April 2022. Microsoft Purview brings together Azure Purview and Microsoft 365 Compliance portfolio to build a more unified platform that offers comprehensive solutions to govern, protect and manage the entire data estate of any organization.
In April 2022, Microsoft surveyed more than 150 small and medium businesses in the U.S. and found that more than 70% of SMBs think cyberthreats are becoming more of a business risk. The concern is based on the fact that nearly 25% of the SMBs surveyed reported experiencing a security breach in the past year. To combat such threats, Microsoft announces general availability of Microsoft Defender for Business designed to boost small and medium business (SMB) security in May. In June, Microsoft Defender for individuals, a new online security application for Microsoft 365 Personal and Family subscribers, was released. In August, Microsoft announced the general availability of Microsoft Defender Experts for Hunting to support organizations which have a robust security operations center but are looking for an additional layer of security. Defender Experts for Hunting is a proactive threat hunting service that goes beyond the endpoint to hunt across endpoints, Microsoft Office 365, cloud applications and identity.
A new product family introduced this year is Microsoft Entra. Entra provides a unified admin center for Azure Active Directory (Azure AD), Entra Permissions Management and Entra Verified ID, where an organization can quickly verify and secure every identity or access request—all in one place.
Microsoft has been investing in security research and development (R&D) over the years. Back in 2015, Microsoft announced that each year it was committing more than $1 billion to advance its efforts on security, data protection and risk management. To further advance its security solutions, Microsoft raised its yearly investment to $4 billion as it announced a cumulative investment of $20 billion over the next five years in 2021. In addition, an investment of $150 million would be made to help the U.S. government agencies upgrade protections and expand cybersecurity training partnerships.
Over the recent years, Microsoft has been making acquisitions such as Aorato (2014), Adallom (2015), Secure Islands (2015) and Hexadite (2017) to strengthen its next-gen security innovation and the core of its cybersecurity offerings. In recent years, CyberX (2020), CloudKnox (2021), ReFirm Labs (2021) and RiskIQ (2021) have been acquired by Microsoft to bolster its security capabilities in key areas, including identity management, IoT and threat intelligence. In June this year, an agreement to acquire Miburo was entered. Miburo is a cyber threat analysis and research company specializing in the detection of and response to foreign information operations. A recent report highlights that Microsoft has increased its influence in cybersecurity and has been among the top companies at the heart of Merger and Acquisition deals over the last three years.
Disclaimer: The author has no position in any stocks mentioned. Investors should consider the above information not as a de facto recommendation, but as an idea for further consideration. The report has been carefully prepared, and any exclusions or errors in it are totally unintentional. Details based on company earnings reports and press releases.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.
Prableen Bajpai
Prableen Bajpai is the founder of FinFix Research and Analytics which is an all women financial research and wealth management firm. She holds a bachelor (honours) and master’s degree in economics with a major in econometrics and macroeconomics. Prableen is a Chartered Financial Analyst (CFA, ICFAI) and a CFP®.
Read Prableen's Bio