I first blogged about the sheer size and capability of Microsoft as a cybersecurity giant about a year ago, but last week Microsoft homed in on this as they highlighted the revenue from its various security offerings as part of its FY21 Q2 quarterly earnings.
$10 billion over the last 12 months.
You might think that for a global organisation like Microsoft, that this is just a number, but what is significant is that this amounts to a 40% year-over-year jump in the security and compliance part of Microsoft which means that Security and Compliance now makes up circa 7% of their total revenue for the previous year to date.
In a statement at the earnings report, Microsoft’s CEO, Satya Nadella said “We waited in some sense until this milestone to show the depth, the breadth, the span of what we are doing.” …”there is a lot of work ahead, but we are investing very heavily because guess what? You know 10 years from now we’ll still be talking about it as technology becomes even [a deeper part] of our lives in our society in all critical industries.”
Satya went on to say in the announcement that “What we have built is very helpful in times of crisis and there is a big crisis right now, but you need to sort of obviously build all of this over a period of years if not decades and then sustain it through not just product innovation, but also I would say, practice every day.”
Proven hunters
Back in December 2020, Microsoft’s were the forerunner and lead investigator in the uncovering and closing of the massive global SolarWinds cyber-attack which hit private companies like cybersecurity company FireEye, many leading FTSE 100 organisations as well as UK, US, and other global government agencies (even Microsoft themself were affected).
Microsoft we the “defenders that other defenders were turning to” Microsoft said, they “were working with FireEye and across the public sector and private sector coming together”.
Zero Trust is more important than ever.
Part of Microsoft’s ability to respond to the SolarWinds hack has to do with what the tech and sec industry refers to as a “zero trust” approach to security. This means an organisation needs to continuously adopt an “assume breach” mindset and authenticate and validate access continuously. This is similar in some respects to fight against Covid19 of “assume you are infected”.
For anyone still sceptical about Microsoft as a security player, there is no doubting the giant that they have become. There are of course many “best of breed” products out there to protect against certain services or pillars, but what Microsoft has done well, really well is to have built a “best of suite” which spans not just across Azure and Microsoft 365 but also across pretty much any cloud, hybrid or on-premises apps and services a business uses.
Microsoft’s investment clearly goes far further than just having a good security portfolio, which is substantial when you look at technologies like Microsoft Defender, Sentinel or Azure Active Directory, but it is their ability to take these services, integrate them into all their products and infuse more AI and data signals (almost 7 Trillion a day) than anyone else.
Working from home adds to companies’ security needs
The ongoing coronavirus pandemic forced many companies to change how they work and think about work, with their employees now working from home either temporarily or (in many cases) for the foreseeable future in some capacity at least.
This has of course introduced and opened the way for new attack vectors for cyber hackers because the physical layers of security (in person identification and swipe card access for example into buildings), perimeter network security (such as network access control), and the fact that we probably only used “managed devices” meant that IT had a good awareness and grip on control of things like malware or odd user/network activity.
Working remotely changes this for most. When working remotely at home (unless only via a secured VDI), employees are running on their own network (and they aren’t sec admins) often in a false sense of security because “no one will hack my home“, often preventing or inhibiting IT to monitor them without changing their approach and toolsets.
For most (especially if using shared or personal devices), it doesn’t take much for just one person to download malware on their computer at home, then accidentally send that malware to your company’s systems or file shares when they next connect to the network to update a spreadsheet or send a report.
“Security must be built in at every single point and can no longer be an afterthought. “There needs to be a real different approach to creating a cybersecurity solution for customers,” Satya Nadella said.
Security Giants
According to Microsoft, they now protect more than 400,000 customers across 120 countries, including 90 Fortune 100 companies. Microsoft currently categorise their security offerings into four pillars:
Security | Compliance | Identity | Threat Management.
This milestone figure of $10 billion comes from the security-related revenue generated by services including Microsoft’s Azure Active Directory, Intune, Microsoft Defender for Endpoint, Office 365, Microsoft Cloud App Security, Microsoft Information and Governance, Azure Sentinel, Azure Monitoring, and Azure Information Protection.