In late January, Microsoft trumpeted a new milestone. The company had, for the first time, surpassed US$10 billion in cyber security revenue over the previous year.
For context, Microsoft saw a 17 per cent year-on-year boost in overall revenue, to US$43.1 billion, during the quarter ended 31 December 2020 alone. The vendor’s second quarter revenue for commercial cloud, arguably its fastest-growing segment, was up by 34 per cent, to US$16.7 billion.
The latest revenue milestone from the vendor’s cyber security business equates to a growth rate of more than 40 per cent, year-on-year, with that figure encompassing Microsoft’s security, compliance, identity and management businesses.
Today, the company helps to secure more than 400,000 customers across 120 countries.
A day after Microsoft CEO Satya Nadella revealed the new milestone during the firm’s December quarter financial briefing, the company's security, compliance and identify corporate vice president Vasu Jakkal landed a stellar argument showcasing how the tech giant is likely to continue its path to world domination in the security segment: sheer user numbers.
“Consider the tremendous number of signals we take in across our platforms and services, over eight trillion security signals every 24 hours,” Jakkal said. “Using the latest in machine learning and artificial intelligence techniques — plus the power of smart humans — we put these signals to work on behalf of our customers.
“In 2020 alone, almost six billion malware threats were blocked on endpoints protected by Microsoft Defender,” she added.
That’s a pretty good tally for any cyber player. And while it might come as no surprise at all that Jakkal might think Microsoft has a decent chance of ruling the security roost, she’s not the only one who thinks this way.
Indeed, industry firm Forrester Research's vice president and principal analyst, Jeff Pollard, and research director and vice president, Joseph Blankenship, seem to agree, going so far as to suggest Microsoft’s growth in cyber security represents an “existential” threat to potential competitors in the market.
“Ten billion dollars in revenue with 400,000 customers cements the vendor as a cyber security behemoth, without a doubt,” the pair said in a jointly penned blog post. “With offerings spanning everything from the operating system to the cloud — and everything in between, it seems — Microsoft has achieved its goal of being a mega-security vendor.
“For Microsoft competitors — which is almost every vendor — this also makes the company an existential threat, especially if they compete in the security analytics, endpoint, identity, and email security markets,” they added.
Moreover, Pollard and Blankenship insinuated that Microsoft is really only just getting started in this space, with a bunch of new, big-scale, initiatives either hitting the market or on the horizon.
“Microsoft Sentinel is an example of how quickly the vendor is moving,” they said of Microsoft's cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution.
“Sentinel only launched in September 2019. Sentinel is positioned as a Leader in our latest version of The Forrester Wave: Security Analytics Platforms, Q4 2020 and Microsoft reports 9,000 users on the platform.”
Another example is the launch last year of the company's Zero Trust Deployment Center, a repository of information to improve users’ Zero Trust readiness as well as specific guidance on implementing Zero Trust principles across their identities, endpoints, data, applications, networks, and infrastructure.
It comes as little surprise that Jakkal mentioned this area of focus in her blog post: “What drives us now is creating a true Zero Trust mindset, which we believe is the cornerstone of effective protection, the foundation for organisational resilience, and the future of security.”
Additionally, the drive for enterprise customers to simplify their IT products and services supply chain is also likely to see many more existing Microsoft customers make their way to Microsoft’s dedicated cyber security offering, building on whatever solutions from the vendor they already use.
And let’s face it, most organisations are tapped into Microsoft products and services in one way or another.
“As more and more businesses move to cloud, the idea of rationalising the number of vendors they work with and simplifying security continues to appeal to CISOs, CIOs, and CFOs alike,” Pollard and Blankenship said. “Fears of ‘lock-in’ are disregarded in favor of ‘good enough’ and ‘integrated’.
“The next phase of Microsoft’s evolution as a cyber security vendor will be how it handles the defence of the territory captured from other vendors,” the pair added, somewhat ominously.”