NEWS ANALYSIS: Microsoft generated a staggering $10 billion in security-related revenues in the past year and is now a leader in enterprise cybersecurity.
Microsoft’s decades-long transformation from an embarrassment to a legitimate cybersecurity powerhouse is yielding significant financial returns: over $10 billion in security-related revenues in the past year alone.
The $10 billion figure, disclosed during Microsoft CEO Satya Nadella’s most recent earnings call (transcript), is attributable to “advanced security and compliance offerings” sold to hundreds of thousands of corporate customers, according to Redmond.
Microsoft’s Azure Active Directory, Intune, Microsoft Defender for Endpoint, Office 365, Microsoft Cloud App Security, Microsoft Information and Governance, Azure Sentinel, Azure Monitoring, and Azure Information Protection are among the products and services offered.
Nadella was extremely boastful about Microsoft’s performance and aspirations in the lucrative cybersecurity industry. We will continue to invest in new capabilities across all of our products and services to protect our customers, Nadella stated.
For business analysts and industry observers, the windfall is conclusive evidence that Microsoft has finally figured out its place as a prominent security vendor after years of trial and error.
Forrester analysts Jeff Pollard and Joseph Blankenship wrote in a research note, “With ten billion dollars in revenue and 400,000 customers, the vendor is unquestionably a cybersecurity behemoth.”
CISOs, CIOs, and CFOs continue to find the idea of reducing the number of vendors they work with and simplifying security as appealing as more and more businesses migrate to the cloud. “good enough” and “integrated” are prioritized over “lock-in” concerns.
With offerings spanning everything from the operating system to the cloud — and everything else, it appears — Microsoft has achieved its goal of becoming a mega-security provider, according to Forrester analysts.
The findings are also ominous for startups and entrepreneurs selling security add-ons for Microsoft’s operating system and cloud services. Pollard and Blankenship wrote, “This makes [Microsoft] an existential threat to many companies, especially if they compete in the security analytics, endpoint, identity, and email security markets.”
Microsoft invested heavily in a variety of paid consumer suites (remember Windows Live OneCare?) before settling on the strategy of integrating Windows Defender into its operating system and cloud services.
Microsoft Azure Sentinel, a product that falls neatly within the security information event management (SIEM) and security orchestration automated response (SOAR) categories, was an instant success for the company, which also increased its investments in security and risk management.
In an interview with Yahoo Finance, Nadella stated, “What we’ve created is very useful in times of crisis, and there is a major crisis right now.” “However, you must build all of this over years, if not decades, and then sustain it through not only product innovation, but also, I would argue daily practice.”
Microsoft is in the enviable position of being able to sell hybrid and cloud offerings and then “advanced security and compliance offerings” to enterprise licensees as businesses accelerate their digital transformation plans.
With hundreds of millions of Windows users worldwide generating data and telemetry to bolster Microsoft’s security capabilities, the company stands to profit even more. The company processes over 30 billion authentications daily across all 425 million Azure AD users and claims to analyze over eight trillion security signals across its platforms and services.