Security Experts:

For Microsoft, Security is a $10 Billion Business

Microsoft Building

NEWS ANALYSIS: Microsoft generated a whopping $10 billion in security-related revenues in just the last 12 months and is now positioned as an enterprise cybersecurity powerhouse.

Microsoft’s decades-long transformation from an embarrassment to a legitimate powerhouse in cybersecurity is showing significant financial returns: more than $10 billion in security-related revenues in just the last 12 months.

The $10 billion figure, deliberately broken out during Microsoft CEO Satya Nadella’s last earnings call (transcript), comes from what Redmond describes as “advanced security and compliance offerings” sold to hundreds of thousands of corporate customers.

The products and services sold include Microsoft’s Azure Active Directory, Intune, Microsoft Defender for Endpoint, Office 365, Microsoft Cloud App Security, Microsoft Information and Governance, Azure Sentinel, Azure Monitoring, and Azure Information Protection. 

Nadella was downright boastful about the company’s performance -- and ambition -- in the lucrative cybersecurity business.  “This [$10 billion-a-year] milestone is a testament to the deep trust organizations place in us and we will continue to invest in new capabilities across all our products and services to protect our customers,” Nadella said. 

For business analysts and industry watchers, the windfall is final confirmation that Microsoft has figured out its place as a prominent security vendor after multiple hits-and-misses over the years.

“Ten billion dollars in revenue with 400,000 customers cements the vendor as a cybersecurity behemoth, without a doubt,” Forrester analysts Jeff Pollard and Joseph Blankenship wrote in a research note.

“As more and more businesses move to cloud, the idea of rationalizing the number of vendors they work with and simplifying security continues to appeal to CISOs, CIOs, and CFOs alike. Fears of “lock in” are disregarded in favor of “good enough” and “integrated.”

“With offerings spanning everything from the operating system to the cloud -- and everything in between, it seems -- Microsoft has achieved its goal of being a mega-security vendor,” the Forrester analysts said.

The results are also an ominous sign for startups and entrepreneurs selling security bolt-ons atop Microsoft’s OS and cloud offerings.  “This makes [Microsoft] an existential threat for many companies, especially if they compete in the security analytics, endpoint, identity, and email security markets,” Pollard and Blankenship wrote.

For many years, Microsoft struggled to figure out its place in the anti-malware market, investing heavily in a range of consumer paid suites (remember Windows Live OneCare?) before settling on the strategy of bundling Windows Defender into the operating system and cloud services.

The company also doubled down on its investments in security and risk management and found instant success with the Microsoft Azure Sentinel product, a product that falls neatly within the security information event management (SIEM) and security orchestration automated response (SOAR) categories.

“What we have built is very helpful in times of crisis and there is a big crisis right now,” Nadella said in a Yahoo Finance interview. “But you need to sort of obviously build all of this over a period of years if not decades and then sustain it through not just product innovation, but also I would say, practice every day.”  

As businesses speed up digital transformation plans, Microsoft now sits in an enviable position of being able to sell hybrid and cloud offerings and then sell “advanced security and compliance offerings” to those enterprise licensees.

With hundreds of millions of Windows users globally generating data and telemetry to beef up its security capabilities, Microsoft is set up to cash in even more.  The company processes 30 billion+ authentications daily across Azure AD’s 425 million users and boasts that it analyzes upwards of eight trillion security signals across its platforms and services. 

view counter
Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a journalist and cybersecurity strategist with more than 20 years experience covering IT security and technology trends. Ryan has built security engagement programs at major global brands, including Intel Corp., Bishop Fox and Kaspersky GReAT. He is a co-founder of Threatpost and the global SAS conference series. Ryan's career as a journalist includes bylines at major technology publications including Ziff Davis eWEEK, CBS Interactive's ZDNet, PCMag and PC World. Ryan is a director of the Security Tinkerers non-profit, and a regular speaker at security conferences around the world. Follow Ryan on Twitter @ryanaraine.