The Latest
15 November 2022: At Microsoft Ignite 2022, CEO Satya Nadella highlighted the company’s bolstered security ecosystem that will be launched over the coming months. Microsoft has integrated more than 50 categories into six product lines, which include Microsoft Defender (anti-malware), Sentinel (security information and event management), Entra (identity and access management), Purview (data governance and compliance), Priva (privacy management), and Intune (mobile device and app management). But does this realignment of a myriad of Microsoft products into six packages really justify the company’s claims it is the world’s biggest cyber security company? And does that claim even matter?
Why it’s Important
Microsoft’s security products are maturing very quickly. While few are ‘best of breed’ compared to speciality products, the way Microsoft bundles its range of products into packages allows it to drive use, and successfully oust third party products. Microsoft’s packaging strategy is part of the reason it has dominated the cyber security market in the last decade. The new six product lines are the latest iteration of Microsoft repacking its solutions to drive ‘step-up’ licensing effects.
Microsoft is proudly claiming it is now the world’s largest cyber security vendor. In terms of contract value, this claim is fair. Its licensing tactics are key to achieving that status, but this does not make Microsoft the one-stop-shop for cyber security.
There remains many opportunities for niche cyber security offerings. For example, passwordless access, silent MFA, information discovery, lifecycle management and national archives compliance are areas where Microsoft has gaps.
That said, Microsoft’s products are generally pre-integrated, which reduces the overall complexity (and cost) of a cyber security ecosystem, which is a key pain point for security teams.
Building secured IT infrastructures continues to be a priority for Microsoft and its ongoing investments in security products is certain to build on Microsoft’s lead. Of course, no vendor is immune to attacks and exploits. The zero day remote code Follina Vulnerability that entices unsuspecting users to execute unauthorised codes was only fixed in June 2022.
Who’s Impacted
- CEO
- Security teams
- IT teams
What’s Next?
- Plan a series of training and communication sessions to ensure all staff understand the risks, as well as benefits of using Microsoft applications.
- Review Microsoft’s security offerings against already implemented third party niche products. Consider the overlap of licensing costs against benefits.
- CIOs and IT security executives must explicitly recognise that insider threats are likely to create an escalated cyber risk. By adopting a zero trust model for information assets, they can enforce tighter identity management controls and ensure encryption of all assets.
Related IBRS Advisory
1. Microsoft Teams Collaboration Part 3: Recommended Security Practices
2. Office 365 Data Backup and Retention Policies: Risks and Best Practices