Cybersecurity Solutions from Microsoft

During the course of our industry analysis work at TAG Cyber, we meet each day with commercial cybersecurity companies ranging from small regional start-ups to massive multi-national companies. While we have learned from experience that certain stereotypes regarding these different security vendors do sometimes apply, we do encounter outlier vendors who defy our expectations in terms of their technology, platforms, or support.

The most common stereotype is that smaller vendors tend to be nimbler and more cutting edge, and larger players tend to be better at handling increased scale and scope. Smaller vendors may struggle trying to handle the massive scaling requirements for customers such as multinational banks or telecommunications companies. These smaller vendors generally must find a partner to handle the disparity.

But for larger vendors, we occasionally find teams that have decoded the “walk-and-chew-gum” challenge of being massive and flexible at the same time. One such company, we are pleased to report, is your global partner from the Pacific Northwest – Microsoft. Our tour guide during a recent technical and security review was longtime executive and industry icon, Ann Johnson, CVP Security, Compliance, and Identity. Let me share below what we learned – organized by the themes we covered.

Cloud and SaaS Security. Microsoft now includes multi-layered, built-in cybersecurity controls for Azure and Microsoft 365 customers. This is good, because the usage rate for both services continues to grow, with annual revenue now crossing the $10B mark, according to 1Q2021 reporting. Microsoft’s scale allows for its protections to benefit from wide visibility. “We process more than 8 trillion signals per day,” Johnson reported.

Compliance Management. Microsoft offers its customers world-class support in the area of security compliance. This includes automated report generation, which can stretch across Azure Sentinel and Microsoft 365 Defender. “We can provide a comprehensive cybersecurity compliance solution for customers that addresses modern frameworks from one source,” explained Johnson.

Identity and Access Management (IAM). As one would expect, IAM is a strength for Microsoft given the unique positioning of its Active Directory (AD) platform across most enterprise networks. This coverage extends now beyond traditional enterprise infrastructure to the public cloud. The TAG Cyber team continues to be awed by the size of investment made by Microsoft in this area, and the steady stream of new innovations that continue to emerge.

Information Protection and Governance. The obligation to protect data across the enterprise begs attention to collaboration, sharing, and other cooperative tasks performed on a day-to-day basis. Since Microsoft tends to be engaged in supporting these activities for most businesses, they are well-positioned to support governance and mitigation, with attention to the needs of both IT practitioners and corporate executives.

Secure Remote Work. The Pandemic helped to highlight the enthusiasm that exists for most employees to combine work-from-home tasks with traditional brick and mortar facilities. Microsoft serves to secure such virtual work through its cloud-native security controls and through security extensions to Microsoft 365. “Our Microsoft team is fully focused on ensuring security protections for work-from-home initiatives,” Johnson said.

Zero Trust. The shift from the perimeter to zero trust networking requires attention to both endpoint security and cloud-resident workload protection. These two tasks represent the primary focus areas of Microsoft’s security initiatives, which highlights how well-positioned the company is for modern zero trust architectures. With the demise of large firewall gateways, more companies will depend on Microsoft to help protect their increasingly available data.

From a TAG Cyber analyst perspective, we see several strengths in the Microsoft approach for its customers. First, there is the practical benefit of one-stop shopping for cloud-native SIEM, SOAR, and endpoint protection. Second, there is the massive scale of Microsoft which enables data to inform effective threat protection. And third, there is the enormous level of investment being made that exposes every buyer, including smaller ones, to strong innovations.

In addition, there is the obvious challenge that capable nation-state actors continue to target companies of all sizes and shapes. Larger organizations might have the propensity to protect themselves adequately, but smaller ones do not. As a result, partnership with Microsoft – which is already likely to be viewed by most companies as a major supplier – will help to reduce the cyber risk being imposed by these larger malicious actors.

Our advice for enterprise buyers is simple: It is a good time to re-engage with Microsoft to understand what is available – and perhaps more importantly, what you may have already paid for- that you can leverage to your advantage and advance your secure digital transformation. The result is that everyone benefits – including vendors who sell solutions that build on existing Microsoft infrastructure. Informed customers are always the best buyers of new security solutions.

Let us know what you think.