Since the day that monkeys first picked up sticks and swung them around aimlessly, humankind has been burdened with the tragedy of conflict. And so, conflicts have been sown and resolved over the course of history, with one notable outcome of this being the building of defensible fortresses.
The principle of a fortress is simple: to be impregnable. But now, the modern, digital world has become subject to vicious cyberattacks that require new forms of impregnable, defensible positions; cyber-fortresses, if you will.
In steps Microsoft.
In the past month alone, the tech giant has made no less than three major cybersecurity acquisitions:
ReFirm Labs in June 2021.
RiskIQ last week.
CloudKnox last night.
Add these on top of the CyberX acquisition in June 2020 and Microsoft is turning itself into a formidable cyber fortress.
But why is it investing so heavily? The reasons are two-fold:
Firstly, cyberattacks are on the rise, growing 600% in frequency over the past year. Microsoft itself is particularly vulnerable, with more than 70% of the global desktop operating system (OS) market share as well as millions of hardware products out in the world. Major breaches could have devastating consequences for both the business and its customers. In fact, earlier this year, Microsoft was subject to a serious cyberattack that affected at least 30,000 U.S. organizations, including local governments.
By beefing up its own cybersecurity, it lowers the risk of future attacks. This is especially important at a time when data regulators in the U.S., China, and Europe continue to breathe down tech companies’ necks. Any user data breaches will likely result in harsh financial penalties, as well as cause damage to reputations.
What’s more, Microsoft is in the middle of a cloud struggle with Amazon Web Services, its biggest rival, having recently gone head-to-head over the Pentagon’s lucrative JEDI cloud contract, which was eventually canceled last week. Microsoft can’t afford to have questions raised surrounding its security capabilities, especially when it comes to highly sensitive government jobs. By plugging all of the holes it can, Microsoft can avoid losing out on future contracts due to security concerns.
All of this is part of its Zero Trust mindset, which you can learn more about here.
And to the second point; cybersecurity is bringing in the big bucks. In 2020, Microsoft garnered over $10 billion worth of security business revenue, up 40% from 2019. For a trillion-dollar company operating in a relatively new market, these are impressive growth numbers.
With the global cybersecurity market valued at $167 billion in 2020 and expected to register a CAGR of 10.9% from 2021 to 2028, Microsoft doesn’t have to worry too much about the competition as there’s plenty of work to go around, with no signs of these threats slowing.
After all, to use an already-overused cliché in cybersecurity: “you never know what your security risk is until it’s breached.”
Even if the competition does become an issue, Microsoft has the luxury of sitting on one of the biggest cash piles on the planet — somewhere around $150 billion — so it can afford to spend vast sums on building out its products and services.
The cybersecurity space is one with massive monetary potential. While companies such as Cloudflare and CrowdStrike can be interesting investments, they, along with others in the space, tend to focus on very specific, or niche solutions rather than being a catch-all business.
But Microsoft could be a panacea for all of these security risks. Having spent billions in recent years alone, with more acquisitions likely to come, this is an aspect of Microsoft’s business that investors should be keeping an eye on.
If you’re still not convinced by the threat that cybersecurity poses, then I recommend you read this interesting article from The Conversation, which discusses the rising international crisis surrounding the subject.