Much of the investor attention surrounding Microsoft (NASDAQ:MSFT) is about its cloud computing prospects and generative artificial intelligence offerings. While the tech giant has other levers for growth — including devices, video games and more — cybersecurity is an area that is increasingly gaining attention, according to KeyBanc Capital Markets.
“It [cybersecurity] isn’t exactly a secret—if it is, it’s poorly kept—but the things that make the security offerings compelling to end customers—breadth—also make the business itself difficult to get your arms around within the broader behemoth that is,” analyst Jackson Ader wrote in a note to clients, adding that all of Microsoft’s cybersecurity offerings add up to a $100B business.
Security is likely to add 1% to 1.5% to growth through 2027, but if Microsoft were to take “sustained market share” (which it has done in recent years), then it could add more than 2% to growth in some years over the same time frame, Ader said.
“If share growth is maintained, security revenue could double between 2023 and 2027 Gartner estimates Microsoft security has gained 0.9% market share on a two-year stack. If that pace is maintained for the next two years and then begins to degrade slightly thereafter, which is our bull case, we estimate Microsoft’s security-based revenue could reach $39B+ in 2027, more than double the $19B estimated in 2023,” Ader wrote.
Six buckets of security
Microsoft breaks its security products down into six product families and three focus areas: identity, endpoint and cloud.
The current products generate more than $20B in annual revenue. However, an estimated mid-teens growth over the next several years is likely to result in additional $10B in sales by 2027, Ader said.
The six areas are Defender, Sentinel, Entra, Purview, Priva and Intune, all of which offer different capabilities and solutions, from everything including physical firewalls to newer products like secure access service edge offerings.
And while some of the security offerings are included with Office 365 subscriptions, depending on the level or tuning of the license, there are additional opportunities to upsell advanced features like Defender and XDR.
Of the six areas, Entra (formerly known as Active Directory) and Defender are the two key areas of strength, Ader said, citing the size of the installed base and the issue that they are close to the everyday usage of the customer.
Entra is the product group for all identity and network access solutions, which includes everything from user authentication, permission, access controls and more. It has been widely adopted because of its protocols like requiring multifactor authentication and an identity governance solution that adds another layer of security on top of Entra ID.
“Access management’s fightback against the previous decade’s disruption from OKTA (OKTA) has been a bright spot and with Defender we view the endpoint as a natural place for Microsoft to lead, especially when it comes to AI with copilot capabilities and detection and response,” Ader wrote in an investor note.
Microsoft Defender has a number of capabilities, including Defender for XDR (an integrated protection product suite); Defender for cloud; a DevOps security operation solution; Discovery products and much more.
Then there’s Microsoft Purview, which is a data management solution that helps companies with their data security, data governance and risk and compliance.
Microsoft Priva is the next bucket, which allows companies to manage their data landscape. Capabilities include automating privacy assessments; privacy risk management; tracker scanning on company websites; consent management; and subject rights requests, which makes it easier for companies to respond and fulfill requests from individuals on the personal data that is collected from them by companies.
Microsoft Intune is a cloud-based endpoint management solution, which is responsible for managing user access to organization resources as well as device management (mobile, desktop, virtual endpoints).
Last but not least: the artificial intelligence aspect.
AI has become increasingly for cybersecurity, as threats become more sophisticated and responses need to keep pace. In April, Microsoft made its Copilot for Security solution “generally available,” allowing companies to ask questions about topics such as incident response, threat hunting, intelligence and more.