As I reflect on my first year at Microsoft, it was both challenging and exceptional: from my remote onboarding in the middle of a pandemic to dramatic changes in the cyber landscape, to Microsoft’s critical role as a frontline responder in some of the most sophisticated cyberattacks in history and leading the security industry.
Our world is changing, and Microsoft Security is rising to the challenges of a new normal. I am thrilled and humbled by the milestones we achieved this past year. We surpassed $10 billion in security business revenue, representing more than 40 percent year-over-year growth, and were recognized as a leader in five Gartner Magic Quadrants and seven Forrester Wave reports. This not only demonstrates our commitment to providing best-in-class security solutions but also underscored the trust our customers have placed in Microsoft and our partners.
We believe in times of uncertainty, customer trust is more important than ever. Today, I want to share more about how we are empowering our partners to be successful in building trust with customers and enabling business growth.
Significant partner opportunity expansion
Our partner community plays an essential role in our own growth strategy, and we are dedicated to empowering your success. Recently, we commissioned Forrester Consulting to investigate the partner opportunity around Microsoft Security and found that for 2021, partners reported up to 130 percent increase in business year-over-year (YoY) when selling Microsoft Security solutions. We believe the significant growth in partner revenue opportunity speaks to the comprehensive Microsoft Security portfolio and what it can do to transform your business and help secure your customers. Learn more in the Forrester Total Economic Impact study.
In addition to product portfolio investments, we continue to make investments to help partners better capture new revenue streams. We have heard from our partners about the challenges in managing customers’ environments as the number of customers increases. Today, we are excited to announce Microsoft 365 Lighthouse Preview. Microsoft 365 Lighthouse is currently available as a public preview and provides managed service providers with one central location and standard security configuration templates to secure devices, data, and users for small and medium business customers using Microsoft Business Premium. Specifically, Microsoft 365 Lighthouse empowers partners to quickly identify and act on threats, anomalous sign-in, and device compliance alerts. Reducing management complexity as our partners scale and driving standardization across customers will allow partners to proactively manage risks and improve the security posture for the customers. Learn more about Microsoft 365 Lighthouse in today’s blog post and on the Microsoft 365 Lighthouse website.
Additionally, this year, we are making an unprecedented 400 percent increase in our partner program funding to help you succeed, including expansion of the Microsoft Intelligent Security Association (MISA) and more skilling resources such as security workshops, practice playbooks, and a new advanced specialization for security.
Zero Trust principles help to shape the journey
We believe Zero Trust is the cornerstone of effective security. The key principles behind a Zero Trust framework—verify explicitly, grant least privileged access, and assume breach—are relevant to every organization, even if your customers use a different framework for their security strategy. Partners who help their customers embrace Zero Trust can count on Microsoft to deliver solutions across six pillars: identity, endpoints, data, applications, network, and infrastructure.
Identity and endpoints
Identity and endpoints are the foundation for building a strong security posture and partners can play a critical role in helping customers ensure identities are verified and endpoints are healthy and protected before granting further access.
- We are excited to extend the scope of protection of Microsoft Azure Active Directory B2C (Azure AD B2C) to include fraudulent activities by integrating Dynamics 365 Fraud Protection with Azure AD B2C. By combining the power of Azure AD Identity Protection and Dynamics Fraud Protection’s account protection capabilities, customers can help protect end customers from account abuse, thus protecting their own business. Read the blog Fraud trends part 4: balancing identity authentication with user experience to learn more.
- The pandemic and growth in hybrid work means that an increasingly diverse portfolio of devices is in use by employees. We continue to expand Microsoft Defender for Endpoint’s unique capabilities to additional platforms to strengthen customers’ abilities to monitor and improve their security posture.
- Recently, we announced that threat and vulnerability management capabilities are now generally available for Linux operating systems, in addition to existing support for macOS and Windows. Read the announcement.
- We also made Microsoft Tunnel VPN support on Android devices generally available, enabling organizations to deliver both mobile threat defense and access to on-premises resources within a unified experience in a single security app. Read the announcement.
Data and applications
Data is one of the most important assets of any organization, and applications shape the way people interact with data. Partners can help customers govern application access based on users and the devices they are on as well as protect sensitive data both in transit and at rest.
- The growing number of cloud apps makes it challenging to gain deeper insights across all apps. To help solve this problem, we have built the app governance add-on feature to Microsoft Cloud App Security, now available as a public preview today. App governance can be used to monitor, protect, and govern Microsoft 365 apps and quickly identify, alert, and prevent risky app behaviors. Learn more in the recent app governance blog post.
- A comprehensive security approach is not just about defending against external attacks but also about addressing insider risks. Previously, we introduced the capability to identify risk activities for users with critical positions. Today, we are extending the priority user group capability in Insider Risk Management to include fine-grained role-based access control (RBAC), now available as a public preview. It adds permissions to priority user groups to further limit alerts and cases to specific individuals instead of the whole group. Learn more in today’s insider risk blog post.
- Compliance Manager simplifies compliance and helps reduces risks by enabling organizations to assess, monitor, and improve their compliance posture for their Microsoft 365 data. Today, we are releasing universal regulatory assessment templates for non-Microsoft clouds, such as Salesforce and SAP in Compliance Manager. There are more than 300 templates available now for managing customers’ compliance posture across different clouds and apps. Learn more in today’s Compliance Manager blog post.
Network and infrastructure
Within network and infrastructure, cloud security is the number one planned priority for investment for chief information security officers (CISOs) in the next 12 months. Earlier this week we announced the intention to acquire RiskIQ, a leader in global threat intelligence and attack surface management, to further accelerate cloud security. RiskIQ helps customers discover and assess the security of their entire enterprise attack surface—in Microsoft Cloud, AWS and other clouds, on-premises, and from their supply chain. Learn more from our announcement blog.
Earlier this year, we announced the general availability of multi-cloud support for both Azure Security Center and Azure Defender, further enabling partners to support customers’ multi-cloud digital transformation strategy and simplify the tools needed to manage multi-cloud. Azure Security Center and Azure Defender enable partners to strengthen a customer’s cloud security posture and provide extended detection and response across their hybrid cloud workloads. Read the blog Protecting multi-cloud environments with Azure Security Center to learn more.
Holistic protection
With the acceleration of digital transformation and the increase in volume and sophistication of threats, customers are increasingly looking for better solutions to protect themselves and their ecosystem. Microsoft is the only security company to deliver both cloud-native SIEM (Azure Sentinel) and integrated XDR (Microsoft Defender). Our partners around the world have responded by building managed detection and response offerings using these tools. Only SIEM and XDR together deliver true end-to-end visibility with clear prioritization. Earlier this year, we went further with incident sharing between our SIEM and XDR to deliver a significant productivity benefit over legacy tools. At RSA Conference 2021, we introduced new customizable anomaly rules based on machine learning for Azure Sentinel and more third-party connectors to take us to over 150 new connectors this year alone. We also announced the public preview of Azure Sentinel solutions, including an SAP threat monitoring solution. The release of solutions makes it easier than ever for customers to immediately benefit from integrations with our technology partners and provides discoverability through the new solutions blade in the Azure Sentinel interface. Learn more about how partners can leverage Azure Sentinel solutions in today’s blog post.
Closing the security skills gap
Customers rely on partners’ security expertise and skills to secure their digital transformation. With the increasing security demand from customers, the shortfall in security professionals means partners’ ability to develop and retain talent will become a competitive advantage. We strive to ensure partners have the skilling and training resources needed to be successful. I hope you had a chance to explore the four new security, compliance, and identity certifications we announced in May 2021. In addition, I would also like to encourage you to explore the Microsoft Security Technical Content Library, a one-stop-shop offering Microsoft Security learning paths, interactive guides, and video resources to build and grow your skills. Use it to access content that best suits your needs today.
Enabling digital sovereignty
Data is the lifeblood of any organization, and it is growing exponentially as more organizations take a cloud-first posture. Our customers are now challenged to properly contextualize their data and make the best use of it. We want to empower our partners to help customers build sovereignty over their data to further enhance customer trust. At Microsoft, we are committed to building solutions that help customers to extract maximum insights so their data can be their competitive advantage.
Our mission, together
We often say that security is a team sport, and Microsoft has never been more committed to working with our partners to protect customers and create a more secure world for all.
I am grateful to be on this journey with you, our partner community, and I am inspired by the work you do every day. Through this mission, we have the power to shape the world in positive and profound ways, with customer trust at the heart of everything we do.
Together, we can build technologies that enable a more inclusive, equitable, and sustainable world. I encourage you to tune in to our Inspire 2021 sessions to learn more about partner opportunities and how we can collectively create a safer and better future for all. Learn more from our Microsoft Partner blog.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.