How Microsoft is expanding its cybersecurity offerings

Microsoft (MSFT) has been increasingly moving into the cybersecurity business, with CEO Satya Nadella saying the company is investing $20 billion through 2026. But the tech giant says a lack of cybersecurity professionals is making it difficult for everything from local governments to large businesses to protect themselves.

To that end, Microsoft is expanding its cybersecurity options to include five new services that will let its customers use Microsoft’s own cybersecurity experts as their own.

“What we realized is that technology is absolutely critical, and it’s not enough,” explained Vasu Jakkal, corporate vice president of Microsoft’s Security, Compliance, Identity & Management business.

“You have to have humans right there. This has been a very big gap with our customers where they don’t have the teams required to scale. They are starving for that help and that’s why the service element matters so much,” Jakkal added.

Microsoft CEO Satya Nadella delivers the keynote address at Build, the company's annual conference for software developers Monday, May 7, 2018, in Seattle.  (AP Photo/Elaine Thompson)

Microsoft CEO Satya Nadella delivers the keynote address at Build, the company’s annual conference for software developers Monday, May 7, 2018, in Seattle. (AP Photo/Elaine Thompson)

Microsoft says the offerings will help its customers better contend with the ever-growing number of cyberattacks crippling entities of every size from small municipalities and local hospitals to massive tech firms.

According to Jakkal, Microsoft is tracking more than 35 ransomware families and 250 unique threat actors. That’s good for Microsoft customers who can use automated services or who have cybersecurity experts on hand to contend with those threats, but a problem for those firms that simply don’t have the necessary staff.

“You take all this and you look at what’s happening from a talent perspective in our world, especially in cybersecurity and it’s pretty challenging,” Jakkal explained. “In the US, one out of every three jobs in cybersecurity is unfilled. We have 2.5 million jobs which are vacant right now.”

That, she said, is where Microsoft’s new services come in. Defender Experts for Hunting, for instance, is designed to help businesses better search for malware and cybersecurity holes in their systems. Once one of Microsoft’s security experts finds a potential security problem, they’ll tell the customer and provide information on how to fix it.

Microsoft’s Defender Experts for XDR (extended detection response) is meant to be a step beyond Experts for Hunting, and will help companies search for threats and respond to break-ins.

The tech giant’s Defender Experts for Enterprise is the top offering and brings in Microsoft employees to tackle everything offered by both Experts for Hunters and Experts for XDR. It basically lets customers use Microsoft cybersecurity experts as their own cybersecurity pros.

Microsoft’s Incident Response offering, meanwhile, is meant to help customers recover from cyberattacks, while Security Services for Modernization helps firms, well, modernize their cybersecurity systems so they can protect themselves against attacks.

Microsoft has been making a name for itself in the cybersecurity space, acting as one of the main responders to the 2020 SolarWinds hack, which saw a Russian-backed group attack the network infrastructure company and gain access to government organizations including the Department of Defense.

At the time, Microsoft President Brad Smith called the attack one of the largest in history. Ultimately the hack and associated malware pin-balled across multiple US organizations including the Treasury, Commerce, and Justice Departments, along with 100 private sector companies.

Today, US-based companies and government agencies are on especially high alert due to the threat of cyberattacks linked to Russia’s war in Ukraine. It’s not just Russia, either. China, Iran, and North Korea regularly launch cyberattacks and influence campaigns against the US And then there are the myriad cybercriminals working with those nations to steal data from US corporations and citizens.

While Microsoft’s solution is a welcome addition to help companies shield themselves from those threats, there’s no perfect form of cybersecurity. Microsoft isn’t the only company offering cybersecurity support through real people. CrowdStrike (CRWD), for instance, sells security services that use the company’s own experts to help evaluate potential threats to businesses and eliminate them.

Still, the more firms try to protect themselves, the harder it becomes for nation states and criminals. And that’s at least worth the effort.

Sign up for Yahoo Finance Tech newsletter

More from Dan

Follow Yahoo Finance on TwitterfacebookInstagramflip boardLinkedIn YouTubeand reddit

Got a tip? Email Daniel Howley at dhowley@yahoofinance.com. Follow him on Twitter at @DanielHowley

Leave a Comment