Microsoft’s $ 15 billion security unit gives investors cause for hope

Satya Nadella, CEO of Microsoft Corp.

Grant Hindsley | Bloomberg | Getty Images

In January 2021, Microsoft CEO Satya Nadella revealed for the first time the size of the software company’s security business. The number was large.

Nadella told analysts on a earnings call that the operation had reached $ 10 billion in annual revenue and was “up more than 40%” year over year. In other words, it surpassed all other major Microsoft products.

The comments were revealing. Nadella was known for reviving Microsoft and monitoring a fivefold increase in market value at the time in her seven years at the helm. That growth was largely based on making Microsoft’s cloud business a more serious threat to Amazon Web Services in a giant market.

By letting investors get into the scope of Microsoft’s security business, Nadella accidentally unveiled a powerful growth engine. Total revenue across the company increased by only 14% compared to the previous year. And by comparison, Palo Alto Networks, one of the largest pure-play security software companies, delivered revenue growth of 21% over roughly the same period, on a base of less than $ 4 billion. USD.

“No one knew it was a $ 10 billion business,” said Andrew Rubin, CEO of cybersecurity software start-up Illumio, referring to Microsoft’s security revenue. Rubin, whose business was valued at $ 2.75 billion last year, was surprised by the growth and scope of what Microsoft had gathered, spanning multiple markets and all three reporting segments.

Microsoft is scheduled to report third-quarter financial results on Tuesday, and investors may want to get another insight into what’s going on inside the company’s security unit. Ransomware attacks have only increased recently, which has led to an increase in spending by businesses, small businesses and the public sector. And the US government has warned of major cyber security threats following Russia’s invasion of Ukraine earlier this year.

Security has proven to be a competitive advantage for Azure over AWS because the largest companies have always been large Microsoft customers and there is a confidence factor, Rubin said.

Like Rubin, Gregg Moskowitz, an analyst covering Microsoft at Mizuho Securities, was surprised when he first heard Nadella reveal the size and growth rate of the security business.

“I would have guessed somewhere between $ 5 and $ 10 billion,” said Moskowitz, who recommends buying the stock.

In January 2022, Nadella released an update that showed momentum continued to accelerate. Security now grew by almost 45%, with the help of some small acquisitions, and revenue had reached $ 15 billion a year. Nadella said more than 15,000 customers used Azure Sentinel, a cloud-based Splunk alternative to crawling security data, which Microsoft introduced in 2019.

An opening for rivals

Microsoft’s security portfolio also includes products to keep workers’ devices secure, track the use of cloud applications and provide secure access to corporate resources, making it a rival to CrowdStrike, Okta, Palo Alto Networks and others.

When asked for a comment on this story, a Microsoft CNBC spokesman pointed to previous statements by Nadella, in which he focused on the company’s “cross-cloud, cross-platform” products, which “integrate more than 50 different categories across of security, compliance, identity, device administration and privacy. “

It’s not easy to measure how much Microsoft shyes away from smaller rivals because the company does not provide more detailed details. That leaves market participants wondering.

“There’s a very large sector that is growing in high single digits, possibly north of it,” Palo Alto Networks CEO Nikesh Arora told Morgan Stanley analyst Hamza Fodderwala at a conference last month. “There are not many players consolidating in that sector. It still is – I think 3.5% was still the largest market share, depending on how you count Microsoft Security’s revenue.”

Analyst firm Gartner estimates that Microsoft controlled about 8.5% of the entire security software market by 2021, a larger share than any other company.

One thing the security ecosystem knows is that hackers have successfully exploited vulnerabilities in Microsoft’s Exchange Server email and calendar software. It provided an opening for the challengers.

Microsoft’s customers have endured “a crisis of confidence,” said CrowdStrike’s CEO George Kurtz on his company’s earnings call in March 2021, following the initial announcement of revenue.

Microsoft clients looked at the hacks and said they would have to scrape and get another security provider, Kurtz said. He invoked the idiom about the fox guarding the chicken coop – the notion that the entity responsible for protection is actually harmful.

Now Microsoft is set to become an even bigger player in security. Moskowitz said the company may start publishing security revenue or growth news, but not every quarter. The regularity may be similar, he said, to announcements about the use of its Teams communications app. Nadella said in January that Teams had 270 million monthly active users in the fourth quarter after not providing a comparable number in six months.

Moskowitz does not expect further acceleration for security revenue growth, but he said he would not be surprised to see the company drop tens of thousands of billions of dollars on an acquisition in the area.

“We think, strategically, that they will be far more interested in potentially acquiring strong cloud security assets, as opposed to a company that may have a legacy in the local world,” Moskowitz said.

It would not come cheap. Even after the market correction to start the year, cloud security companies are trading at some of the highest multiples in the technology industry, a reflection of how much companies spend on protecting their data.

CNBC’s Ari Levy contributed to this report.

WATCH: Microsoft ‘is a really durable breeder’, says Evercores Materne

Leave a Comment