Cybersecurity

Microsoft Strategic Initiative

Charls Yang, Yining Xie, Andres Hoberman, Kyle Pauling

Good afternoon everyone. My name is Charles, this is Lizzie, Andres, and Kyle. Today, we are going to present a strategic initiative plan for microsoft for the 2018 fiscal year and beyond.

Cybersecurity

The topic we want to focus on and bring to the business’s attention today is cybersecurity. For those who are unfamiliar, Cybersecurity refers to a set of techniques used to protect the integrity of networks, programs, and data from attack and unauthorized access.

Cybercrime Portfolio

Cyber attacks

Security vulnerabilities

Disclosure of personal data

Network outages and data loss

Disruption of online services

All threaten long-term customer loyalty, security, firm revenue, and firm reliability

Activities that cybersecurity tries to prevent include but are not limited to cyber attacks, etc etc. which all threaten customer relations, security of our firm, our revenue, as well as firm reliability.

Increasing Prevalence

The reason why cybersecurity has come on our radar now is because of the steady increases of attacks in the last few years. The two biggest reasons for this are the boom of the internet of things as well as the underground market. When we implement software in all areas of our life, there will be more opportunities for cybercriminals to target.

Cybercrime Costs

Cybersecurity spending to exceed $1 trillion from 2017-2021

Cybersecurity Costs

Average cost of ~$12 – $17M per incident

Data Breaches

Overall costs to hit $6 trillion annually by 2021

Cybercrime Costs

$325M in damages caused by global ransomware

Damaged caused by global ransomware to surpass $5B in 2017. A 15x from 2015

Global Ransomware

Cybersecurity- Our Business Segments

Personal Computing

Windows OS

82.96% market share

Dependence on the OS by customers like the U.S. Department of Defense or the biggest banks in the world like JP Morgan Chase

A bug that restricts computer usage or alters functions could cause damage to millions of devices and users’ information

Apple macOS password glitch this week; hurts their sales

Intelligent Cloud

Azure, Dynamics 365

Links multiple networks and is the backbone of the firm’s infrastructure

Stores business and personal data

Leaks or hacks can expose personal banking or other sensitive information

Late 2010, Microsoft cloud breach allowed anybody to see employee information

Productivity & Business Processes

Office, Exchange, Skype, Outlook, LinkedIn, ERP, CRM

Office (Commercial and 365)

Over 1 billion users

Excel contains financial information that can benefit hackers

Powerpoint can contain interfirm information that is not public yet

Office 365 breach June 2016

57% of users affected

Ransom note that also included an audio warning

Next Steps

The Solution

Acquire new resources to boost cyber security through:

Organic

Internal departmental growth

Acquisitions

Complete control of external resources

Alliances

Partial control of external resources

Organic

New hirings and large investments in top intellectual capital from universities, cyber security firms

Develop software with top security measures in every step of the production chain, including post-purchase

Less expensive, but takes longer to acquire new resources than Acquisitions or Alliances

Past Acquisitions

Hexadite

Go from alert of breaches to remediation in minutes

$100 million

Secure Islands

Advanced data security solutions

Adallom

Cloud security

Emphasis on Office 365

All have kept MSFT at a high standard of security

But must keep strengthening to sustain more attacks

Future Acquisitions

Move capital into long term investment for the future of the firm

Acquire small cybersecurity firms and integrate more, which will have additional costs (like they have in the past)

Acquire established cybersecurity firms for large amounts of capital and let them keep their independence, while focusing exclusively on Microsoft

Symantec, LifeLock, Fortinet

Alliances

Partner with top cyber security firms in response to the developing needs

IBM Security

Customized enterprise security portfolio to disrupt new threats, deploy security innovations and reduce the cost and complexity of IT security

Parent company, IBM, is one of MSFT’s major competitors

MSFT has partnered with competitors in the past (Apple)

Alliance governance can be through equity (like they did with Apple), a contract, or some combination

Alliances

Cisco

Host of products and services for threat detection and prevention

Cloud security, Virtual Private Networks, Email and server security

Sophos

Sophos Mobile 7 – latest of its Enterprise Mobility Management solutions

BAE Systems

Operates in 5 areas: electronic systems, cyber and intelligence systems, intelligence and security systems, applied intelligence, and platforms and services

Offers flexible solutions for Microsoft’s different needs

PARTS M&M Framework

People – Organic approach = MSFT only; Acquisition or Alliance = MSFT + others

Activities – At all levels of operations from code development to server maintenance to IT infrastructure and networking

Resources – Human and intellectual capital, corporate capital, network and technological expertise

Timing – Now and always ongoing, cyber threats are constantly evolving

Symbols – Trust in competitors if an alliance is formed while acquisitions demonstrate market power and MSFT’s resources

Measurements – # of attacks defended, time online services are down, data lost

Milestones – After an attack to review damages

Our Strategic Initiative Plan

Partner with IBM Security

Through a contractual agreement and equity purchase

Demonstrate commitment and trust in the partnership

Combined resources can offer the most secure services and products

Make more acquisitions and alliances as needed in the future since the threat is growing

Appendix

Source: Symantec