Microsoft Strategic Initiative
Charls Yang, Yining Xie, Andres Hoberman, Kyle Pauling
Good afternoon everyone. My name is Charles, this is Lizzie, Andres, and Kyle. Today, we are going to present a strategic initiative plan for microsoft for the 2018 fiscal year and beyond.
Cybersecurity
The topic we want to focus on and bring to the business’s attention today is cybersecurity. For those who are unfamiliar, Cybersecurity refers to a set of techniques used to protect the integrity of networks, programs, and data from attack and unauthorized access.
Cybercrime Portfolio
Cyber attacks
Security vulnerabilities
Disclosure of personal data
Network outages and data loss
Disruption of online services
All threaten long-term customer loyalty, security, firm revenue, and firm reliability
Activities that cybersecurity tries to prevent include but are not limited to cyber attacks, etc etc. which all threaten customer relations, security of our firm, our revenue, as well as firm reliability.
Increasing Prevalence
The reason why cybersecurity has come on our radar now is because of the steady increases of attacks in the last few years. The two biggest reasons for this are the boom of the internet of things as well as the underground market. When we implement software in all areas of our life, there will be more opportunities for cybercriminals to target.
Cybercrime Costs
Cybersecurity spending to exceed $1 trillion from 2017-2021
Cybersecurity Costs
Average cost of ~$12 – $17M per incident
Data Breaches
Overall costs to hit $6 trillion annually by 2021
Cybercrime Costs
$325M in damages caused by global ransomware
Damaged caused by global ransomware to surpass $5B in 2017. A 15x from 2015
Global Ransomware
Cybersecurity- Our Business Segments
Personal Computing
Windows OS
82.96% market share
Dependence on the OS by customers like the U.S. Department of Defense or the biggest banks in the world like JP Morgan Chase
A bug that restricts computer usage or alters functions could cause damage to millions of devices and users’ information
Apple macOS password glitch this week; hurts their sales
Intelligent Cloud
Azure, Dynamics 365
Links multiple networks and is the backbone of the firm’s infrastructure
Stores business and personal data
Leaks or hacks can expose personal banking or other sensitive information
Late 2010, Microsoft cloud breach allowed anybody to see employee information
Productivity & Business Processes
Office, Exchange, Skype, Outlook, LinkedIn, ERP, CRM
Office (Commercial and 365)
Over 1 billion users
Excel contains financial information that can benefit hackers
Powerpoint can contain interfirm information that is not public yet
Office 365 breach June 2016
57% of users affected
Ransom note that also included an audio warning
Next Steps
The Solution
Acquire new resources to boost cyber security through:
Organic
Internal departmental growth
Acquisitions
Complete control of external resources
Alliances
Partial control of external resources
Organic
New hirings and large investments in top intellectual capital from universities, cyber security firms
Develop software with top security measures in every step of the production chain, including post-purchase
Less expensive, but takes longer to acquire new resources than Acquisitions or Alliances
Past Acquisitions
Hexadite
Go from alert of breaches to remediation in minutes
$100 million
Secure Islands
Advanced data security solutions
Adallom
Cloud security
Emphasis on Office 365
All have kept MSFT at a high standard of security
But must keep strengthening to sustain more attacks
Future Acquisitions
Move capital into long term investment for the future of the firm
Acquire small cybersecurity firms and integrate more, which will have additional costs (like they have in the past)
Acquire established cybersecurity firms for large amounts of capital and let them keep their independence, while focusing exclusively on Microsoft
Symantec, LifeLock, Fortinet
Alliances
Partner with top cyber security firms in response to the developing needs
IBM Security
Customized enterprise security portfolio to disrupt new threats, deploy security innovations and reduce the cost and complexity of IT security
Parent company, IBM, is one of MSFT’s major competitors
MSFT has partnered with competitors in the past (Apple)
Alliance governance can be through equity (like they did with Apple), a contract, or some combination
Alliances
Cisco
Host of products and services for threat detection and prevention
Cloud security, Virtual Private Networks, Email and server security
Sophos
Sophos Mobile 7 – latest of its Enterprise Mobility Management solutions
BAE Systems
Operates in 5 areas: electronic systems, cyber and intelligence systems, intelligence and security systems, applied intelligence, and platforms and services
Offers flexible solutions for Microsoft’s different needs
PARTS M&M Framework
People – Organic approach = MSFT only; Acquisition or Alliance = MSFT + others
Activities – At all levels of operations from code development to server maintenance to IT infrastructure and networking
Resources – Human and intellectual capital, corporate capital, network and technological expertise
Timing – Now and always ongoing, cyber threats are constantly evolving
Symbols – Trust in competitors if an alliance is formed while acquisitions demonstrate market power and MSFT’s resources
Measurements – # of attacks defended, time online services are down, data lost
Milestones – After an attack to review damages
Our Strategic Initiative Plan
Partner with IBM Security
Through a contractual agreement and equity purchase
Demonstrate commitment and trust in the partnership
Combined resources can offer the most secure services and products
Make more acquisitions and alliances as needed in the future since the threat is growing
Appendix
Source: Symantec