News

Nadella Unveils Microsoft's New $1 Billion Security Vision

In a talk that might one day go down as the start of Microsoft's "Trustworthy Computing 2.0" era, CEO Satya Nadella on Tuesday described his company's plans to elevate security beyond the code level.

Speaking at the Government Cloud Forum in Washington, D.C., Nadella reported on the progress Microsoft has made to address today's security threat landscape. He unveiled Microsoft's vision of creating an "intelligent security graph" out of its new Cyber Defense Operations Center, based in Redmond, Wash., as well as Microsoft's plan to invest $1 billion in R&D to build security into Windows, Azure and Office 365.

He touted the numerous new security features in Windows, Office 365 and -- with the private preview release of the Azure Security Center -- the Azure public cloud. Julia White, Microsoft's general manager for Office 365, appeared onstage to demonstrate the new features.

Nadella also spoke of the huge escalation in breaches this year, saying that "2015 has been a tough year around cybersecurity. Just the top eight or so data breaches have led to 160 million data records to being compromised." According to Nadella, it takes an average 229 days for an organization to detect an intrusion. He suggested that Microsoft's intelligent security graph will help reduce the time it takes to discover and respond to threats.

Nadella described the graph as a framework for gathering and sharing real-time intelligence across every Microsoft product, ranging from sensors, Xbox consoles and Windows devices to datacenters and the public cloud. Nadella said Microsoft is sharing the graph with a new ecosystem of partners.

At the center of the graph is Microsoft's Cyber Defense Operations Center, located on its Redmond campus. It is essentially a war room that Microsoft uses to detect threats in advance and to share information with all of its related product and service groups, as well as its partners.

"We don't have silos. We actually have people who are able to, in real-time, connect the dots between what's happening across all of these services," Nadella said "That operations center, and the output of the operations center, is this intelligence graph that is being used in turn by our products to create security in the products themselves, and we share that intelligence broadly with our customers [and] with our partners."

Among the partners that Microsoft has tapped to integrate their security offerings with the Azure Security Center are firewall suppliers Barracuda, Trend Micro, Cisco, Fortinet and Checkpoint. The company has also recruited partners whose wares will integrate with the Microsoft Enterprise Mobility Suite's Intune service. The integration will let those partners -- among them Adobe, Acronis, Box, Citrix, Foxit and SAP -- use the policy, security settings and data protection capabilities of Intune.

"Box for EMM [enterprise mobility management] with Intune...is the only way that customers can fully manage and secure Office files on mobile devices," explained Chris Yeh, senior vice president of product and platform at Box, in a blog post. "With the offering, users can determine which applications interact with Box and access corporate content, and implement additional controls and policies on Box and other managed applications."

Microsoft founder and former CEO Bill Gates launched the company's Trustworthy Computing initiative over a decade ago, though it was shuttered last year as part of a round of job cuts. Although Nadella didn't explicitly describe his talk on Tuesday as a sequel to the original, he did suggest that Microsoft is now taking Gates' Trustworthy Computing vision a step further, moving the focus from software development to operations.

"Fourteen years ago, Bill Gates wrote about Trustworthy Computing as a priority for Microsoft, and we have made tremendous amount of progress on it," Nadella said. "But with this changing environment, which is no longer just about our code, and the threat modeling and the testing, but is in fact about the operational security posture that we have in this constantly evolving environment, this constantly under attack, the operational security posture to me is where it all starts."

A replay of Nadella's talk is available here.

About the Author

Jeffrey Schwartz is editor of Redmond magazine and also covers cloud computing for Virtualization Review's Cloud Report. In addition, he writes the Channeling the Cloud column for Redmond Channel Partner. Follow him on Twitter @JeffreySchwartz.

Featured

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Curvey Stone Steps Graphic

    Microsoft Makes Run at 5G, Edge Computing with Azure Edge Zones

    Microsoft is promising to enable new edge computing scenarios for partners and developers with Azure Edge Zones, which became available as a preview this week.

  • Microsoft's Entire 2020 Event Lineup Going 'Digital-First'

    In response to concerns about the ongoing coronavirus (COVID-19) pandemic, Microsoft is transitioning all of its big conferences in 2020 to be online only.

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.