This Cloud Wars Special Report features a discussion with Bob Evans and Chris Hughes diving into the impact of Microsoft’s recent security issues on customers and discuss the implications for its competitors in the cybersecurity and cloud markets.
Highlights
CEO Response (00:14)
Microsoft and its customers continue to endure cybersecurity challenges. A software update from CrowdStrike impacted millions and cost billions in lost revenue. There were also two recent Azure cloud outages.
In the spring, both CEO Satya Nadella and executive vice president of Microsoft’s security business, Charlie Bell, came out with big public statements about security and trust. “Hey, we’re going to redo everything we’re doing about security . . .” Then, they went silent for the next 100 days, Bob says.
Chris points out that those in the cybersecurity space may remember when Microsoft, years ago, introduced the secure software development lifecycle and the big push for security to be a top priority. It’s a couple of decades later and it feels like Groundhog Day.
Customer Impact (03:58)
The Cyber Safety Review Board (CSRB) report was detailed and exhaustive. It said Microsoft’s culture and mindset around security is wrong. Meanwhile, there are customers whose multimillion- or multibillion-dollar businesses are resting on decisions Microsoft makes, and the biggest, most influential technology company in the world is dead silent on this issue.
Chris says customers are very frustrated. It’s difficult to rip and replace some of these things. These are not architectural changes that can be made overnight with these tools, platforms, technologies, and software. People are frustrated, and they’re looking to see how to go about addressing this. Should we look at alternative products and vendors? How do we try to hold Microsoft more accountable? How can we see if their actions are going to follow their words?
Ask Cloud Wars AI Agent about this analysis
Competitive Threats (08:05)
Bob thinks we will get to a point where customers say, “As difficult as the change might be, we’re going to do it anyway because staying with it just doesn’t seem to be a viable alternative.” Amazon CEO Andy Jassy, in the last two earnings calls, said, “Anybody paying attention to what’s going on with security sees there are some real bad things happening out there. We’re putting more and more emphasis on our security issues.” Google Cloud says with the Workspace Suite, “You need a better alternative when you’ve got hundreds of thousands, millions of people using these applications.” Oracle has always put a lot of emphasis on security, but Oracle’s going to be a little careful now because it’s a partner with Microsoft.
Coming back to Microsoft, Nadella chose to speak on the company’s recent earnings call about security: “We will continue, as always, to prioritize security.” But if you’re going to say that, what is the proof? You make these big, broad comments but don’t back them up. That’s what undercuts trust.
Security Market Impact (10:42)
Chris is seeing security products companies also lean into Microsoft’ challenges. People look to Microsoft for security operation centers (SOCs), security information and event management (SIEM), E5 licensing, enterprise security, and products integrated into Azure. But now, some security products companies and players are looking to see if they can chip away at that competitive advantage and get more play with these potential customers. There is a market opportunity for others to come in.
Bob thinks Microsoft has been blindsided by this. It just wasn’t paying enough attention. He doesn’t think Satya Nadella has faced a situation like this before. If Bob was a customer, he’d say, “Look, you want my trust? You either win it back or I’m going to do everything I can to exert the leverage I have over you.”
