Much of the investor attention surrounding Microsoft (NASDAQ:MSFT) addresses the prospects of cloud computing and the generative offerings of artificial intelligence. Although the tech giant has other growth levers – including devices, video games and more – according to to KeyBanc Capital Markets.

“This [cybersecurity] “It’s not entirely a secret – if it is, it is poorly guarded – but the factors that make the security offer attractive to end customers – breadth – also make it tough for the company itself to break through the wider behemoth” – analyst Jackson Ader wrote in a note to clients, adding that Microsoft’s entire cybersecurity portfolio has a combined business value of $100 billion.

Security is likely to add 1-1.5% to growth through 2027, but if Microsoft were to maintain “sustainable market share” (as it has in recent years), it could add more than 2% to that growth in a few years same date, Ader said.

“If share growth continues, security revenues could double between 2023 and 2027. Gartner estimates that Microsoft’s security industry gained 0.9% market share over two years. If this pace continues over the next two years and then begins to decline slightly, which is our case, we estimate that Microsoft’s security revenue could reach more than $39 billion in 2027, more than double the $19 billion estimated for 2023 ” – wrote Ader.

Six safety buckets

Microsoft divides its security products into six product families and three focus areas: identity, endpoint, and cloud.

Current products generate annual revenues exceeding $20 billion. However, estimated growth in teen sales over the next few years will likely result in an additional $10 billion in sales by 2027, Ader said.

The six areas are Defender, Sentinel, Entra, Purview, Priva and Intune, each offering different capabilities and solutions, from everything including physical firewalls to newer products such as secure access services edge offerings.

And while some security offerings are included in Office 365 subscriptions, depending on license tier or tuning, there are additional sales opportunities for advanced features like Defender and XDR.

Of the six areas, Entra (formerly known as Active Directory) and Defender are two key areas of strength, Ader said, citing the size of the installed base and the fact that they are close to the customer’s everyday use.

Entra is the all-in-one identity and network access product group, covering everything from user authentication, permissions, access control and more. It has been widely adopted for its protocols, such as requiring multi-factor authentication and an identity management solution that adds another layer of security on top of Entra ID.

“Access management’s battle against OKTA (OKTA) disruption over the past decade has been a bright spot, and with Defender, we see endpoint as a natural place for Microsoft to lead, especially when it comes to artificial intelligence with co-pilot and detection and response capabilities. ” – wrote Ader in a note to investors.

Microsoft Defender has many capabilities, including Defender for XDR (integrated suite of security products); Cloud Defender; DevOps security operational solution; Discovery products and much more.

Another solution is Microsoft Purview, a data management solution that helps companies with data security, data management, risk and compliance.

Microsoft Priva is another bucket that allows companies to manage their data landscape. Possibilities include automating privacy assessments; privacy risk management; scanning trackers on company websites; consent management; and individual rights requests, which make it easier for companies to respond to and comply with requests from individuals regarding the personal data companies collect from them.

Microsoft Intune is a cloud-based endpoint management solution that manages user access to organizational resources and manages devices (mobile, desktop, virtual endpoints).

And finally: the artificial intelligence aspect.

Artificial intelligence is becoming increasingly useful in cybersecurity as threats become more sophisticated and responses need to keep pace. In April, Microsoft made its Copilot for Security solution “general,” allowing companies to ask questions on topics such as incident response, threat detection, intelligence, and more.