Microsoft spending on security R&D rivals Symantec

Microsoft is spending more than $1 billion on security research and development. Will that funding mean enterprises will curtail spending with independent security vendors?
Written by Larry Dignan, Contributor

Microsoft's spending on security research and development is on par with Symantec and highlights how the company has the potential to poach additional wallet share.

In a blog post highlighting Microsoft's security plans, the software giant said that it spends more than $1 billion a year on security research and development. To put that in context, that sum represents a bit more than 1 percent of Microsoft's annual sales and about 8.33 percent of what the company spent on research and development in fiscal 2015. Microsoft spends about 13 percent of its annual sales on R&D.

As a proxy, I compared Symantec's R&D spending. Symantec spent $1.14 billion on R&D and it's safe to assume most of that money went toward security in some form. Both Microsoft and Symantec man intelligence networks and monitor threats. Symantec's R&D spending amounted to 18 percent of annual sales.

Security in 2016: The death of advanced persistent threats | IT Budgets 2016: A CIO's Guide

What remains to be seen is whether Microsoft can poach security revenue or garner more wallet share in the enterprise. For Microsoft, a doormat on security years ago, the spending on protecting data is the cost of doing business. But as security is increasingly built into products and the cloud from the likes of Microsoft and Google you have to wonder what happens to independent vendors over time.

Here's where CIOs are placing their budget bets for 2016, according to ZDNet sister site Tech Pro Research.


Obviously, security is a key issue for the foreseeable future. The biggest takeaway is that every enterprise vendor is going to have to talk security and potentially outline its spending.

Speaking in Washington, Microsoft CEO Satya Nadella outlined the company's approach to security. The idea is that Microsoft tools will work together to forge an integrated security approach. The approach revolves around protecting, detecting and responding to threats.

Nadella's talk didn't reveal a ton of new insights, but it's worth noting how Microsoft is trying to create an "intelligent security graph" to combine data coming in from multiple points. Nadella talked about connecting signals from everything to PCs to mobile to servers to cloud to the Internet of things.

The hub of Microsoft's security efforts will be its Cyber Defense Operations Center, which will combine security pros, analysts, engineers, developers and managers in one place. Microsoft also has a group dedicated to enterprise security.

The big question is whether Microsoft customers are prepared to go with the software giant as a go-to security vendor too.

Editorial standards