According to Dark Reading, Microsoft has spent the cash coming up with a new “holistic” type of security which apparently does not involve crystals, spangley music or poisons diluted by lots of water.
Vole’s chief information security officer Bret Arsenault wants his company’s strategy to appear in the company’s internal network and across its Windows, Office, and cloud offerings to customers.
To do that Vole will gather threat intelligence from sensors and customers and then uses it for detection, protection, and responding to security events.
Microsoft’s $1 billion in security spending this year includes Microsoft’s “organic” investments and three security firms. These have included behavioural learning and Active Directory security firm Aorato, cloud security firm Adallom, and most recently, data and file protection firm Secure Islands.
Arsenault said that Microsoft had always done a good job in caring about writing secure code and making secure services.
“We needed to do more to protect endpoints and get intelligence from the cloud … so we’re making investments in a number of areas,” he said.
Microsoft Enterprise Cybersecurity Group (ECG), focuses on sales and services in “nothing but cyber defence,” he said. This group will work with Microsoft’s security partners and the Office 365 and Azure teams, too, for example, he said.
ECG will provide security assessments, monitoring, threat detection, and incident response to Microsoft customers.
Microsoft has also opened a state-of-the-art Cyber Defence Operations Centre (CDOC) which co-locates members of the company’s internal security team, Microsoft Security Response Centre, security experts in Azure, Windows, Office 365, security analysts, as well as its Digital Crimes Unit and other groups, for detecting and responding to threats in real-time.
The idea is to have all the different bits of the glorious Volish empire working together to create security features in Windows 10, Office 365, Azure, and Enterprise Mobility Suite work together to prevent password-related attacks, data loss, and malware.