Asked about experts’ arguments that Microsoft’s strategy of profiting off of cybersecurity is incompatible with a security-first mindset, Faehl says, “We would disagree with that characterization.”
I’m not going to argue strongly for this, but there’s a certain irony that if the defender suite (defender for identity, defender for cloud apps, fervently for office, and defender for endpoint) was instantly unlocked in their plan 2 version for every subscriber for free, that would kill a huge segment of the security market including some of the industry leaders like SentinelOne huntress labs, and even SEIM providers like splunk and Arctic wolf and dozens more. The XDR and identity management industry would instantly be forced into an anti competitive environment.
There’s an argument for ‘but if they built it secure, then you wouldn’t need to bolt on detections’. I think a relevant metaphor is you buy a house, but then you add detection like cameras and intrusion detection. Make sure the locks on the doors and windows aren’t bypassed.
So I would think there is some nuance. And frankly for small business the cost for m365 business premium which has all of that, including a bunch of information protection and data loss prevention. You just actually have more of a configuration requirement that nearly none of my customers I onboard ever have done…
The part of the story I hate the most:
I’m not going to argue strongly for this, but there’s a certain irony that if the defender suite (defender for identity, defender for cloud apps, fervently for office, and defender for endpoint) was instantly unlocked in their plan 2 version for every subscriber for free, that would kill a huge segment of the security market including some of the industry leaders like SentinelOne huntress labs, and even SEIM providers like splunk and Arctic wolf and dozens more. The XDR and identity management industry would instantly be forced into an anti competitive environment.
There’s an argument for ‘but if they built it secure, then you wouldn’t need to bolt on detections’. I think a relevant metaphor is you buy a house, but then you add detection like cameras and intrusion detection. Make sure the locks on the doors and windows aren’t bypassed.
So I would think there is some nuance. And frankly for small business the cost for m365 business premium which has all of that, including a bunch of information protection and data loss prevention. You just actually have more of a configuration requirement that nearly none of my customers I onboard ever have done…