BLOG

Microsoft Security Copilot: Costs and Considerations

In an age where cyberattacks occur over 4,000 times per second globally, the need for advanced, AI-driven security tools has never been more urgent. Microsoft’s Security Copilot, is a generative AI-powered security solution that promises to transform the way organizations defend against cyber threats.

Designed to operate at machine speed and scale, Security Copilot aims to enhance the efficiency and capabilities of security professionals by offering a natural language, assistive experience. With ChatGPT and Copilot-like chat sessions, admins can fetch information from a variety of systems as they investigate and respond to incidents, as well as manage posture and communicate with their internal stakeholders. Given the complexity of enterprise-grade cybersecurity infrastructures, there is strong value in the simplification that Microsoft is delivering.

Why Consider Security Copilot?

The cybersecurity landscape has grown increasingly perilous. Microsoft reports a staggering rise in password attacks, from 579 per second to over 4,000 per second in just two years. Additionally, the global cost of cybercrime is projected to skyrocket from $3 trillion in 2015 to $10.5 trillion by 2025. Despite deploying an average of 80 security tools, organizations struggle with data overload, alert exhaustion, and limited visibility across solutions.

By leveraging over 78 trillion security signals processed daily by Microsoft, Security Copilot delivers tailored insights and guidance to users. This empowers customers to defend against sophisticated threats at AI-driven scale and speed.

Key Features of Microsoft Security Copilot

• Natural Language Interaction: Users can interact with security data and tools using conversational language, simplifying complex operations and making cybersecurity more accessible.

• Integration with Microsoft Security Products: Seamlessly integrates with tools like Microsoft Defender XDR, Microsoft Sentinel, Microsoft Intune, and Microsoft Entra to provide a unified security experience.

• Access to Global Threat Intelligence: Processes over 78 trillion security signals daily to offer up-to-date insights and guidance for better decision-making.

• Incident Investigation and Response: Provides step-by-step guidance for investigating and mitigating threats, enabling swift and effective responses.

• Script Analysis and Query Building: Translates complex scripts and queries into natural language, allowing security teams to perform technical tasks without requiring advanced programming expertise.

Understanding the Costs

Microsoft has introduced a new licensing model based on a metric called Security Compute Unit (SCU). An SCU quantifies the Azure compute capacity required for running Security Copilot, similar to other Azure services like virtual machines. See the Azure Pricing Calculator for more details:

SCU Pricing

• Hourly Cost: $4 per SCU
• Monthly Cost: $2,920 per SCU
•  Annual Cost: Approximately $35,000 per SCU

Microsoft recommends starting with a minimum of three SCUs for evaluation purposes, bringing the annual cost to just over $105,000. To ensure optimal performance and cost management, Microsoft provides monitoring tools to track SCU consumption. Organizations can also count this consumption toward any Microsoft Azure Consumption Commitment (MACC) agreements.

It’s worth noting that underestimating Azure requirements can lead to performance issues, while overestimating can inflate costs. Additionally, for large enterprises in particular, the SCU pricing model can get really expensive, really quickly.

Final Thoughts

As cyber threats grow more sophisticated, tools like Microsoft Security Copilot represent a solid evolution in the enterprise cybersecurity landscape. Speed, simplification, and responsiveness are critical to staying ahead of threats, and AI has the potential to deliver transformative value in each of these areas.

But, in the grand scheme, Microsoft’s AI capabilities are still nascent. As one reviewer put it, “Will this product revolutionize Security Operations completely right now? Probably not. Could it assist a security admin when solving an incident? In my opinion, absolutely.”

Historically, there is a short window for dealmaking with Microsoft as they try to accelerate adoption of new products across their enterprise customer base. Customers looking to take advantage of that window should carefully assess Security Copilot’s pricing structure in relation to their specific needs and budget. It's advisable to conduct a thorough cost-benefit analysis and consider trialing the service to determine its value within your organization's context.

Staying on top of changes to Microsoft’s offerings, licensing and pricing is tough – especially for large enterprises with sprawling Microsoft estates. NPI can help. Contact us.

Subscribe to Our Blog

Interested in Learning
More About NPI's Services?

Share This Post