How PwC and Microsoft help streamline redundant, outdated security stacks

Example pattern for mobile
Example pattern for desktop


  • Employing too many solutions can create confusion, but rationalization can produce fewer applications that are easier to manage.
  • Portfolio rationalization can help secure cloud computing, augment existing cyber compatibility and reduce spending.
  • Portfolio rationalization can help companies take advantage of security features in platforms including Microsoft 365.

As cybersecurity incidents continue to soar, so too will the number and complexity of security solutions. To address the increasing and evolving threats to cybersecurity, many businesses have responded by adding best-of-breed point solutions to their repertoire.

But deploying multiple technologies can create a tangle of disparate and vulnerable software, making it more difficult to understand and manage your security stack. Simply put, employing too many cybersecurity solutions creates confusion, which could impede your organization from meeting its business goals.

Fortunately, solutions exist to help move to a more simple but more secure footing. Jointly developed by PwC and Microsoft, Portfolio Rationalization is an effective way to simplify your security technology stack.

If your organization consistently invests in various point security defenses, you will most likely run into trouble when it comes to integrating and maintaining multiple cybersecurity tools. Add to that the operational and business challenges of the COVID-19 pandemic, and things can start to get overwhelming. By reducing the number of applications that your security team uses, portfolio rationalization will leave your organization with fewer applications that are easier and less expensive to manage.

Although it is recognized by security leaders as an effective tool for updating security software and strengthening threat detection and management capabilities, portfolio rationalization also has a reputation for being time-consuming, expensive and disruptive. But portfolio rationalization is far less expensive and disruptive than a data breach. According to research from the Ponemon Institute, the average cost of a data breach in 2021 is $9 million — a price that some organizations simply can’t pay.1

And while rationalization has traditionally required months — or even years — to fully execute, it doesn’t have to be so time-consuming. Portfolio Rationalization from PwC and Microsoft can be completed in four to six weeks, giving business leaders the opportunity to quickly see the cost benefits and operational efficiencies. It incorporates Microsoft security technologies to help your organization streamline its software and boost security capabilities using cloud platforms. And according to PwC research, businesses expect rising reportable incidents, such as malware (66% of survey respondents), attacks on the software supply chain (64%) and ransomware (64%).2

Potential benefits of Portfolio Rationalization

Gain in-depth visibility into and control of cybersecurity technologies

Inform strategic purchasing and license-renewal decisions

Identify overlapping capabilities and unused technology functions

Benefit from cost comparison of multiple point solutions

Improve integration of technologies to streamline security monitoring

Reduce cybersecurity spending

PwC and Microsoft will work closely with your organization to create a customized process that sunsets unused or duplicated applications. It can also help you take advantage of security features in platforms including Microsoft 365 (M365): a bundle of services that includes the Office 365 productivity suite and additional security tools.

With M365, businesses can easily identify and protect sensitive data in unstructured data sources like Office 365, SharePoint, OneDrive and traditional on-premise file-share applications. M365 also makes it easier to use advanced tools like artificial intelligence (AI) and automation to analyze current risks, identify new threats and track compliance.

Supporting both on-premise and single cloud-based platforms like M365, Portfolio Rationalization from PwC not only identifies opportunities to help secure cloud computing, but can also augment existing cyber compatibility and help reduce spending.

1 Ponemon Institute, Cost of a Data Breach 2021, July 2021
2 PwC, US Digital Trust Insights Snapshot Survey 2021, June 21, 2021

Insights from PwC’s Cyber & Privacy Innovation Institute

Be cyber-ready for tomorrow

See how PwC and Microsoft can help you make sense of your security stack.

Learn more

Chad Gray

Cyber, Risk & Regulatory, PwC US


Manu Subbaiah

Director, Cybersecurity, Privacy & Forensics, PwC US


Kevin McCall

Manager, Cybersecurity, Privacy & Forensics, PwC US


Next and previous component will go here

Follow us