Microsoft's New Security Chief Replaces Eight Executives, Betting on AI Defense

Claire Weston
Published todayAbout 8 min read

Four months into the job, Microsoft's new security head Hayete Gallot has replaced at least eight executives and cut hundreds of roles, redirecting resources toward AI-powered security products — driven by slowing security revenue growth and rising competition from Anthropic and OpenAI.

01

Four months in — who was replaced and what was cut?

Hayete Gallot took over as security chief in February and has already replaced at least eight senior managers who previously reported to her predecessor Charlie Bell.
In Microsoft's broader layoffs this month, her division lost hundreds of positions — out of a team of more than 10,000.
This means → This is not fine-tuning. It is a management-layer overhaul to install a new leadership bench behind a new strategic direction.
02

Where are resources going — and what is being scaled back?

Gallot is prioritizing four product lines: the OpenAI-powered Security Copilot, code-vulnerability scanning tools, enterprise AI-agent tracking products, and the endpoint-protection flagship Defender.
Being scaled back: the legacy threat-detection platform Sentinel, on the grounds that its revenue contribution is limited.
In plain terms = products that can be branded as AI security get more budget; the rest get less. This is a full pivot to AI-driven defense.
03

How much has security revenue growth slowed?

Microsoft's security revenue grew from roughly $10 billion in 2021 to over $20 billion in 2023 — but the company has stopped disclosing the figure separately since then.
This means → When a company stops breaking out a metric, the growth rate is usually no longer impressive enough to highlight.
The bulk of security income currently comes from bundled sales with Office and Windows (that unit generated $121 billion last year); Gallot's team sells through the cloud division ($106 billion last year).
04

What has changed in the competitive landscape?

Anthropic and OpenAI are emerging as new threats to Microsoft's security business — large enterprises are paying AI providers significant fees for cyber defense and code-vulnerability testing.
The catalyst: Anthropic's Mythos model, which triggered a wave of new enterprise spending. Microsoft wants to build competing tools to capture a share of this emerging market.
Palo Alto Networks and CrowdStrike have both reported rising sales, reflecting accelerating enterprise investment in AI-threat defense.
05

What is the test for whether this restructuring succeeds?

Gallot has publicly criticized last autumn's decision to bundle Security Copilot into the E5 enterprise suite, arguing it gave away a product that could have scaled independently.
In an internal memo, she wrote that the industry is "being redefined from the ground up" and urged her team to "act with urgency."
In plain terms = the success metric is singular: can the new revenue from AI security products fill — and then exceed — the gap left by cutting back legacy products?

Content is for reference only, not financial advice.

Microsoft's New Security Chief Replaces Eight Executives, Betting on AI Defense · nashnova