Using network-based text analysis to analyze trends in Microsoft's security innovations

As the use of networked computers and digital data increase, so have the reports of data compromise and malicious cyber-attacks. Increased use and reliance on technologies complicate the process of providing information security. This expanding complexity in supplying data security requirements coupled with the increased recognition of the value of information, have led to the need to quickly advance the information security area. In this paper, we examine the maturation of the information security area by analyzing the innovation activity of one of the largest and most ubiquitous information technology companies, Microsoft. We conduct a textual analysis of their patent application activity in the information security domain since the early 2000's using a novel text analysis approach based on concepts from social network analysis and algorithmic classification. We map our analysis to focal areas in information security and examine it against Microsoft's own history, in order to determine the depth and breadth of Microsoft's innovations. Our analysis shows the relevance of using a network-based text analysis. Specifically, we find that Microsoft has increasingly emphasized topics that fall into the identity and access management area. We also show that Microsoft's innovations in information security showed tremendous growth after their Trustworthy Computing Initiative was announced. In addition, we are able to determine areas of focus that correspond to Microsoft's major vulnerabilities. These findings indicate that while Microsoft is still actively, albeit not always successfully, fighting vulnerabilities in their products, they are quite vigorously and broadly innovating in the information security area.