U.S. software firm Microsoft will continue to invest over $1 billion annually on cybersecurity research and development in the coming years, a senior executive said.
This amount does not include acquisitions Microsoft (MSFT) may make in the sector, Bharat Shah, Microsoft vice president of security, told Reuters on the sidelines of the firm’s BlueHat cybersecurity conference in Tel Aviv.
“As more and more people use cloud, that spending has to go up,” Shah said.
While the number of attempted cyberattacks was 20,000 a week two or three years ago, that figure had now risen to 600,000-700,000, according to Microsoft data.
Long known for its Windows software, Microsoft has shifted focus to the cloud where it is dueling with larger rival Amazon.com (AMZN) to control the still fledgling market.
In October it said quarterly sales from its flagship cloud product Azure, which businesses can use to host their websites, apps or data, rose 116%.
In addition to its internal security investments, Microsoft has bought three security firms, all in Israel, in a little over two years: enterprise security startup Aorato, cloud security firm Adallom, and Secure Islands, whose data and file protection technology has been integrated into cloud service Azure Information Protection.
Financial details of these deals were not disclosed.
Get Data Sheet, Fortune’s technology newsletter.
“If you are talking about an ecosystem with more than 400 startups it’s not really a coincidence. Israel is huge in security,” said Secure Islands founder Yuval Eldar.
Microsoft’s venture arm has also made three cybersecurity investments in Israel, including this week an undisclosed amount in Illusive Networks, which uses deception technology to detect attacks and has been installed at banks and retailers.
Earlier this month Microsoft said it invested in Israel’s Team8, which created Illusive Networks.
Though Microsoft does not have any near-term plans to implement deception technology, “we look at lots of different technologies that might be of use in the future,” Shah said.
Shah believes that in the next year or so progress should be made in moving towards broader implementation of user authentication without need for a password.
Microsoft’s Windows 10 operating system includes Windows Hello, which allows users to scan their face, iris or fingerprints to verify their identity and sign in.
