Microsoft pledges cybersecurity overhaul to protect products and services

Microsoft has announced the launch of the Secure Future Initiative (SFI) to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. The new initiative will bring together “every part of Microsoft” to advance cybersecurity protection incorporating three pillars focused on AI-based cyber defenses, advances in fundamental software engineering, and advocacy for stronger application of international norms, stated Brad Smith, vice chair and president of Microsoft.

“In recent months, we’ve concluded within Microsoft that the increasing speed, scale, and sophistication of cyberattacks call for a new response,” Smith said. The announcement follows recent criticism levied against Microsoft over the security of its products and services in relation to a major breach that targeted its Azure platform.

Today’s cyber threats emanate from well-funded operations, skilled hackers

Today’s cyber threats emanate from well-funded operations and skilled hackers who employ the most advanced tools and techniques, Smith wrote. “Whether they work for geopolitical or financial motives, these nation-states and criminal groups are constantly evolving their practices and expanding their targets, leaving no country, organization, individual, network, or device out of their sights.” These threat actors don’t just compromise machines and networks, but they also pose serious risks to people and societies, he added. “They require a new response based on our ability to utilize our own resources and our most sophisticated technologies and practices.”

Microsoft commits to AI-enhanced intelligence, threat response, security principles

Microsoft is committed to building an AI-based cyber shield that will protect customers and countries around the world, Smith said. “Our global network of AI-based datacenters and use of advanced foundation AI models puts us in a strong position to put AI to work to advance cybersecurity protection. As part of our SFI, we will continue to accelerate this work on multiple fronts.”

First, Microsoft is taking new steps to use AI to advance its threat intelligence with the Microsoft Threat Analysis Center (MTAC) using advanced AI tools and techniques to detect and analyze cyber threats. “We are extending these capabilities directly to customers, including through our Microsoft security technologies, which collects and analyzes customer data from multiple sources,” according to Smith. “While threat actors seek to hide their threats like a needle in a vast haystack of data, AI increasingly makes it possible to find the right needle even in a sea of needles.” Coupled with a global network of datacenters, Microsoft intends to use AI to detect threats at a speed that is as fast as the internet itself, Smith added.

Second, Microsoft is using AI as a “gamechanger” for all organizations to help defeat cyberattacks at machine speed. “With a global shortage of more than three million people, organizations need all the productivity they can muster from their cybersecurity workforce. Additionally, the speed, scale, and sophistication of attacks creates an asymmetry where it’s hard for organizations to prevent and disrupt attacks at scale,” Smith said. Microsoft’s Security Copilot combines a large language model (LLM) with a security-specific model that has various skills and insights from Microsoft’s threat intelligence, generating natural language insights and recommendations from complex data to help make analysts more effective and responsive, he added.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button