Microsoft has announced the launch of a new program to advance security engineering amidst escalating threats and the prospect of AI-supported cyber attacks.
The Secure Future Initiative forms part of a concerted effort at Microsoft to bolster security capabilities and support customers from rising threats.
As part of the announcement, Microsoft said it plans to introduce new AI-powered tools to support its own internal cyber security practices, and is focusing heavily on delivering more secure, robust products and services.
In a blog post announcing the new program, Microsoft president and vice chair Brad Smith said the Microsoft Threat Analysis Center (MTAC) plans to implement advanced AI systems to detect and analyze cyber threats and improve the company’s threat intelligence levels.
Smith added these capabilities will also be made available to all Microsoft customers through its security technologies.
AI will also be used to help neutralize cyber attacks “at machine speed” through Microsoft’s Security Copilot, Smith said.
The generative AI assistant combines a large language model (LLM) with a security-specific model to support security practitioners in daily operations.
The Copilot has been hailed as a potentially groundbreaking tool for security practitioners in the wake of its launch, with industry stakeholders describing it as a ‘game changer’.
“The speed, scale, and sophistication of attacks creates an asymmetry where it’s hard for organizations to prevent and disrupt attacks at scale,” Smith said.
“Microsoft’s Security Copilot combines a large language model with a security-specific model that has various skills and insights from Microsoft’s threat intelligence.
“It generates natural language insights and recommendations from complex data, making analysts more effective and responsive, catching threats that may have been missed and helping organizations prevent and disrupt attacks at machine speed.”
Delivering ‘secure by design’ software
Microsoft also plans to focus heavily on accelerating advances in software engineering, according to Smith. This will include using AI to inform how the company develops its software.
It announced the evolution of its Security Development Lifecycle to ‘dynamic SDL’, or dSDL, which will continuously integrate the latest security measures as it develops, tests, deploys, and operates its systems and services.
A major part of Microsoft’s redoubled security efforts will be to significantly increase the speed of vulnerability responses and security updates.
In a memo released by Microsoft’s head of security Charlie Bell, he announced the time it takes to mitigate cloud vulnerabilities could be cut by 50% through the use of AI.
Get insights that will support your future IT strategies
DOWNLOAD NOW
Bell also discussed the importance of having a unified identity management system across all Microsoft products and platforms to protect against identity-focused espionage.
“To stay ahead of bad actors, we are moving identity signing keys to an integrated, hardened Azure HSM and confidential computing infrastructure," he said. "In this architecture, signing keys are not only encrypted at rest and in transit, but also during computational processes as well.”
In terms of the wider cyber security sector, Microsoft also committed to taking a more public stance against vendors using NDAs to prohibit third-party researchers from sharing vulnerabilities with the wider community.
Calls for stronger international norms around cyber security
Smith reiterated the company’s call in 2017 for a Digital Geneva Convention that would codify a set of principles and norms to govern the behavior of state and non-state actors in cyberspace.
“All states should commit publicly that they will not plant software vulnerabilities in the networks of critical infrastructure providers such as energy, water, food, medical care, or other providers.
“They should also commit that they will not permit any persons within their territory or jurisdiction to engage in cybercriminal operations that target critical infrastructure.”
Microsoft believes these international norms should extend to the security of cloud services, which represent critical infrastructure to various aspects of society and outlined three related commitments.
Why is the Secure Future Initiative being launched?
The Secure Future Initiative is aimed at improving security for customers against cyber threats which Microsoft predicts will increase in frequency and complexity over the coming years.
In October 2023, Microsoft published its Digital Defence Report, which included a number of findings that signaled a significant uptick in the scale, scope, and sophistication of cyber attacks over the previous year.
These findings showed government-sponsored spying and influence operations are on the rise, with 120 countries being subject to cyber attacks of some variety since 2022.
The report also revealed attackers are increasingly implementing AI to refine their attacks. This involved using AI to improve phishing messages as well as create better synthetic imagery to improve influence operations.
