- This new initiative will bring together all areas of Microsoft for the development of new cybersecurity tools.
- The initiative is built on three pillars: AI-based cybersecurity, advances in software engineering, and advocacy for greater enforcement of international standards.
- The company is committed to developing an AI “cyber shield” that will be designed to protect customers and countries around the world.
In recent months, Microsoft has concluded that the speed, scale and increasing sophistication of cyberattacks require a new global response. To that end, the company today launched a new initiative to continue the next generation of cybersecurity protection, the Secure Future Initiative (SFI), which will have three pillars focused on AI-based cybersecurity, advances in software engineering and advocating for greater enforcement of international standards to protect civilians from cyber threats.
As shared last month in Microsoft’s Digital Defense Report, implementing cybersecurity practices enables effective protection against the vast majority of cyber attacks. However, attackers, with greater funding power, are innovating and responding with more aggressive and even more sophisticated practices than in the past. About 40% of nation-state attacks in the past two years have targeted critical infrastructure such as power grids, water systems and healthcare facilities. While enterprises with an effective level of security can manage these threats, attacks are becoming more frequent and complex, targeting mainly smaller and more vulnerable organizations, including hospitals, schools and local governments.
AI-based cybersecurity
Microsoft is committed to developing an AI-based “cyber shield” that will be designed to protect customers and countries around the world. Its global network of data centers and use of advanced AI models place the company in a leading position in putting this technology to work for cybersecurity.
As part of the Secure Future Initiative, Microsoft will accelerate this goal on several fronts. The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Threat Analysis Center (MTAC) are already using advanced AI tools and techniques to detect and analyze threats and cyberattacks. These features are being extended directly to customers who, through Microsoft security technologies, can extract and analyze data from a variety of sources.
In addition, AI is a game-changer because it also addresses one of the biggest challenges in cybersecurity: the shortage of skilled professionals. Microsoft Security Copilot combines large language models with a security-specific model that has a variety of Microsoft competencies and threat intelligence. This tool is able to generate natural language recommendations from complex data, resulting in greater effectiveness and responsiveness in threat monitoring to help organizations prevent and stop attacks at machine speed.
New advances in engineering
In addition to new AI capabilities, a more secure future will require new advances in software engineering. Through the Secure Future Initiative, Microsoft seeks to create a new standard of security that is present in how technology is designed, built, tested and how it will work.
The challenges of today’s cybersecurity threats and the opportunities created by generative AI have been a tipping point for software engineering. The evolutionary phase of the security development lifecycle (SDL), which Microsoft created in 2004, will now be called “dynamic SDL” or dSDL. This will allow you to apply systematic processes to continuously integrate cybersecurity against emerging threat patterns as engineers program, test, deploy and operate Microsoft systems and services. It is also combined with additional engineering measures, including AI-driven secure code analysis and the use of GitHub Copilot to audit and test source code against advanced threat scenarios.
As part of this process, over the next year, Microsoft will provide customers with more secure default settings for multi-factor authentication (MFA). This will augment current standard policies for a wider range of customer services. The next step is to strengthen identity protection against highly sophisticated attacks: identity-based threats, such as password attacks, have increased tenfold in the last year, and nation-states and cybercriminals have developed more sophisticated techniques for stealing and using login credentials.
More effective enforcement of international standards
Finally, Microsoft believes that AI-based defenses and engineering advances must implement a third critical component: more effective enforcement of international norms in cyberspace.
In 2017, during the Geneva Convention, Microsoft advocated for a set of principles and standards that should govern the behavior of states and non-state actors in cyberspace. There is a need to strengthen and elevate the norms necessary to protect civilians in cyberspace from a wide variety of digital threats. Six years after that call, there is an urgent need for stronger and broader public engagement by the community to more forcefully oppose cyberattacks against civilians and critical infrastructure for all. Microsoft is renewing its efforts to bring together governments, the private sector and civil society to advance more effective implementation of international standards that promote cybersecurity.