SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Microsoft expands AI security capabilities amid rising cyber threats
Fri, 17th Nov 2023

Microsoft has announced an expansion of its artificial intelligence (AI) capabilities for security. The move comes as the cyber threat landscape continues to increase in complexity and sophistication. The global cost of cybercrime is forecasted to reach $10.5 trillion by 2025, up from $3 trillion in 2015, according to Cybersecurity Ventures. Moreover, security teams are struggling against data deluge and alert fatigue due to the use of approximately 80 different security tools. The rise in password attacks from 579 per second to over 4,000 per second in the last two years has further underscored the necessity of such advancements.

Vasu Jakkal, Corporate Vice President of Security, Compliance, Identity, and Management at Microsoft, wrote, "One of the advantages for security teams is their view of the data field—they know how the infrastructure, user posture, and applications are set up before a cyberattack begins." To level the playing field, Microsoft Security offers a large-scale data advantage of 65 trillion daily signals, monitors more than 300 cyber threat groups and provides insights on cyberattacker behaviours from more than 1 million customers and over 15,000 partners.

The company's new AI solution, Microsoft Security Copilot, leverages this immense data advantage along with end-to-end security built on the principles of Zero Trust. This combination aims to alter the asymmetry of the digital threat landscape in favour of security teams. It is designed to meet the increasingly pressing need for cybersecurity professionals, as there are currently estimated to be three million unfilled positions in the sector.

According to a recent study, novice analysts using Microsoft's Security Copilot demonstrated a 44 percent improvement in task accuracy, performing tasks 26 percent faster. Moreover, 86 percent of respondents reported a boost in the quality of their work, with 83 percent stating that the solution reduced their effort, made them more productive and would be their preferred tool for future tasks.

Highlighting Copilot's potential impact, an early adopter from Willis Towers Watson suggested Microsoft Security Copilot could be a "change accelerator". They noted: "The ability to do threat hunting at pace will mean that I'm able to reduce my mean time to investigate, and the faster I can do that, the better my security posture will become."

The company also unveiled the industry's first generative AI-powered unified security operations platform with built-in Copilot. This new offering addresses the challenge faced by security operations teams that struggle to manage disparate security toolsets from various technologies and apps. The unified security operations platform combines the capabilities of Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Security Copilot, streamlining triage processes and enabling holistic views of threats across the digital estate. The platform operates at machine speed, allowing it to prevent, detect, and disrupt cyberattacks rapidly while delivering simplicity and approachable conversational experiences to aid security operations centre teams.

This new suite of expanded capabilities across Microsoft's security portfolio and commitment to the future of security using AI holds the promise of providing security teams with a robust tool for contemporary challenges and reshaping the digital threat landscape.