Nov 17 2023

Microsoft Ignite 2023: What AI Could Mean for the Future of Security

Microsoft Security Copilot is an artificial intelligence-powered assistant with a security-focused model that aims to bolster defenses. Here’s what the company revealed at Ignite 2023.

When Charlie Bell joined Microsoft two years ago as executive vice president of security, it was clear to him that cybersecurity threats were growing “at an alarming rate,” with attacks increasing in frequency and sophistication at a pace that left organizations scrambling to keep up. Bell led off the Microsoft Ignite session “The Future of Security with AI” with these learnings, setting the stage for the importance of looking toward the future of cybersecurity.

With Bell were Microsoft’s Vasu Jakkal, corporate vice president of security; Sherrod DeGrippo, director of threat intelligence strategy; and Scott Woodgate, senior director of security marketing. They all made clear the stunning scale of the cyberthreats posed to organizations worldwide today.

“Ransomware has truly become a gig economy,” Bell said. “If the drag on the world’s gross domestic product through cybercrime were itself a world economy, it'd be ranked No. 3 behind the U.S. and China.”

“This whole anti-economy and the speed, scale and sophistication of these attacks has really become exponential,” Jakkal added. “We're seeing 10 times the increase in password-related attacks, growing from 3 billion to 30 billion in the same time frame, year over year.”

Add to this situation the increasing complexity of IT environments and cyber talent shortages, and it’s clear that organizations are on their heels when it comes to warding off threats. So what’s next? How do defenders gain the edge against bad actors? Organizations are now looking toward automation tools and artificial intelligence to make security practices faster and more efficient.

Click the banner below to access personalized premium content after Microsoft Ignite 2023.

How Microsoft Leverages AI for Security with Security Copilot

In the session, Bell said Microsoft provides three advantages against threat actors:

  1. Data and threat intelligence
  2. Integrated, end-to-end protection
  3. Secure AI

According to Jakkal, these three elements drive innovation and let Microsoft help businesses protect their environments end to end from every angle, including security, compliance, identity and access management, threat protection and cloud security. But AI in particular will “turbocharge” security innovations, she said.

“We can now harness everything we see and everything we own with AI expertise that transcends the knowledge that any one individual could amass,” Bell added.

According to Bell, Security Copilot is more than just a chat application that legacy vendors may provide. Instead, Security Copilot is a security-specific AI tool that uses the latest AI models from OpenAI — currently GPT-4 — and combines that technology with a Microsoft-developed, security-specific model, Microsoft’s Global Threat Intelligence, enhanced with cyber skills and promptbooks. 

DISCOVER: How AI fuels the IT network of the future. 

Microsoft Announces Unified Security Operations Platform 

“Security Copilot isn’t just summarizing a prompt. It’s reasoning over multiple data sources to do at machine speed what would take hours for a human to do,” Bell said.

Users can ask Security Copilot natural language questions on any security matters, including what’s going on in their environment, which incidents to focus on, how to manage them and what the impact is on their organization. Ideally, Copilot greatly lessens the alert fatigue that security teams experience as they receive hundreds of alerts from their security platforms on potential threats.

Additionally, the Microsoft team during the session announced the creation of a unified security operations platform that combines Copilot; Defender, Microsoft’s extended detection and response solution; and Sentinel, the company’s security information and event management solution.

“Every second counts when it comes to an incident. Analysts and security operations centers are always working to reduce their mean time to respond,” said Sherrod DeGrippo. “To help them, we’ve reimagined security operations with a streamlined workflow … enriched with more AI, more automation and more guidance.”

Bookmark this page to follow all of BizTech’s Microsoft Ignite 2023 coverage, and follow along on X (formerly Twitter) at @BizTechMagazine.

Shutthiphong Chandaeng/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.