Microsoft announced its “Secure Future” initiative, and the reason for its creation is the increasing speed, scale and sophistication of cyber attacks.
“The past year has brought to the world an almost unparalleled and diverse array of technological change. Advances in artificial intelligence are accelerating innovation and reshaping the way societies interact and operate. At the same time, cybercriminals and nation-state attackers have unleashed opposing initiatives and innovations that threaten security and stability in communities and countries around the world”, Brad Smith, vice chair and president of Microsoft, wrote in a blog post.
The Secure Future Initiative consists of three main components: defences that use artificial intelligence, advances in software engineering, and international norms to protect civilians from cyber threats.
In the realm of artificial intelligence, the company aims to establish an “AI-powered cybersecurity barrier” geared towards safeguarding both customers and nations. The company is actively enhancing its internal protective capabilities, with the intention of applying these technologies directly to bolster customer security.
Furthermore, there are plans to leverage AI in addressing the existing shortage of cybersecurity professionals, which stands at approximately 3 million individuals. A key player in this endeavor is the Microsoft Security Copilot, utilizing AI for the detection and response to security threats. Microsoft Defender for Endpoint will also harness AI-driven detection mechanisms to enhance device security.
“As a company, we are committed to building an AI-based cyber shield that will protect customers and countries around the world. Our global network of AI-based datacenters and use of advanced foundation AI models puts us in a strong position to put AI to work to advance cybersecurity protection”, Smith wrote.
Microsoft is set to enhance its security stance against identity-based attacks by refining the user, device, and service verification procedures throughout its product range. To achieve this, Microsoft intends to transition to a novel key management system with an architecture that renders keys inaccessible in cases where the foundational security protocols are compromised.
The ultimate objective within this framework is to slash the time allocated to addressing vulnerabilities by half, all while promoting greater transparency in event reporting within the industry.
Lastly, the company is committed to promoting wider global adoption of security measures. This commitment follows the company’s establishment of the Digital Geneva Convention in 2017, which outlined a framework of “principles and norms governing the conduct of both state and non-state entities in cyberspace.” While acknowledging the progress made by many governments since then, the company believes that going forward, a more comprehensive and overarching commitment is imperative.