IT Brief Asia - Technology news for CIOs & IT decision-makers
Story image
Microsoft backs professionals with new AI Security Copilot
Thu, 30th Mar 2023

Microsoft has announced it is bringing the next generation of AI to cybersecurity with the launch of Microsoft Security Copilot.

Security Copilot is designed to give defenders a better tool to quickly detect and respond to threats and better understand the threat landscape overall. It will combine Microsoft’s threat intelligence footprint with the expertise to augment the work of security professionals through an easy-to-use AI assistant.

“Today the odds remain stacked against cybersecurity professionals. Too often, they fight an asymmetric battle against relentless and sophisticated attackers,” says Vasu Jakkal, corporate vice president, Microsoft Security. 

“With Security Copilot, we are shifting the balance of power into our favour. Security Copilot is the first and only generative AI security product enabling defenders to move at the speed and scale of AI.

"Security Copilot is designed to work seamlessly with security teams, empowering defenders to see what is happening in their environment, learn from existing intelligence, correlate threat activity, and make more informed, efficient decisions at machine speed."

Simplifying complexity and accelerating responses

In a world where there are 1,287 password attacks per second, fragmented tools and infrastructure have not been enough to stop attackers. And although attacks have increased 67% over the past five years, the security industry has not been able to hire enough cyber risk professionals to keep pace. This has led to defenders who are overwhelmed searching for well-disguised attacks within an impossibly large volume of expanding network traffic and other signals.

Security Copilot will simplify complexity and amplify the capabilities of security teams by summarising and making sense of threat intelligence, helping defenders see through the noise of web traffic and identify malicious activity.

It will also help security teams catch what others miss by correlating and summarising data on attacks, prioritising incidents and recommending the best course of action to swiftly remediate diverse threats, in time.

Continually learning to augment the expertise of security teams

Security Copilot will also continually learn and improve to help ensure that security teams are operating with the latest knowledge of attackers, their tactics, techniques and procedures. The product will provide ongoing access to the most advanced OpenAI models to support demanding security tasks and applications. Its visibility into threats is powered by both the customer organisation’s security data and Microsoft’s vast threat analysis footprint.

"These capabilities can empower security teams of any size with the skills and abilities of much larger organisations," says Jakkal. 

"In addition, Security Copilot helps address skills shortages in cybersecurity by bridging knowledge gaps and enhancing workflows, threat actor profiles and incident reporting across teams."

Charlie Bell, executive vice president, Microsoft Security, adds, "Advancing the state of security requires both people and technology — human ingenuity paired with the most advanced tools that help apply human expertise at speed and scale.

“With Security Copilot we are building a future where every defender is empowered with the tools and technologies necessary to make the world a safer place.”

Built on the Microsoft platform and industry-leading threat intelligence

Microsoft is uniquely qualified to help customers explore and adapt AI to boost their cybersecurity defenses. Microsoft Security is actively tracking more than 50 ransomware gangs as well as more than 250 unique nation-state cybercriminal organisations, and receives 65 trillion threat signals every day. Microsoft technology blocks more than 25 billion brute-forced password theft attempts every second, and more than 8,000 security professionals at Microsoft analyse more security signals than almost any other company — on average Microsoft’s Security Operations Center analysts utilise over 100 different data sources.

Acquisitions like RiskIQ and Miburo give Microsoft breath of signal and depth intelligence on threat actors that no one else has. Security Copilot also integrates natively with a growing list of Microsoft Security products, such as Microsoft Sentinel and Microsoft Defender, to help customers create an end-to-end experience across their entire security program.