Cyber security AI from Microsoft: our take on Inspire’s news

With cybersecurity remaining one of the greatest challenges for organisations today, this year’s Microsoft Inspire conference placed a premium on AI-powered security discussion. In our latest blog, we highlight the cyber security AI announcements and asked one of our experts to break down what they mean for the community, for us and for our clients.

Microsoft MDR and AI: a unique opportunity

With password attacks more than tripling in the last 12 months to more than 4,000 every second, the challenge for cybersecurity professionals is to stay ahead of the risks and provide secure and reliable defence. Managed Detection and Response (MDR) and Cyber Security Operations Centre (CSOC) services and technologies have never been more critical as organisations seek to shore up their cyber defences.

A unique opportunity now exists to build on the exceptional ability of Microsoft’s already existing security applications. While Microsoft’s Defender, Purview, Intune and Entra suites continue to offer significant innovation as part of their continuing evolution, two major announcements at Microsoft Inspire significantly expand Microsoft’s capabilities into new spaces.

Microsoft Security Copilot Early Access Program

Microsoft Security Copilot brings the power of generative AI to defensive security teams, providing rich explanatory insights about attacker tactics, techniques and procedures, and mitigations to detected threats.

Announced in March 2023, Security Copilot marked the introduction of one of the first generative AI security products to the market. At Microsoft Inspire, Security Copilot’s Early Access Program was announced, with customers and partners being invited to experience Microsoft’s security solution first-hand.

We asked our Head of Architecture Tristan Watkins for his take on these developments in cyber security AI. “We can’t wait to take the power of a GPT-powered natural language interface and use it with the deeply enriched security knowledge that Microsoft holds,” he said.

“Designed to work with various Microsoft and third-party tools, Microsoft Security Copilot has the capability to revolutionise cybersecurity defence.”

Investing in AI and cyber security

With research showing that by 2025, 60% of organisations will be using remote threat disruption and containment capabilities delivered by MDR, Microsoft is continuing to invest in its security partners.

As a Microsoft Intelligent Security Association (MISA) member and participant in many Microsoft advisory communities, Content+Cloud is excited to continue our work with security engineering teams to innovate and represent our client’s needs as this technology evolves.

Being a Microsoft MDR provider puts Content+Cloud at the forefront of modern solutions – and positions us well to help clients innovate with AI and cyber security.

“Great potential exists to use generative AI as an accelerant for hunting query creation,” said Tristan.

“As cyber attackers begin using AI technology more and more, cyber defence teams must also create opportunities to enhance their offensive capabilities with the same toolkit and the same level of sophistication.”

Small and medium business security with Microsoft Entra

Nowhere is the increase in cyber criminality more apparent than the focus of attackers on small and medium businesses (SMBs). With an 82% increase in cyber-attack activity against SMBs, and with many organisations lacking internal security specialists, more and more businesses are looking to expert external teams to secure their IT environments.

With this in mind, Microsoft is making it easier for partners to delivery excellent security services to their customers with continued updates to their security solutions. With rapid innovation across the entire Microsoft security portfolio, some of the biggest announcements at Microsoft Inspire concerned Microsoft’s Entra suite.

While Entra is known as the home of Microsoft’s Identity and Access Management cloud technologies, the recently announced Global Secure Access represents Microsoft’s entry into the Security Service Edge (SSE), or Zero Trust Network Access (ZTNA) market. The significant benefits for business that this leap forward in security infrastructure could bring are highlighted in Tristan’s recent blog on Global Secure Access.

“With the latest additions to Entra’s capabilities, Microsoft’s security solutions will reach the network in a way they never have before – and in a way that other vendors simply can’t replicate,” explained Tristan.

“For instance, users can now extend the power of Continuous Access Evaluation to any apps accessed through the new Private Access capability. If a threat is detected, we can take near-real-time revocation action, since access can be severed at the Global Secure Access endpoint.”

“No longer does security rely on waiting for access token to expire – we now have true, nearly-immediate revocation power to keep data and critical information safe. When many attacks warrant a time-to-respond measured in seconds or minutes, this new capability becomes truly transformative.”

Microsoft Inspire: cyber security and AI for a modern defence

The full set of cyber security AI announcements at Microsoft Inspire contains some truly innovative capabilities, which make for exciting reading to anyone passionate about cyber defence.

At Content+Cloud we believe that the new solutions can fully reshape an organisation’s network security posture, with Global Secure Access in particular representing a rare technology that truly supports Zero Trust principles.

Nevertheless, we understand that as threats evolve, and with new technologies appearing all the time, the challenge of keeping pace can seem overwhelming.

Content+Cloud’s managed cyber services and professional cyber services offer you the peace of mind that your security solutions are up to date and that you are secured and protected by a long-term, market-leading Microsoft-powered security strategy.