Movatterモバイル変換

Advanced Search

Add as a preferred source on Google

News

Microsoft Touts Security Copilot for Emerging Threats

ByKurt Mackie
January 11, 2024

Organizations will need artificial intelligence (AI) tools to address coming attacks that will leverage AI, Microsoft suggested ina Wednesday announcement.

The announcement by Joy Chik, president of identity and access management at Microsoft, laid out general identity security "best practices" for organizations. They include using Microsoft Security Copilot, which currently is at the preview stage:

Empower your workforce with Microsoft Security Copilot.
Enforce least privilege access everywhere, including AI apps.
Get prepared for more sophisticated attacks.
Unify access policies across identity, endpoint, and network security.
Control identities and access for multicloud.

Microsoft Security Copilot, unveiled inMarch of last year, is currently at the "invitation-only Early Access Program" release phase. To try the Microsoft Security Copilot preview, organizations need to sign up through their Microsoft account representative, according to the FAQ section of thisMicrosoft Security landing page.

Attacks were on the rise in 2023 and attackers have shifted to other tactics, such as exploiting overprivileged "machine identity" permissions used by applications. On the AI front, "attackers are already using AI to launch, scale, and even automate new and sophisticated cyberattacks, all without writing a single line of code," Chik indicated.

AI service providers typically state that they oversee their large language models used for generative AI with the aim of reducing harmful use cases. Such controls apparently can be bypassed, per Chik's statement, although she didn't elaborate on the matter.

Microsoft previously described how Security Copilot willwork with Microsoft 365 Defender to analyze attack campaigns and automate the forensics. It also previously described how Security Copilotwill work with Microsoft Intune to better track device and user security issues.

Chik suggested that defensive measures using generative AI may emerge in security products sometime this year, presumably meaning Microsoft's products.

This year generative AI will become deeply infused into cybersecurity solutions and play a critical role in securing access…. To stay ahead of malicious actors, identity professionals need all the help they can get. Here's whereMicrosoft Security Copilot can make a big difference at your organization and help cut through today's noisy security landscape. Generative AI can meaningfully augment the talent and ingenuity of your identity experts with automations that work at machine-speed and intelligence.

The identity teams in organizations should get used to using generative AI tools and then "start building a company prompt library that outlines the specific queries commonly used for various company tasks, projects, and business processes," Chik added.

Organizations won't be able to just turn on multifactor authentication to meet the coming threat landscape, which may leverage sophisticated attacks via "token theft, cookie replay, and AI-powered phishing campaigns." Instead, organizations should take a "multilayered approach" to identity security, Chik suggested:

Start by implementing phishing-resistant multifactor authentication that is based on cryptography or biometrics such as Windows Hello, FIDO2 security keys, certificate-based authentication, and passkeys (both roaming and device-bound). These methods can help you combat more than 99% of identity attacks as well as advanced phishing and social engineering schemes.

Organizations can use machine learning with a Secure Web Gateway and continuous access evaluation to help address "sophisticated attacks like token theft and cookie replay," Chik added. She also suggested using Microsoft Authenticator to deal with "multifactor authentication fatigue" attacks, which is a method attackers use to bypass a secondary authentication measures. Microsoft Entra Permissions Management can be used to control identities for organizations leveraging multicloud environments.

Lots more best practices were advocated in the announcement, mostly for organizations using the whole fleet of Microsoft Entra identity and security products. The AI integration with Security Copilot apparently is coming, possibly this year, but the timing wasn't indicated.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

Meet Agent 365, Microsoft's Solution for Enterprise AI Orchestration
New enterprise-grade platform designed to manage the growing population of AI agents in the workplace.
Microsoft Boosts Copilot with Intelligent Agents, Added Security Integrations
Microsoft unveiled a sweeping evolution of its Copilot platform, embedding more proactive AI agents into the Microsoft 365 suite and enhancing its role across Office apps, Outlook and enterprise security tools.
Microsoft, Nvidia and Anthropic AI Pact: Billions in Funding, Azure Compute and Claude Integration
Microsoft, Nvidia and Anthropic are joining forces through a multibillion-dollar investment and infrastructure partnership aimed at accelerating AI adoption across the enterprises.
Study: Hidden Cloud Storage Fees Catch IT Leaders Off Guard
A recent survey reveals that the vast majority of IT leaders are blindsided by unexpected cloud storage fees.