Microsoft Launches New Cybersecurity Strategy in Response to Latest Attacks

Microsoft announced significant changes to the way the company handles software security this week - here's what's happening.

In the wake of several high-profile cyberattacks exploiting various aspects of Microsoft’s security and cloud infrastructure in the past few years, the tech giant has decided to launch a new initiative that seeks to overhaul the company’s approach to software security.

One of the highlights of the new initiative is Microsoft’s plans to use Artificial Intelligence – including Microsoft Secure Copilot – to improve its resolve as it fends off attacks from sophisticated, state-backed actors.

Microsoft Launches Secure Future Initiative

“In recent months, we’ve concluded… that the increasing speed, scale, and sophistication of cyberattacks call for a new response,” Microsoft said in a blog post published this week announcing the new Secure Future Initiative.

The company also revealed that “new nation-state cyber activity targeting critical infrastructure organizations across the United States” utilizing “sophisticated, patient, stealthy, well-resourced, and government-backed techniques to infect and undermine the integrity of computer networks” have proved to be the catalyst behind the security overhaul.

Along with these larger, state-backed threats, Microsoft notes that the company is tracking more than 120 smaller-scale (but still very sophisticated) ransomware-as-a-service affiliates, which also have the power to wreak havoc on critical infrastructure and are still very much at large.

 

About Tech.co Video Thumbnail Showing Lead Writer Conor Cawley Smiling Next to Tech.co LogoThis just in! View
the top business tech deals for 2024 👨‍💻
See the list button

The new initiative will be made up of three different pillars: AI-based cyber defense, advancing software engineering and development, and advocacy for better protection for civilians through the implementation of international cybersecurity norms.

How Microsoft Plans to Use AI to Battle Threats

A key part of Microsoft’s secure focus initiative involves harnessing the power of AI to make its systems safer – the company is taking “new steps” to use AI within Microsoft’s Threat Intelligence framework.

Microsoft says it plans to provide customers with some of these capabilities too and use AI to reduce the current delays experienced during vulnerability patching processes.

The tech behemoth is also using AI to assist security analysts and make them more effective at their jobs. Microsoft Security Copilot – a security-focused AI tool that launched in March 2023 – can make security and system management recommendations based on analysis of vast amounts of complicated data.

Microsoft notes that the company is deploying its AI technology in accordance with its rules of responsible AI, but said its AI code of ethics may have to evolve and change alongside the technology, which is developing at a rapid pace.

Will the Attacks Keep On Coming?

Microsoft has been targeted in a number of high-profile cyber attacks over the past few years, with the most recent involving a flaw in Microsoft’s cloud-based messaging platform Exchange Online (OWA)” and their email service, Outlook.com.

Microsoft was widely criticized at the time, with Tenable CEO Amit Yoran calling the company’s sluggish response “grossly irresponsible, if not blatantly negligent.”

Preceding this was the SolarWinds attack in 2020, during which Microsoft’s systems were used to continue what turned out to be one of the most sophisticated, damaging cyberattacks to ever take place.

These sorts of threats aren’t just going to disappear. But perhaps the biggest change to the way the company has approached security and cyber threats for almost two decades is quite an emphatic response.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Aaron Drapkin is Tech.co's Content Manager. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol six years ago. Aaron's focus areas include VPNs, cybersecurity, AI and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, Cybernews, Lifewire, HR News and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, ProPrivacy, The Week, and Politics.co.uk covering a wide range of topics.
Explore More See all news
Back to top
close Building a Website? We've tested and rated Wix as the best website builder you can choose – try it yourself for free Try Wix today