Microsoft has launched a new initiative called “Secure Future Initiative” (SFI) across the company to advance cybersecurity protection and to tackle the evolving cyber threat landscape.
This new initiative comprises three key pillars — AI-based cyber defences, advances in fundamental software engineering, and advocacy for stronger application of international norms to protect civilians from cyber threats.
Under AI-based cyber defences, the tech giant aims to use AI to detect and respond to cyber threats rapidly. By utilising advanced AI tools and techniques, Microsoft’s Threat Intelligence Center will enhance its threat analysis capabilities.
“As a company, we are committed to building an AI-based cyber shield that will protect customers and countries around the world. Our global network of AI-based datacenters and use of advanced foundation AI models puts us in a strong position to put AI to work to advance cybersecurity protection,” Brad Smith, Vice Chair and President, Microsoft, said in a blogpost on Thursday.
As explained by the company, it will be using AI as a game-changer for all organisations to help defeat cyberattacks at machine speed as well as securing AI in their services based on their Responsible AI principles.
“We recognise that these new AI technologies must move forward with their own safety and security safeguards. That’s why we’re developing and deploying AI in our services based on our Responsible AI principles and practices,” Smith said.
In addition to new AI capabilities, the company said a more secure future will require new “advances in fundamental software engineering”.
Under this, the company will transform the way they develop software with automation and AI.
As part of this process, over the next year, they will enable customers with more secure default settings for multifactor authentication (MFA) out-of-the-box, expanding their current default policies to a wider band of customer services.
The tech giant will also strengthen identity protection against highly sophisticated attacks and will be pushing the envelope in vulnerability response and security updates for our cloud platforms.
Lastly, under the stronger international norms to protect civilians from cyber threats, the company will call for a public endorsement of red lines that governments should not cross, particularly in the context of critical infrastructure and cloud services.
“The year has not been lacking in hard proof of nation-state actions that violate these norms. What we need now is the type of strong, public, multilateral, and unified attributions from governments that will hold these states accountable and discourage them from repeating the misconduct,” Smith stated.
