Building cybersecurity resilience with generative AI

In the two or so minutes it will take you to read this post – there will be 480,000 attacks that Microsoft has blocked.

That’s 4,000 attacks per second, and just represents one vector of attack via identity authentication. The finding is from our annual digital defense report which has shown the sophistication, speed and scale of cyberattacks has only increased.

It’s clear that security is a defining challenge of our time. So how do we give defenders back the advantage?

Here at Microsoft, we are seeing 65 trillion cyber signals a day. This volume of data gives us a unique platform to provide intelligence to customers and partners around the world on how to respond.

A focus on cyber resilience can help tip the scales in favour of defenders

Our assessment is that we can build the next generation of cybersecurity defence by concentrating on cyber resilience.

Cyber resilience focuses on the organisation’s ability to recover and continue operating after an attack. It results from a successful mix of technology, procedural and strategic measures and requires cybersecurity to be elevated beyond a technical issue to a business function that adopts a mindset of anticipating and preparing for the impact of such attacks. It has four key focus areas: pre-empting; mitigating; automating and augmenting.

All of this will make sense to leaders and cybersecurity teams everywhere. But to make matters complicated, it is estimated that there is a shortage of about 500,000 cybersecurity professionals in Europe, which is stretching teams everywhere. And for many large organisations in Europe, the requirements of NIS2 Are rapidly coming over the horizon.

AI allows us to build effective cyber resilience

AI brings us a paradigm shift for defenders by enhancing all aspects of cyber resilience. It enables our cybersecurity talent to focus on the work that really matters – and less time firefighting and reacting.

Let’s start with pre-empting, which focuses on identifying and fixing security vulnerabilities before they can be exploited. You can’t defend against what you can’t see, and what Copilots are bringing is the ability to identify vulnerabilities across all endpoints, emails, identities and applications – giving analysts full visibility across the data estate.

Mitigating is the second. Attacks will happen and may eventually, get through. Generative AI can understand 500 lines of code in about a minute, which means that we can spot issues at machine speed and respond to them. And with the use of natural language prompts, security analysts can use this technology as an assistant as they respond. Microsoft Copilot for Security achieves this by providing an incident summary with immediate actions, such as the quarantining of compromised devices or identifying a view of people who have fallen victim to a phishing incident.

Next up is automation. By automating time-intensive jobs like reporting, security professionals have more time and energy to focus on the tasks that really matter. We’re seeing analysts save 60% of their time on reporting using the generative AI in Microsoft Copilot for Security, which means more time for higher-value work

The final is augmenting. This is not just about the technology. We need to help our teams be more impactful by upskilling them, which we can achieve by putting analysis and recommended next steps from cybersecurity incidents into natural language. This can only helping everyone to be more effective at what they do and open up the talent market to more people, which will be crucial in addressing our skills gap.

Resilient, secure organisations will use generative AI

For too long, the odds have remained stacked against cybersecurity professionals. With generative AI and tools like Microsoft Copilot for Security, we are making organisations more secure and resilient by enabling defenders to move at the speed and scale of AI.

And just like that, we’re at the two minute mark it may have taken you to read this article. In that time, Microsoft would have stopped just under 500,000 attacks worldwide, with generative AI being responsible for much of that defence.

If you’d like to read more about the impact of generative AI on your teams, I’d recommend exploring our resource on “Generative AI: The defender’s advantage”.