Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Announces New Secure Future Initiative to Counter Evolving Cyberthreats

Key Takeaways:

Microsoft has announced a new Secure Future Initiative to enhance its threat intelligence capabilities and provide AI-powered security tools to detect and mitigate cyberthreats at scale.

Microsoft is introducing mandatory multi-factor authentication, securing identity signing keys, and accelerating the mitigation of cloud vulnerabilities.

Microsoft advocates for stronger international standards to protect against state-sponsored cyberattacks.

Microsoft announced this morning its new Secure Future Initiative (SFI) to protect customers against the evolving threat landscape. The initiative comprises three pillars of advanced protection, focusing on:

AI-based cyber defenses
software engineering advancements
and industry-setting standards for a more secure future.

Microsoft Vice Chair and President Brad Smith highlighted that ransomware attacks have increased by over 200 percent. Since September 2022, threat actors have increasingly targeted small businesses, schools, hospitals, and local governments. It is important to note that over 80 percent of successful ransomware attacks stem from unmanaged devices.

“Whether they work for geopolitical or financial motives, these nation states and criminal groups are constantly evolving their practices and expanding their targets, leaving no country, organization, individual, network, or device out of their sights,” Microsoft President Brad Smith said today. “They require a new response based on our ability to utilize our own resources and our most sophisticated technologies and practices.”

The executive detailed the following new initiatives to protect customers and civilians against state-backed cyber-attacks:

AI-powered cyber defense mechanism

Microsoft has once again emphasized its commitment to implementing cyber defense mechanisms to safeguard its customers worldwide. The company is extending its threat intelligence capabilities to help customers detect and analyze security threats. Microsoft also highlighted investments in tools and technologies to ensure that its Responsible AI principles and practices are closely tied to product design.

Additionally, Microsoft highlighted it offers various security tools that use AI to help organizations block and mitigate cyber-attacks at scale. For instance, Microsoft Security Copilot is a new AI assistant that allows cybersecurity professionals to identify security breaches. Moreover, Microsoft Defender for Endpoint leverages AI to protect laptops, phones, and servers in enterprise environments.

Microsoft Announces New Secure Future Initiative to Counter Evolving Cyber Threats — Microsoft Security Copilot

New software engineering advances

Microsoft has committed to three engineering advances to enhance software design, development, and testing of its products and platforms.

Over the next year, the company will introduce mandatory multi-factor authentication (MFA) and other on-by-default security settings to boost out-of-the-box protection. The ultimate goal is to make it harder for the threat actors to impersonate users.

Secondly, Microsoft plans to move identity signing keys to more secure Azure Dedicated Hardware Security Modules (HSMs) and confidential computing infrastructure. It should help to ensure that signing keys remain encrypted at rest, in transit, and during computational processes.

Lastly, Microsoft will expedite the process of mitigating cloud vulnerabilities by 50 percent. It also aims to remove traditional software vulnerabilities by promoting memory-safe languages, including Python, C#, Rust, and Java.

Microsoft’s Secure Future Initiative calls for robust application of international norms

Last but not least, Microsoft has urged to enforce stronger international standards to safeguard civilians against state-sponsored cyber-attacks. All countries should refrain from deliberately injecting security flaws to compromise critical infrastructure such as medical care, food, water, and energy. States should also prevent cybercriminals from breaching cloud services within their jurisdiction.

It’s important that governments must collaborate to ensure accountability when nations cross established boundaries. “But especially when it comes to nation state activity, cybersecurity is a shared responsibility. And just as tech companies need to do more, governments will need to do more as well. If we can all come together, we can take the types of steps that will give the world what it deserves – a more secure future,” Smith emphasized.

by Rabia Noureen
Nov 2, 2023

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

Streamlining SaaS Governance: How Nudge Security Simplifies Compliance and Security Management for Cloud Apps

Oct 30, 2023
Nov 03, 2023
Webinar: Learn How to Keep Critical Web Apps Online and Sensitive Data Secure

May 9, 2023
The Ultimate Guide to Web Application Firewalls (WAF)

Jun 20, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.