Microsoft’s Commitment to a Secure Future
In an environment of persistent and evolving cyberthreats, Microsoft is actively working to enhance cybersecurity for its customers and allies. Brad Smith, Vice Chair and President of Microsoft, emphasized cybersecurity as a collective responsibility during his June 2024 testimony before the US House Homeland Security Committee. This commitment is underscored by the company’s comprehensive initiatives and strategic partnerships.
.jpg)
Brad Smith, Vice Chair and President of Microsoft.
The Microsoft Digital Defense Report 2024 highlights the increasing sophistication of cyberattacks. The report identifies Russian-backed groups, such as Star Blizzard, as actively engaging in spear-phishing campaigns. North Korean actors are diverting funds from cryptocurrency markets, while Iranian groups are utilizing ransomware and criminal tactics to disrupt global businesses. These threats, along with the impact from non-nation-state hackers, are putting pressure on organizations to adapt their security strategies, balancing resilience with quick responses to safeguard crucial systems and data.
Smith told the House Homeland panel, “We recognise that Microsoft plays a unique and critical cybersecurity role, not only for our customers, but for this country. And not only for this country, but for this nation’s allies.” This role encompasses a variety of products and services, including cloud services operating through data centers in 32 countries. Microsoft also undertakes broad cybersecurity efforts, in close collaboration with the US and allied governments.
Microsoft continually monitors threat actors to understand their attack targets, techniques, and motivations. According to the Digital Defense Report, the number of tracked actors increased by more than five times in 2024 alone. Password attacks surged to over 7,000 per second from 579 per second in 2021. The average organization took 194 days to identify a data breach and 64 days to contain the breach. These timeframes provide ample opportunity for malicious actors to exploit vulnerabilities, compromise data, and inflict significant financial and reputational damage.
Proactive Security Measures
Joy Chik, President of Identity and Network Access at Microsoft, emphasizes a proactive approach to security in her blog “Three priorities for adopting proactive identity and access security in 2025.” She writes, “If 2024 taught us anything, it’s that a proactive, no-compromises approach to security is essential for 2025 and beyond. Adopting proactive defensive measures is the only way to get ahead of such determined efforts to compromise identities and gain access to your environment.”
To meet these challenges, Microsoft launched the Secure Future Initiative in November 2023. The initiative, based on six key pillars, aims to enhance security by protecting identities and secrets, tenants, and networks, alongside system and engineering systems. It also focuses on continuous threat monitoring and incident response and remediation.
To set an example, Microsoft is reinforcing its own defenses. As part of the “protect tenants and isolated systems” pillar, Microsoft executed a full inventory of its internal environment, removing 730,000 unused applications and 5.75 million inactive tenants. Multi-factor authentication (MFA) has also been implemented to promote secure-by-default practices. A 2023 Microsoft research paper, “How effective is multifactor authentication at deterring cyberattacks?” indicated that over 99 percent of MFA-enabled accounts remained secure during the study, and MFA reduced the risk of compromise by 99%.
As a result, Microsoft now mandates MFA for anyone logging into the Azure portal, Microsoft Entra, and Intune administrative centers and enforced this requirement for the Microsoft 365 admin center in February 2025. Phase two will broaden MFA implementation to Azure CLI, Azure PowerShell, and more, coupled with recommendations to move user-based service accounts to workload identities.
Safeguarding AI Initiatives
The rapid adoption of generative AI presents both opportunities and risks. According to IDC’s 2024 AI opportunity study, the utilization of generative AI among business leaders increased from 55% to 75% in 2024. As companies employ AI for customer service, automation, and product development, there is a growing need to address accompanying data protection and governance.
Vasu Jakkal, Corporate Vice President of Microsoft Security, notes that “Over 95 per cent of organisations are implementing or developing an AI strategy, which necessitates the need for accompanying data protection and governance strategies.”
To address these issues, Microsoft has created solutions to protect AI initiatives. Microsoft has developed a comprehensive approach to protect AI. It includes Prompt Shields for real-time detection of malicious prompts and safety evaluations to test an application’s susceptibility to adversarial prompts. Cybersecurity researchers have noted that cybercriminals can manipulate AI models by tricking them into ignoring system rules via prompt attacks. These attacks fall to the categories of direct attacks, such as jailbreaks, and indirect attacks where a malicious prompt can reveal data via an email assistant, for instance. These can be found in the Microsoft blog post, “Safeguarding AI against jailbreaks.” Microsoft’s Azure AI Foundry helps AI developers identify and manage the risk of prompt attacks.
Microsoft Security Copilot, launched in April 2024, aims to level the playing field by using Microsoft’s security data and OpenAI’s GPT models to simplify security tasks. “That’s why I love generative AI – because I think this tool is going to make it easy for everyone to become a defender,” remarks Jakkal.
According to Microsoft’s Generative AI and Security Operations Center Productivity: Evidence from Live Operations report, Security Copilot has reduced the time to resolve security incidents by 30% and increased accuracy by 47%. For example, Oregon State University uses Security Copilot with Microsoft Sentinel and Defender to automatically process security incident tickets. Automation enables university analysts to focus on higher-priority incidents. Materials manufacturer Eastman is using Copilot to upskill security analysts and accelerate threat remediation.
David Yates, Senior Cybersecurity Analyst at Eastman, said that “We work in a world where every second matters.”
Partner Perspectives
Microsoft collaborates with numerous partners to enhance cybersecurity solutions. Key partners shared their insights:
- Armor: David Fatovic, Director of Strategic Alliances, highlights the partnership between Armor and Microsoft, stating that it “empowers organisations to combat cyberthreats better”.
- Huntress: Chris Bisnett, CTO and Co-founder, explains that Huntress is “working with Microsoft” to improve defenses for Microsoft 365 environments. Huntress improves the value of existing Microsoft licenses with extra security, according to Bisnett.
- Atech x Iomart: Nathan Jamieson, Chief Information Security Officer, emphasizes the “holistic approach to helping businesses strengthen their security posture” through Microsoft’s ecosystem.
- Lighthouse: CEO Ron Markezich details how its collaboration with Microsoft results. “We [Lighthouse] work directly with Microsoft Security engineers, marketing teams and advisory councils to stay ahead of evolving risks.”
- M-Files: Ville Somppi, Senior VP of industry solutions, says the firm taps into all available security, threat detection, and cyber capabilities in the Microsoft stack.
- Yubico: Derek Hanson, VP of standards and alliances, notes that users of Microsoft environments can utilize the YubiKey for phishing-resistant, multifactor, and passwordless authentication.
Microsoft is dedicated to building a secure future through its internal efforts, its innovative AI-driven security tools, and robust partnerships across the industry.
