Microsoft’s Secure Future Initiative Boosts Cybersecurity Against Advanced Attacks

Microsoft’s new AI-powered Secure Future Initiative aims to assist governments, businesses, and consumers in combatting cybersecurity threats.

Microsoft has announced its first-ever Secure Future Initiative to improve cybersecurity protection. This initiative will help government agencies, unsuspected users and organizations tackle cybercriminals and state-sponsored hackers with advanced response measures. The Secure Future Initiative consists of three pillars:

****AI-based cyber defences****

According to Microsoft, the future of cybersecurity is driven by artificial intelligence (AI). Therefore, the company invests heavily in innovative ways to detect and respond to cyberattacks.

Microsoft is planning to improve AI-based cyber defences in three key areas. These include threat intelligence, in which the company intends to use AI to detect/analyze cyber threats. Secondly, it will use AI to encourage analytical productivity by helping cybersecurity analysts to become more responsive.

Thirdly, the company will utilize AI for endpoint protection by offering real-time protection against cyberattacks on endpoint services, including phones, laptops, and servers. Moreover, the company is committed to securing AI in its services based on Responsible AI principles and building more powerful AI-based protection for governments, countries, consumers, and organizations.

****Advances in fundamental software engineering:****

Through this initiative, Microsoft aims to improve its software security. In this regard, the company is developing new security technologies and incorporating security mechanisms into every phase of software development. This also entails three areas of improvement.

Firstly, the company intends to develop a dynamic Security Development Lifecycle (dSDL) to integrate cybersecurity protection uninterruptedly to counter emerging threat patterns. It will encourage using AI-powered secure code analysis and GitHub Copilot to audit/test source code against advanced threats and offer secure default settings for MFA (multi-factor authentication) out-of-the-box.

Secondly, the company aims to strengthen identity protection against sophisticated attacks by introducing/applying the most advanced features and adopting a unified and consistent process that will verify and manage the identities and access rights of users, devices, and services across all platforms/products.

Another addition will be making these capabilities freely available to non-Microsoft application developers. Microsoft also intends to migrate to a fully automated consumer/enterprise key management system to ensure that keys remain inaccessible even when underlying processes are compromised. Furthermore, the company will cut cloud vulnerability mitigation time by 50%.

****Advocacy for stronger application of international norms to protect civilians from cyber threats:****

According to Microsoft’s blog post, the company wants to promote international cooperation on cybersecurity. This initiative also entails advocacy for stricter norms to provide enhanced protection to innocent users against cyber threats.

To ensure this, Microsoft is calling for a new international norm that would make it illegal for governments to plant malware or create/exploit cybersecurity vulnerabilities in critical infrastructure providers’ networks. This new norm would recognize cloud services as critical infrastructure protecting against attacks under international law.

“We need governments to do more together to foster greater accountability for nation-states that cross these red lines,” the company noted.

What is an OSINT Tool – Best OSINT Tools 2023

CVSS v4.0 Released with New OT/ICS/IoT Support

Microsoft’s Windows File Recovery tool recovers your lost data

Microsoft’s new tool detects & reports pedophiles from online chats

Microsoft launches free Linux memory forensics tool for detecting malware