Microsoft’s New Era of Security with Security Copilot
Technology is advancing faster than ever and while we find new ways to benefit from it, so do cyber attackers. Cybercrime has been on the rise and is predicted to rise significantly more in the next few years and a big reason for it is all the advancements in AI.
Thanks to AI, hackers have been able to automate more personalised texts and emails, better translate to target languages and even write software capable of breaking into corporate networks in ways that are new and different, allowing data breaches with no detection.
The United Kingdom is one of the most targeted countries in the world for cyber-attacks. After speaking to expert providers of IT Support in London it’s clear that businesses need to find new ways of protecting their data because security teams are struggling to keep up.
Many tech companies are aware of this need and hurrying to fill the demand. Microsoft is unsurprisingly one of those companies. Microsoft recently announced their newest addition to their AI-integrated tools which is the Security Copilot. Microsoft is basically aiming to fight cyber attackers using AI with their own version of AI.
Security Copilot uses advanced LLM (large language model) with Microsoft’s security-specific model to allow defenders to move as quickly and at the same scale as AI. Because the software is powered by OpenAI’s GPT-4 generative AI and has access to Microsoft’s global threat intelligence and over 65 trillion daily signals, it will grow and improve every day. It won’t be perfect to begin with but Security Copilot is made with a closed-loop learning system so that it will continually learn and improve with users giving feedback to the AI.
It’s important to note that Security Copilot isn’t made to replace security teams in a business because it’s made to make their response time quicker. It is essentially a chatbot, it uses the data from security tools and then uses it to answer questions for security teams. A defender can ask things like “What are the trending threats?” or “What security incidents are still unresolved?”.
Instead of taking hours or days, it can find security incidents in minutes. The AI can interpret and summarize malicious activity found in online traffic faster than a human security member can. Once any kind of incident is found Security Copilot will provide context and step-by-step guidance on what should be done next. The scenarios now are also more complex than they have been before so it either takes a user a long time to find them or they are missed completely. Security Copilot helps this by detecting threats that were previously missed and learning from them.
An interesting feature that Microsoft included that TechQuarters, an expert IT Support Company, is looking forward to is Security Copilot’s Prompt Book. This feature is so that security members can create prompt books to perform certain tasks like reverse-engineering a malicious script. By doing this, the AI can tell the user what the script is designed to do and what its capabilities are. After creating a visual to better explain the incident, it can then show who created the script and from where it was triggered.
Currently, Security Copilot is only available in preview so only selected customers have access. But according to Office 365 Consulting providers, when it does release you’ll need to have access to Microsoft’s other security products like Microsoft Defender, Intune and Sentinel for the service to actually work. The service integrates with these products to use the data for insights and recommendations. Thereafter you access Security Copilot using a web-based interface or chatbot.
Overall Security Copilot is an anticipated tool. Over the years of AI becoming more integrated into our everyday life, the more people have been looking forward to it being used for cybersecurity. Of course, there’s no way to know for sure how well the Security Copilot will work but it’s looking very promising so far.