As Spider-man once said…”With great power comes great responsibility”, and the shimmering promise of Generative AI (GenAI) solutions is not without its shadow—a potential vulnerability in data security. In this article, we explore Microsoft’s solution and positioning in response to this otherwise unpredictable cyber landscape.
Microsoft is committed to helping organizations protect and govern their data, no matter where it lives or travels. At the forefront of this commitment lies Microsoft Copilot for Security: a suite of security solutions that orchestrates results to provide GenAI advanced protection for your company’s data and infrastructure.
What is Microsoft Copilot for Security? | Microsoft Learn
The main solutions being used by Microsoft Copilot for Security are Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Purview. Leveraging this unified approach allows cybersecurity professionals to use GenAI to search for and address threats effectively. Each of these products help with data security and compliance, but they have different purposes and features. Here is an overview:
Solutions leveraged by Microsoft Copilot for Security
An additional capability of Microsoft Purview includes the support for data Sensitivity Labels. Think of Sensitivity Labels as the digital“confidential” stickers that you put on your data. As the need increases for companies to share data both internal and external to the organization, so too does the concern increase for both data privacy and security. Using Sensitivity Labels allows certain documents to have “Confidential” or “Highly Confidential” labels which drive pre-defined authorization, access, and sharing rules which protects handling of data within GenAI results.
How do I work with Microsoft Copilot for Security?
Users can engage with Copilot for Security through the Defender XDR interface as they research highlighted incidents. Copilot for Security automatically provides a summary of each incident (without the need for you to dive into all the detailed alerts) while also providing a guided response.
Example: Microsoft Defender XDR Incident Investigation
In addition to the Defender XDR interface, users can leverage the stand-alone Copilot for Security application with natural language interface while allowing for integration with other Microsoft products and third-party platforms using a plugin architecture. In this way, you can personalize the experience and include/exclude relevant/irrelevant information.
Individual prompts can be submitted or promptbooks (one or more prompts that have been put together to accomplish specific security-related task) can be leveraged as ready-to-use templates to automate repetitive steps such as incident response, investigations, and remediation. For instance, you can perform detailed analysis on security issues such as “Suspicious Script Analysis”, “Threat Actor Profile”, or “Incident Investigation”.
Summary
Leveraging GenAI technology to scour the vast amount of signal data is an obvious “use case” companies will be shifting towards to protect their organization from the constantly changing security landscape. No doubt Microsoft’s Copilot for Security will continue to evolve its offering, but it provides a valuable “safety net” for organizations leveraging the M365 platform today.
Up Next
In the next and final article in this series, join me as I review how Microsoft is addressing the “hurdle” of finding and retaining skilled personnel who can develop and maintain generative AI models.
