Microsoft is Getting Serious About Security. Again.
- Paul Thurrott
- Nov 02, 2023
-
4
In the wake of a string of cyberattacks, Microsoft announced a new initiative today called the Secure Future Initiative (SFI). And it’s impossible not to think of its Trustworthy Computing initiative of two decades ago and how much the world has changed since then.
“In recent months, we’ve concluded within Microsoft that the increasing speed, scale, and sophistication of cyberattacks call for a new response,” Microsoft president Brad Smiths writes in a new post to Microsoft On the Issues. “This new initiative will bring together every part of Microsoft to advance cybersecurity protection.”
Windows Intelligence In Your Inbox
Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!
"*" indicates required fields
SFI is built on three pillars:
AI-based cyber defenses. Microsoft will “put AI to work to advance cybersecurity protection” and protect its customers worldwide with an “AI-based cyber shield,” Smith says. This will include using AI to advance Microsoft’s threat intelligence and extending these capabilities directly to its customers. “AI is a game changer,” he says. “Coupled with a global network of datacenters, we are determined to use AI to detect threats at a speed that is as fast as the Internet itself.”
Advances in fundamental software engineering. This is the bit that is most reminiscent of Trustworthy Computing: Charlie Bell, Microsoft’s executive vice president for Security, has informed the company’s employees how SFI will advance the way Microsoft designs, builds, tests, and operates its technology. It will use AI and automation to transform the way it develops software, strengthen identity protection against highly sophisticated attacks, and cut the time it takes to mitigate cloud vulnerabilities by 50 percent while being more transparent and consistent when reporting incidents.
Advocacy for stronger application of international norms to protect civilians from cyber threats. Reissuing Microsoft’s 2017 call for a Digital Geneva Convention, Smith says the need now is greater than ever. “What we need today for cyberspace is … a stronger, broader public commitment by the community of nations to stand more resolutely against cyberattacks on civilians and the infrastructure on which we all depend,” he writes. “Fundamentally, we need renewed efforts that unite governments, the private sector, and civil society to advance international norms on two fronts. We will commit Microsoft’s teams around the world to help advocate for and support these efforts.”
You can learn more about SFI in Charlie Bell’s email to Microsoft’s employees and on the Microsoft Secure Future Initiative website.