Microsoft’s Generative AI Cyber Defense Program for Public Sector

By Alvaro Vitta, Cybersecurity Lead for Microsoft Worldwide Public Sector

In an era where security breaches are routinely making headline news, the threat of cyberattacks has become a daily reality. In fact, Cybercrime globally is expected to cost $10.5 trillion by 2025 (Cybercrime Magazine). For public sector, the number of cyber incidents targeting government agencies worldwide from December 2022 to August 2023 rose by an astonishing 150% (Statista). Public sector leaders need to make sure they are using modern security technologies, processes and approaches as well as investing the time to educate and skill or reskill their employees in this ever-changing landscape. 

The speed, scale, sophistication of attacks combined with the security talent shortage and operational complexity give attackers an asymmetric advantage over defenders.​ Attackers only have to be successful once, while defenders have to be right 100% of the time. Cybercriminals tend to have deep pockets and a ferocious appetite to innovate in order to plan and monetize attacks and are using cutting-edge technology to help them execute. 

Cybersecurity is one of the most pressing challenges of our time. And this requires a paradigm shift. 

Microsoft’s AI cyber defense program for public sector aims to transform cybersecurity at the local, regional and national level 

In a recent article by Charlie Bell, Executive Vice President for Microsoft Security, it was announced that Microsoft is expanding and evolving its Secure Future Initiative (SFI) and Microsoft’s work will be guided by three security principles:  

1. Secure by design: Security comes first when designing any product or service.
2. Secure by default: Security protections are enabled and enforced by default, require no extra effort, and are not optional.
3. Secure operations: Security controls and monitoring will continuously be improved to meet current and future threats.

Given the rise in attacks targeting public sector organizations and legacy systems and practices that are often used within public sector, these three security pillars are equally important for public sector organizations to follow. Evolving public sector security operations and using modern security technologies, processes and approaches as well as investing the time to educate and skill or reskill employees has never been more important.

Microsoft wants to help public sector organizations evolve and transform their cybersecurity in the AI era. Through the Microsoft AI cyber defense program for public sector, we can partner with organizations to assess strategies and modernize public sector security operations through an AI-centric model.

Through cybersecurity envisioning workshops, Microsoft’s public sector’s cybersecurity experts will work with you to:

• Assess your current Government security operations center (SOC)
• Identify gaps, challenges and needs
• Identify gen-AI cyber opportunities to optimize government SOC operations
• Develop an agile plan to address current needs and priorities
• Create a tailored specific vision with KPIs and approach

Cybersecurity is a critical enabler and protector of the digital ecosystem, and it requires constant innovation, automation, and scale to keep pace with the evolving threat landscape. The AI-cyber defense program for public sector provides a holistic view of the cyber landscape and the threats that organizations face and how to address them.  

Creating a Public Sector Generative AI Cyber Defense System

When it comes to cybersecurity, in order to quickly detect and respond to threats or attacks, organizations need to be able to have as much rich and actionable security signaling information as possible at your fingertips.

As I explained in the Microsoft Learn module Foundations of a modern public sector security operations center, having a modern Government SOC gives the ability to use data from many different sources, to provide you with a 360 degree video of your digital landscape. And with such a vast amount of data, AI can play a key role in helping analysts sort through the information faster and focus on key areas that can help reduce or mitigate risk.

The differentiator is that through this program we provide access to a public sector generative AI cyber defense system which lays the foundation to modernize a single public sector entity’s security operations. This can create the connective tissue to foster a ecosystem that allows cross-entity collaboration with other public sector and critical infrastructure sector SOCs within your city, state, province or country.

This cyber collaboration ecosystem will allow other public sector and critical infrastructure entities to share their cyber threat intelligence, providing cybersecurity analysts with even more visibility to common threats. This collaborative cyber network becomes the connective cyberthreat intelligence tissue across the digital ecosystem. Using generative AI, this environment can sort and organize the data and allow security analysts to use natural language to ask questions of the cyberthreat intelligence data, to acquire actionable information and take remediation steps faster.

Let’s work together to transform public sector cybersecurity

According to the Microsoft Digital Defense Report, 53% of cyberattacks are focused on government and critical infrastructure, making the need for public sector SOC modernization even more critical. By streamlining cyber threat intelligence collaboration, augmenting teams with AI to help with security talent shortages, and improving the threat detection signal, we can transform cyber defense for public sector and can prevent and detect threats sooner to better protect the people you serve.