There’s an oncoming renaissance in cybersecurity as AI shifts the balance of power

Innovation is constant in technology, and unfortunately this applies to cybercriminals as well. As long as new software, systems, and devices are being developed and launched into the world, there will always be someone looking for soft spots to exploit. With October being Cybersecurity Awareness Month, I wanted to take a moment to reflect on how the AI innovations of the past year have had an impact on cybersecurity as a whole.

Defenders have always been at a disadvantage due to what we call the asymmetry of the attacker. Attackers can pick their spots and come from anywhere, while defenders must cover the entire, vast landscape of their environment. They may spend weeks researching how a new vulnerability might affect them and an exploit may take months to detect. 

As technology becomes more deeply embedded into homes, work, society, commerce, and culture, we must shift the advantage to defenders. Otherwise cyberattacks will continue to become more devastating, more personal, and will erode the trust between people and the technology they depend on.  

With the rapid advances happening in AI today, we may finally get that game-changing advantage. Through AI, we can give defenders the tools they need to win at the point of attack.

A new world with Generative AI

AI innovation may feel as though it’s happening faster than we could have ever imagined, but the benefits we’re beginning to see are the fruits of decades of research, and we’ve only scratched the surface.  It’s energizing to see and hear what you all have been able to do with these new capabilities already, from artists who say generative AI has sparked their creativity, to programmers who say it has brought joy and flow back to their work, to knowledge workers and business leaders who say they finally have a new tool to help them reimagine and simplify business processes.

In cybersecurity, AI capabilities will be revolutionary. AI tools have the power to give us real visibility across data, systems, and threats in an unprecedented way. We can see and react to attackers in real time, already knowing what the threat is and what the exploit is attempting to do. And we can take immediate action to defend against it at machine speed. And that enables us to go from reactive to preventive and predictive, finally giving defenders everywhere an asymmetric advantage.

With today’s large language models, we can create a new type of tool that securely applies the power of ChatGPT-4 to an organization’s data—layering in the most advanced expertise and all the known threat signals and security data at our disposal.

Supercharging the skills and abilities of security teams

Microsoft analyzes 65 trillion signals a day and detects over 4,000 password attacks per second across its digital estate. We track more than 50 ransomware groups, and more than 300 nation states and financially motivated threat actors. Training AI on that plethora of intelligence helps it deliver an incredible speed of operation and simplifies the challenge of spotting a threat among the noise of millions of normal traffic patterns. And this intelligence is a great example of how we stay ahead of bad actors.

Today detecting a breach takes an average of 212 days and a lot of harm can be caused in that time. AI can enable security teams to detect anomalies at machine speed, reducing a queue of work from a thousand alerts to just a few priority incidents within seconds. By combining human ingenuity with the unprecedented capabilities of AI, we can drive a paradigm shift in security for good.

A renaissance for the security industry

In the security industry today, we are navigating the devastating combined effects of a massive talent shortage and a lack of diversity amidst an incredibly sophisticated, rapid, and vast threat landscape. Three million jobs go unfilled every year, even as there are vastly underrepresented communities that could offer incredible candidates. A dismal 24% of the cybersecurity workforce are women and only 20% are people of color. With AI, we can break down many of the barriers to our industry caused by location, language, and access to training. People who are new to the field can be upskilled and assisted as they take on new security tasks, and gain the knowledge and insights needed to become more advanced defenders. Senior analysts can spend more time doing detection and response time because incident summaries and Board-level reports can now be created in minutes.

Breaking those barriers is a critical thing. Attackers are diverse and come from all backgrounds and all walks of life. They bring a multitude of perspectives that we must understand in order to defend against them—whether through the expertise of our defenders or the tools we build to arm them. As an industry we must be as diverse as the attackers we face. Never has this been truer than in the era of AI.

Durable innovation will always come from applying the best minds from a plethora of disciplines and a wide variety of perspectives, experiences, cultures, backgrounds to bring true diversity of thought.

With generative AI, we have in our hands perhaps one of the most consequential technological advancements of our lifetime. But it’s going to take all of us contributing to its development so that it reflects all of us, includes all of us, and benefits all of us. Like every transformative innovation in history, it requires human hands to carry it forward. And those hands will change the world.

Vasu Jakkal is the corporate vice president of security at Microsoft.