Search
Close this search box.

Microsoft Ignite 2024: A Focus on Cybersecurity Innovation

Microsoft Ignite 2024: A Focus on Cybersecurity Innovation

Analyst(s): Krista Case
Publication Date: November 27, 2024

At Ignite 2024, Microsoft unveiled cybersecurity innovations designed to empower organizations to defend against evolving threats. Key announcements included a proprietary infrastructure chip, enhanced AI capabilities in Microsoft Security Copilot, updated data security features in Microsoft Purview, and the launch of a unified Security Exposure Management tool.

What is Covered in this Article:

  • The launch of Azure Integrated HSM
  • Updates to Microsoft Security Copilot for AI-driven incident response and broader security suite integration
  • Introduction of the Security Exposure Management tool for unified vulnerability assessment
  • The addition of Data Loss Prevention (DLP) for Microsoft 365 Copilot and Data Security Posture Management (DSPM) to Purview.
  • The role of community engagement and internal alignment in enhancing resilience
  • Analysis of Microsoft’s Secure Future Initiative (SFI)

The News: At Microsoft Ignite 2024, the company unveiled a suite of advancements in cybersecurity capabilities for enterprise IT. These include:

  • GA of Microsoft Security Exposure Management that became generally available
  • The addition of new skills for Microsoft Defender, Entra, Intune, and Purview to Microsoft Security Copilot
  • The addition of Data Loss Prevention (DLP) for Microsoft 365 Copilot and Data Security Posture Management (DSPM) to Purview
  • An expanded AI- and cloud-focused bug bounty initiative
  • Updates to Microsoft Secure Future Initiative (SFI)

Microsoft Ignite 2024: A Focus on Cybersecurity Innovation

Analyst Take: Addressing The Perfect Storm: Rising Threats and Limited Resources

It has never been more difficult for organizations to adequately protect themselves against cyber-attacks. Threat vectors are changing, with the number of attackers escalating and their sophistication rising as they use advanced techniques such as AI and ML to launch more targeted and effective attacks. Against this backdrop, malicious actors have become able to access sensitive data in record time. In this climate, security expertise simply cannot be developed and scaled fast enough, creating a shortage of skilled cybersecurity professionals that exacerbates these challenges.

Microsoft plays a critical role in both employee productivity and company IT infrastructure. This demands a dual-pronged cybersecurity perspective – embedding security into its core services, while also delivering a range of services that better empower customers to build their resilience against malicious actors. This strategy is particularly relevant, given that organizations are embracing Azure to host critical infrastructures and applications, and given that identity-based attacks such as advanced phishing attacks targeting end users are on the rise.

Microsoft’s approach – as reflected in the Ignite 2024 announcements – is not only to invest in technological innovation. It is also to drive community engagement, and via its Secure Future Initiative program, put specific metrics and incentives in place within Microsoft itself, from engineering all the way through the C-Suite, for prioritizing security. It is only through common knowledge sharing on emerging threat vectors and cyber-resilience best practices, and aligning all employees with common cybersecurity objectives, that risk can truly be minimized today.

Elevating Security with AI

Across the board, The Futurum Group’s research and conversations reflect that addressing this quickly changing threat landscape is a top priority for Security and IT teams alike. More specifically, using AI to detect vulnerabilities and attacks as quickly as possible, and to respond faster and more effectively, is top of mind from this perspective.

At Ignite 2024, Microsoft Security Exposure Management became generally available. This tool maps the relationships between data, devices, identities, and other assets continuously, and provides a graphical view to manage the attack surface, attack paths, and exposures. In addition to helping enterprises to anticipate and mitigate risks before they escalate, the tool provides prioritized recommendations for remediation. It also helps to address the visibility gaps that occur from today’s vast, disjointed cybersecurity toolchains – which practitioners note is materially inhibiting their cyber-resiliency – via third-party connectors for Rapid 7, ServiceNow, Qualys, and, currently in preview, Tenable.

Along a similar vein, Microsoft also announced the addition of new skills for Microsoft Defender, Entra, Intune, and Purview to Microsoft Security Copilot at Ignite 2024. Microsoft Security Copilot is an AI- and machine learning-powered assistant designed to automate routine security tasks, identify, prioritize, and remediate threats and risks, and offer expert guidance to security teams.

The integration of the capability across Microsoft’s broader security suite provides tailored capabilities for a variety of needs. For example, the integration of Security Copilot into Entra is strategic in combating the current onslaught of identity-based attacks. Among other capabilities, it can provide context, such as authentication methods, into user identities and data, it can help to troubleshoot access issues, and it can analyze conditional access policies. A chatbot user interface that is coming in December can be used to guide processes, for example, the identification and removal of unused or potentially compromised applications.

Securing the AI Revolution

The flip side of the AI coin is that the ability to manage, secure, protect, and govern data for generative AI applications has emerged to become top of mind, since Chat GPT emerged last Fall. To address this need, Ignite 2024 included enhancements to Microsoft Purview, which offers a unified view of data that enable organizations to identify, classify, and protect sensitive information. Specifically, the following have been added to Purview:

  • Data Loss Prevention (DLP) for Microsoft 365 Copilot, which can help to safeguard against leakage of sensitive data, specifically via inadvertent and over sharing as well as the misuse of sensitive data within AI applications. It can also detect risky use of AI applications such as prompt injections.
  • Data Security Posture Management (DSPM), which provides a holistic view of the security posture across the organization’s data estate, helping them to identify and mitigate risks associated with AI-powered applications. Given that AI applications frequently draw on sensitive data, and that models’ integrity in the face of a growing count of malicious attacks like model poisoning is paramount to the success of organizations’ AI initiatives, the importance of this capability cannot be understated. The ability to have a single pane of glass to proactively identify risks and receive recommended actions becomes even more useful, given that AI applications may draw from disparate and heterogeneous data sets.

Although AI initiatives are in their infancy for most enterprises, they will continue to grow in their number, scale, and their business criticality. Baking data security at the forefront is fundamental to their success.

Secure Cryptographic Operations with Azure Integrated HSM

Also announced at Ignite 2024 was the Azure Integrated Hardware Security Module (HSM), a proprietary chip designed to perform cryptographic operations including encryption, decryption, encryption key management, and digital signing. For these functions, the Azure Integrated HSM provides a secure environment designed to resist malicious attacks and to meet compliance standards such as FIPS 140-2. Microsoft is providing access to the Azure Integrated HSM modules as a cloud-based service.

Fortifying Security Through Community and Culture

Cybersecurity is a shared responsibility, and Microsoft’s bug bounty program encourages external researchers to identify vulnerabilities. This program fosters a collaborative approach to strengthening its platforms. At Ignite 2024, Microsoft introduced a new hacking event called Zero Day Quest that adds an additional $4 million for uncovering vulnerability submissions in AI and Cloud, specifically.

This program complements the company’s internally focused Secure Future Initiative (SFI), which prioritizes the secure development of cyber-resilient products and services while aligning employees across all levels with common security objectives. SFI reflects the necessity of complementing product enhancements with establishing employee accountability and buy-in, for example, by embedding security-focused metrics and incentives throughout the organization.

Looking Forward

Microsoft’s Ignite 2024 announcements tackle current issues and help organizations to prepare for future risks by reinforcing security at the foundation of the development of Microsoft’s key services, and introducing innovation in areas such as AI-driven threat detection and remediation.

These projects can thrive if they are scalable, accessible, and easily integrated into varying enterprise environments. At the same time, the additional capabilities of Security Copilot are intriguing, but its long-term success will depend on user uptake and the ability to keep abreast of increasingly complex cyber-attacks. While these challenges are not necessarily unique to Microsoft, Microsoft’s evolving innovations and strategies in cybersecurity stand to have a significant impact on enterprises’ resiliency moving forward, given its entrenchment in areas such as user productivity and cloud infrastructure-as-a-service.

At the same time, Microsoft will continue prioritizing integrating security into the core of its IT infrastructure. Recent updates such as enabling and enforcing by default MFA in Azure services reflect Microsoft’s focus on evolving its R&D and innovation in tandem with how attack vectors are also evolving. Building best practices into the platform and enforcing them on a policy-driven basis, while also providing documentation through its Well-Architected Framework program will further help to make these developments accessible to customers by easing their implementation.

What to Watch:

  • Practical applications of enhanced Security Copilot capabilities in real-world incident response
  • Microsoft’s efforts to advance responsible AI practices and build trust in generative AI tools
  • Growth in usage of DLP and DSPM capabilities, given the complexity of AI applications and multi-cloud environments
  • Adoption of Azure Integrated HSM, given the growing need for cryptography as more critical and sensitive data is migrated to the public cloud
  • Long-term impact of Microsoft’s bug bounty and Secure Future Initiative on community engagement, risk reduction, and the industry’s perception of Microsoft

Read about Microsoft Ignite 2024 on the Microsoft website.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

Microsoft’s Secure Future Initiative Marks Major Progress in Cybersecurity

Microsoft Announces Copilot-Driven Dynamics 365 Contact Center

What Makes Microsoft’s Autonomous Agents a Game Changer for Workers?

Author Information

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.

SHARE:

Latest Insights:

Exploring How Microsoft’s Latest AI Advancements Reshape Enterprise Operations, Productivity, and Security
Keith Kirkpatrick, Research Director at The Futurum Group, explores Microsoft Ignite 2024's AI advancements, such as Microsoft Copilot Studio, new AI agents, and governance tools, which are transforming enterprise workflows.
Dion Hinchcliffe and Camberley Bates delve into the latest earnings and updates from Lenovo, Cisco, Kyndryl, and the impact and understanding of Large Language Models in today's tech landscape.
Elastic Posts 18% Revenue Growth, Driven by Elastic Cloud While Addressing Leadership Changes and Persistent GAAP Losses
Mitch Ashley, VP and Practice Lead, DevOps and AppDev at The Futurum Group, discusses Elastic's Q2 FY2025 earnings, exploring cloud growth, key AI innovations, and the challenges posed by leadership changes and profitability concerns.
NetApp’s Q2 FY2025 Results Reflect Strong Gains in Hybrid Cloud and All-Flash Storage, With Opportunities to Accelerate Public Cloud Growth
Camberley Bates, Chief Technology Advisor, and Krista Case, Research Director at The Futurum Group, explores NetApp's Q2 FY2025 performance, highlighting strong gains in hybrid cloud and the company’s strategy to navigate public cloud challenges.