Microsoft has announced a planned update to its Microsoft Purview platform, aimed at addressing the growing concern over AI-driven cybersecurity threats. The update, scheduled for preview in July 2024 and general availability in September 2024, signifies Microsoft's acknowledgment of AI as a potential security risk that requires stringent controls.
Understanding Risky AI Usage
The term “risky AI usage” encompasses both intentional and unintentional activities that could jeopardize an organization's security. This includes the generation of data from sensitive files or sites, and the use of AI to create prompts or responses containing sensitive information. The forthcoming update to Microsoft Purview aims to extend its coverage to not only Microsoft Copilots but also third-party generative AI applications, enhancing the platform's ability to automatically detect AI-related cyber threats such as intellectual property theft, data leakage, and security violations.
Enhanced Features and User Privacy
Microsoft Purview's update is designed to bolster insider risk management by enabling administrators to identify risky AI usage within their organizations. The platform will incorporate new detection capabilities for both intentional and unintentional insider risk activities related to generative AI apps.
This development comes in the wake of a report released by Microsoft, in partnership with OpenAI, which highlighted the use of AI by malicious actors from countries such as Russia, Iran, China, and North Korea to launch cyber attacks. The partners successfully neutralized threats posed by five hacking groups believed to be sponsored by nation-states. These entities had been exploiting OpenAI‘s large language models (LLMs) to bolster their cyber activities, marking a significant stride in the use of generative AI for cyber attacks.
In addition, Microsoft emphasizes the privacy-by-design approach of Purview, ensuring that users are pseudonymized by default and that role-based access controls and audit logs are implemented to maintain user privacy. The update also aims to streamline various processes, such as onboarding new devices and accessing data security, governance, and compliance solutions through a unified portal.