Microsoft has launched the European Security Program, which offers governments advanced, AI-driven cybersecurity capabilities at no cost. Vice Chair and President Brad Smith announced the initiative, designed to counter escalating cyber threats from state-sponsored actors and criminal groups.
This program is a key component of Microsoft’s five European Digital Commitments previously detailed in April. It centers artificial intelligence as a tool, protecting both traditional digital assets and emerging AI infrastructure.
The initiative significantly expands Microsoft’s existing Government Security Program. Its goal is to provide European nations with enhanced, real-time threat intelligence and collaborative tools for proactive defense. With the launch Microsoft reinforces its long-term commitment to securing Europe’s digital future.
The Evolving Threat Landscape and AI’s Dual Role
The initiative arrives as Microsoft observes persistent and sophisticated cyberattacks across Europe. Russian and Chinese state-sponsored operations are particularly prominent, alongside threats from Iran and North Korea. These actors increasingly target credentials and exploit vulnerabilities for espionage, according to Microsoft.
The company also highlighted the growing use of artificial intelligence by malicious actors for reconnaissance, vulnerability research, and crafting more effective social engineering campaigns. Attackers increasingly employ generative AI to amplify their cyber operations’ scale and impact.
To counter this, Microsoft actively tracks any malicious use of AI models it releases and works to prevent known cybercriminals from using its AI products. Brad Smith emphasized the challenge, stating, “Our goal needs to be to keep AI advancing as a defensive tool faster than it advances as an offensive weapon.” Smith also expressed confidence in current detection capabilities, noting, “We don’t feel that we have seen AI that has evaded our ability to detect the use of AI or the threats more broadly.”
Pillars of the European Security Program
Microsoft’s new program is structured around three core pillars, designed to bolster Europe’s collective cyber defenses:
First, it focuses on increasing AI-based threat intelligence sharing. This involves providing European governments with actionable insights from Microsoft’s global threat tracking, enhanced by AI analytics.
The Microsoft Digital Crimes Unit (DCU) will expand its Cybercrime Threat Intelligence Program (CTIP) to trusted European partners. Furthermore, the Microsoft Threat Analysis Center (MTAC) will deliver regular briefings on foreign influence operations, especially those leveraging AI for deepfakes and disinformation.
Participating governments will also receive prioritized security communications, including vulnerability remediation guidance, and will have a dedicated Microsoft point of contact.
Second, the program involves significant new investments to strengthen cybersecurity capacity and resilience. Microsoft is launching a pilot program with Europol’s European Cybercrime Centre (EC3), embedding DCU investigators in The Hague.
The company has renewed its three-year partnership with the CyberPeace Institute and is extending support to the Western Balkans Cyber Capacity Centre (WB3C). A notable collaboration with the UK’s Laboratory for AI Security Research (LASR) will focus on AI security for critical infrastructure.
Additionally, the GitHub Secure Open Source Fund aims to mitigate supply chain attack risks by enhancing the security of common open-source components.
Third, Microsoft is expanding partnerships to proactively disrupt cyberattacks and dismantle cybercriminal networks. This builds on actions like the recent takedown of the Lumma infostealer malware in cooperation with Europol. The company launched the Statutory Automated Disruption (SAD) Program in April 2025 to accelerate the removal of malicious domains. Microsoft also continues its legal actions against nation-state actors, such as the disruption of the Russian group Star Blizzard.
Microsoft’s Broader European Strategy and Commitments
This security initiative is an integral part of Microsoft’s broader strategy in Europe. The five European Digital Commitments include a “European Digital Resilience Commitment,” where Microsoft pledges to legally contest any government order to halt its European cloud operations.
This commitment followed the completion of Microsoft’s EU Data Boundary in February 2025. The Data Boundary ensures customer data for core cloud services like Microsoft 365 and Azure is processed within the EU/EFTA, aligning with regulations such as GDPR (General Data Protection Regulation) and the Schrems II ruling.
Furthering its European focus, Microsoft has appointed a new Deputy CISO for the continent. This role is tasked with ensuring compliance with key EU regulations. These include DORA (Digital Operational Resilience Act), NIS 2 (Network and Information Systems Directive), and the CRA (Cyber Resilience Act). Smith has described the CRA as potentially “a new gold standard for cybersecurity, much as the GDPR did for privacy.”
Looking ahead, Smith mentioned that Microsoft is also working on “other things” related to European cybersecurity, with more announcements expected later in June. “You’re going to see other things we are doing later in the month.” He also stated, “If we can bring more to Europe of what we have developed in the United States, that will strengthen cybersecurity protection for more European institutions.”
Navigating a Complex Regulatory and Competitive Climate
Microsoft’s enhanced focus on European security and data sovereignty unfolds within a dynamic regulatory and competitive environment. The company joined the Cloud Infrastructure Services Providers of Europe (CISPE) in January. The move faced opposition from Amazon Web Services (AWS) and elicited concern from some smaller providers.
Microsoft is also addressing EU antitrust concerns. In May it proposed to unbundle its Teams communication app from Microsoft 365 suites following a formal investigation prompted by a complaint from competitor Slack.
Microsoft is not the only major player aiming to strengthen its cloud presence in Europe. Just this week AWS announced its European Sovereign Cloud. This multi-billion euro investment aims to meet similar European demands for data control, similar to Microsoft’s sovereign cloud offering.
These initiatives from major U.S. tech companies reflect a broader adaptation to Europe’s determined push for digital autonomy.
