As cyber threat actors add generative AI tools to their increasingly sophisticated arsenal, can security teams defending against their relentless attacks fight back effectively using the same genAI technology?

In SC Media UK’s latest podcast, Paul Kelly, director of Microsoft UK’s Security Business Group, says he believes they can – but only if their organisations put in the groundwork required to make the most of genAI.

“Attackers are becoming more automated. [They] were pretty quick into AI, to explore and make use of some of that powerful capability,” Kelly says in his discussion with SC Media UK editor Alicia Buller.

“We see, in our telemetry, the number of password attacks that we’ve detected, for example, has more than tripled over the last 12 months.”

This is concerning, especially as the UK suffers the second highest number of attacks of any nation in Europe, behind Ukraine.

“But we really believe that the power of AI allows us to tip the scales, allows defenders to overcome that threat by putting this AI to work on the defence side,” Kelly said.

The key to enabling that to happen, he said, was ensuring organisations understood the current state of their security and identified any gaps or challenges genAI could help them address.

In its Digital Defense Report 2023, Microsoft sets out five fundamentals of cyber hygiene: multifactor authentication, zero trust, extended detection and response (XDR) and antimalware, keeping up to date with software and patching, and protecting data.

Data protection was “the biggie” when preparing to deploy AI tools, Kelly said.

“Whatever form of AI an organization may be interested in exploring or taking advantage of, getting their data estate in order, first of all, is a huge priority.”

Microsoft had seen this in practice over recent months as customers deployed its new AI tool designed to improve the efficiency of security teams, Security Copilot.

“The first thing that they need to do is just ensure that their existing data repositories, they’ve got the right access controls, there’s not oversharing taking place, that they’ve tagged and classified their data, done some of those basic things. Because with AI, it’s powerful technology that, of course, can just open up access that might have been unintended to existing data sources.”

Listen to the podcast for more insights on how genAI can improve your organisation’s security posture.

Simon Hendery Senior Correspondent

Simon Hendery is a freelance IT consultant specializing in security, compliance, and enterprise workflows. With a background in technology journalism and marketing, he is a passionate storyteller who loves researching and sharing the latest industry developments.