Microsoft thinks Cybersecurity is a job for GPT-4

What is Microsoft Security Copilot?

Photo by Turag Photography on Unsplash

Hey Everyone,

I have been impressed with the frequency and variety and size of Microsoft’s cybersecurity acquisitions throughout the years. See list of all acquisitions here. I was concerned when ChatGPT is being used for malware, phishing and Generative A.I. is being used as the new most common type of fraud and scam, voice cloning of relatives.

Some Seniors show a reduced ability to tell the difference between a real relative and an A.I. generated clone of their voice. So while Microsoft has spent $13 billion on OpenAI, which is causing a more risky internet and more frequent phishing and more sophisticated fraud and cybersecurity risks at scale, since ChatGPT is pretty good at code and malware, Microsoft also has come up with the solution!

If you are the company responsible for more security issues, you stand indeed the most to benefit from creating the solution, isn’t it?

Microsoft in their blog, indeed say that today the odds remain stacked against cybersecurity professionals. But no need to fear guys, Microsoft Security Copilot is here.

As you might expect, Microsoft Security Copilot is a new assistant for cybersecurity professionals, designed to help defenders identify breaches and better understand the huge amounts of signals and data available to them daily.

When you are the very actor that brought ChatGPT to the world, which increases risk, that you are the solution to the malevolent possibilities of Generative A.I. around cybersecurity is a bit corrupt and daunting. Such is the world of Monopoly Capitalism, such is the playbook of the centralization of A.I.

• Powered by OpenAI’s GPT-4 generative AI and Microsoft’s own security-specific model, Security Copilot looks like a simple prompt box like any other chatbot. You can ask “what are all the security incidents in my enterprise?” and it will summarize them.

• Microsoft says it’s making use of the 65 trillion daily signals Microsoft collects in its threat intelligence gathering and security-specific skills to let security professionals hunt down threats.

I finally feel safe with Copilot.

At a time when the supply of Cybersecurity professionals isn’t meeting demand, Microsoft assures us that Microsoft Security Copilot is designed to assist a security analyst’s work rather than replace it — and even includes a pinboard section for co-workers to collaborate and share information.

Microsoft Security Copilot is the first security product to enable defenders to move at the speed and scale of AI. Security Copilot combines this advanced large language model (LLM) with a security-specific model from Microsoft. Microsoft will have advanced early access to GPT-5, just as it did with BingAI and GPT-4.

Microsoft thinks it is at the speed of A.I. now, I’m sure all those voice cloners and phishing experts using ChatGPT are going to be quite concerned now.

The new AI security tool, which can answer questions about vulnerabilities and reverse-engineer problems, is now in preview. And it’s all a bit interesting how A.I. will be increasingly used in phishing and cybersecurity defense.

Still this is a specialized LLM that could hopefully assistant cybersecurity professionals to reduce incidents and minimize the damage of vulnerabilities. When Security Copilot receives a prompt from a security professional, it uses the full power of the security-specific model to deploy skills and queries that maximize the value of the latest large language model capabilities.

The service will work with Microsoft security products such as Sentinel for tracking threats. Microsoft will determine if it should add support for third-party tools such as Splunk based on input from early users in the next few months. Microsoft is building multiple subscription revenue streams from its aggressive foray into LLMs with its sponsorship of OpenAI.

Continuous Learning of LLMs in a Specific Niche

Security Copilot is a closed-loop learning system, which means it’s continually learning from users and giving them the opportunity to give explicit feedback with the feedback feature that is built directly into the tool. As we continue to learn from these interactions, we are adjusting its responses to create more coherent, relevant and useful answers.

The Global Shortage of Talent in Cybersecurity

According to the news and announcements, there is a global shortage of skilled security professionals, leading to an estimated 3.4 million openings in the field.  Voice cloning fraud is exploding and will only get worse as global populations begin to age in the coming demographics winter.

Microsoft is using information from the Cybersecurity and Infrastructure Security Agency, the National Institute of Standards and Technology’s vulnerability database, and Microsoft’s own threat intelligence database to improve the product.

Dennis Chung, Chief Technology Officer, Microsoft Singapore, shared, "The rapidly evolving cybersecurity landscape demands that organizations continuously strengthen and maintain their security measures to effectively combat increasingly sophisticated threats and ensure the safety of their people and business. Our Microsoft Security Copilot brings the power of AI to individuals to drive innovation and scale at pace, as they create a secure digital environment for all. "