AI success rests on secure foundations
Mick Dunne, Chief Security Advisor, Microsoft Australia and New Zealand
Share this page on :
Artificial intelligence (AI) is the most influential technology of our lifetime. It is reshaping everything we do with speed and scale never seen before. While the new era of AI presents unprecedented opportunities to elevate human potential, we must not overlook a critical factor in realising this potential: data security.
The foundations of data security might seem mundane or even outdated in the face of advanced AI capabilities, however having confidence and trust in your data and systems is critical to be able to embrace AI securely and safely. And protecting data (which is critical to building a powerful AI capability) starts with the basics.
The importance of the basics
Every organisation, regardless of size or sector, needs to master the fundamentals of security. This means being disciplined about asset inventory, patch management and access control, as examples – they may not grab headlines but they are indispensable to preventing many common cyber threats.
According to Microsoft’s latest Digital Defense Report, basic security hygiene practices – such as enabling multifactor authentication, applying Zero Trust principles, using extended detection and response software, keeping systems up to date and protecting data – still protect against 99 per cent of attacks.
It boils down to the common saying – hackers don’t break in, they are let in. These basics aren’t just a checkbox exercise. They are the bedrock upon which all advanced security measures – and by extension, AI initiatives – are built.
Protecting the fuel for AI
Data is the fuel that powers AI, and its security and integrity are paramount.
AI systems depend on accurate, complete and relevant data to function correctly. If the data is tampered with, intentionally or not, AI’s outputs may become unreliable, leading to potentially suboptimal decisions.
Data classification plays a crucial role here as well, yet it’s often done poorly or not at all. Properly classifying data ensures that sensitive information is appropriately protected and that AI systems don’t inadvertently expose or misuse it. This is particularly important given the increasing regulatory scrutiny around data privacy and protection.
Likewise, many customers we work with have shared that bringing AI productivity tools into the business has actually helped accelerate data privacy and access efforts. Because an AI tool references the sources, very quickly it can surface where access gaps are – for example, a business confidential document might be accessible to external users that shouldn’t be. So many customers are seeing the benefits of using AI to accelerate their efforts in harden their data access guardrails.
Realigning around our security priority
At Microsoft, we’re deeply focused on security because the stakes have never been higher.
We launched our Secure Future Initiative (SFI) in November 2023 to ensure security is the top priority in everything we do. With the increasing scale and sophistication of cyberattacks, SFI is about embedding security into every aspect of our operations and products to protect both Microsoft and our customers.
In May 2024, we evolved SFI around three core principles: secure by design, secure by default and secure operations. These principles shape our efforts across six key areas, from protecting identities and securing networks to detecting and responding to threats. By focusing on these areas, we’re helping our customers reduce vulnerabilities and build resilient systems that can stand up to today’s cyber threats.
SFI is also about creating a security-first culture at Microsoft. We’re committed to continuous improvement and making sure security is at the heart of every decision. By aligning with industry standards, SFI helps our customers confidently embrace AI and other technologies, knowing they’re built on a secure foundation.
Security and AI: A symbiotic relationship
AI has the potential to transform organisations, but only if it is built on a secure foundation. The above security basics are crucial to unlocking AI’s potential because they ensure the data AI relies on is secure and trustworthy, and that the systems AI operates within are resilient.
Neglecting these basics puts your AI initiatives and organisation at risk. In a world where cyber threats are ever-evolving, doing the basics well is not just advisable – it’s essential.
Related Posts
From roll-out to optimisation: Mastering Microsoft 365 Copilot adoption with Unified
Unlock the full potential of Microsoft 365 Copilot with expert insights on seamless adoption and optimisation. Discover how Microsoft’s Copilot Cloud Solution Architects (CSAs) can fast-track your organisation’s deployment of Copilot, boost security and compliance, and drive user adoption through tailored training and change management strategies. Plus, learn five key lessons from early Copilot adopters to help your organisation achieve a smooth and impactful roll-out. Whether you’re just starting out or looking to optimise Copilot, this blog post provides actionable steps to realising its significant productivity benefits.
From pilot to production: Unlocking the full potential of generative AI in your organisation
Artificial intelligence (AI) isn’t a newcomer to the business world. For years, organisations have experimented with this technology to optimise operations, unearth insights and drive innovation. This article explore the significant economic and productivity opportunities of generative AI, including use cases and real-life examples of how organisations are creative opportunities now.
Three ways technology has empowered frontline workers
COVID-19 has highlighted how much we depend on frontline workers – from the nurses and doctors we applauded from balconies as they returned home from shifts through to the delivery workers who brought us groceries and essential items when we were unable to leave home.