{"id":23334,"date":"2026-04-30T09:00:00","date_gmt":"2026-04-30T16:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?p=23334"},"modified":"2026-04-29T16:08:50","modified_gmt":"2026-04-29T23:08:50","slug":"microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/","title":{"rendered":"Microsoft CISO advice: Apply engineering fundamentals to securing AI"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Agentic AI, like any software, is just one part of a business solution. It is not the only element that needs to be secured. Engineers need to approach securing agentic AI in the corporate IT ecosystem the same way they would consider any security problem\u2014from end to end.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Yonatan Zunger, CVP and deputy CISO for Microsoft, suggests focusing exclusively on hardening a piece of software to security threats may make it difficult to use and introduce a new risk when users get frustrated and try to bypass controls. This is why engineers need to consider not just individual components but how they work together to maintain productivity.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cThink of every system as a socio-technical system containing many parts, and all of them working together in unison have to be secured,\u201d Zunger says.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex has-2-columns\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:65px\">\n<figure class=\"wp-block-image aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"95\" height=\"96\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Learn-how-p-g.png\" alt=\"\" class=\"wp-image-19668\" style=\"width:48px\"\/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p class=\"wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-4);margin-bottom:var(--wp--preset--spacing--spacing-4)\"><strong><strong>Learn from our experience&nbsp;<\/strong><\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-4);margin-bottom:var(--wp--preset--spacing--spacing-4)\"><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/03\/31\/applying-security-fundamentals-to-ai-practical-advice-for-cisos\/\" target=\"_blank\" rel=\"noreferrer noopener\">Read\u00a0our\u00a0practical advice about applying security fundamentals to AI.<\/a><\/p>\n<\/div>\n<\/div>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/YU-8lpwPtm0?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\"><\/iframe><\/span>\n<\/div><figcaption class=\"wp-element-caption\"><em>Watch this video to see Yonatan Zunger explain why engineering fundamentals are critical to building resilient AI systems. (For a transcript, please view the video on YouTube: <\/em><a href=\"https:\/\/www.youtube.com\/watch?v=YU-8lpwPtm0\" target=\"_blank\" rel=\"noreferrer noopener\"><em>https:\/\/www.youtube.com\/watch?v=YU-8lpwPtm0<\/em><\/a><em> )<\/em><\/figcaption><\/figure>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Try-it-out-badge.png\" alt=\"\" class=\"wp-image-19492\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Try-it-out-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Try-it-out-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">Try it out<\/p>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/03\/31\/applying-security-fundamentals-to-ai-practical-advice-for-cisos\/?OCID=InsideTrack_Product_10872\" target=\"_blank\" rel=\"noreferrer noopener\">Read more from Zunger about applying security fundamentals to AI.<\/a><\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Related-links-badge.png\" alt=\"\" class=\"wp-image-19491\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Related-links-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Related-links-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">Related links<\/p>\n<\/div>\n\n\n\n<ul style=\"margin-top:var(--wp--preset--spacing--spacing-20)\" class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/05\/29\/how-to-deploy-ai-safely\/\" target=\"_blank\" rel=\"noreferrer noopener\">Explore more from Zunger about how to deploy AI safely.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/08\/26\/securing-and-governing-the-rise-of-autonomous-agents\/\" target=\"_blank\" rel=\"noreferrer noopener\">Discover what you need to know about governing autonomous agents.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/techcommunity.microsoft.com\/blog\/microsoft-security-blog\/governing-ai-agent-behavior-aligning-user-developer-role-and-organizational-inte\/4503551\" target=\"_blank\" rel=\"noreferrer noopener\">Learn about aligning user, developer role, and organizational intent in agent governance.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/techcommunity.microsoft.com\/blog\/microsoft-security-blog\/authorization-and-governance-for-ai-agents-runtime-authorization-beyond-identity\/4509161\" target=\"_blank\" rel=\"noreferrer noopener\">Find out how to use Authorization Fabric to govern AI agents at scale.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/techcommunity.microsoft.com\/blog\/microsoft-security-blog\/part-1-understanding-agent-abuse-patterns-designing-secure-ai-agents-from-day-on\/4507832\" target=\"_blank\" rel=\"noreferrer noopener\">Read about agent abuse patterns.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/techcommunity.microsoft.com\/blog\/microsoft-security-blog\/part-2-securing-ai-agents-with-azure-ai-foundry-from-abuse-patterns-to-lifecycle\/4507836\" target=\"_blank\" rel=\"noreferrer noopener\">Identify ways to secure AI agents with Azure AI Foundry.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/techcommunity.microsoft.com\/blog\/microsoft-security-blog\/part-3-dspm-for-ai-governing-data-risk-in-an-agent%E2%80%91driven-enterprise\/4507841\" target=\"_blank\" rel=\"noreferrer noopener\">Explore how Data Security Posture Management for AI can prevent runtime risks.<\/a><\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Wed-like-to-hear-from-you-badge.png\" alt=\"\" class=\"wp-image-19490\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Wed-like-to-hear-from-you-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Wed-like-to-hear-from-you-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">We&#8217;d like to hear from you!<\/p>\n<\/div>\n\n\n\n<ul style=\"margin-top:var(--wp--preset--spacing--spacing-20)\" class=\"wp-block-list is-style-list-no-bullets\">\n<li class=\"wp-block-list-item\"><a href=\"mailto:msitstaff@microsoft.com\">Want more information? Email us and include a link to this story and we\u2019ll get back to you.<\/a><\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Agentic AI, like any software, is just one part of a business solution. It is not the only element that needs to be secured. Engineers need to approach securing agentic AI in the corporate IT ecosystem the same way they would consider any security problem\u2014from end to end. Yonatan Zunger, CVP and deputy CISO for [&hellip;]<\/p>\n","protected":false},"author":228,"featured_media":23336,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_hide_featured_on_single":false,"_show_featured_caption_on_single":true,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[896],"tags":[864,199,868,897,263,115,880,848,419],"coauthors":[895],"class_list":["post-23334","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-office-of-the-ciso","tag-agent","tag-ai","tag-ai-deployment-and-adoption","tag-cybersecurity","tag-microsoft-365","tag-microsoft-azure","tag-microsoft-copilot-studio","tag-security-and-risk-management","tag-zero-trust","m-blog-post"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft CISO advice: Apply engineering fundamentals to securing AI - Inside Track Blog<\/title>\n<meta name=\"description\" content=\"Corporate Vice President and Deputy Chief Information Security Officer Yonatan Zunger explains why strong security for AI starts with engineering fundamentals.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft CISO advice: Apply engineering fundamentals to securing AI - Inside Track Blog\" \/>\n<meta property=\"og:description\" content=\"Corporate Vice President and Deputy Chief Information Security Officer Yonatan Zunger explains why strong security for AI starts with engineering fundamentals.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/\" \/>\n<meta property=\"og:site_name\" content=\"Inside Track Blog\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-30T16:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/04\/10872-Hero_image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2300\" \/>\n\t<meta property=\"og:image:height\" content=\"1293\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Rani Lofstrom\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rani Lofstrom\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/\"},\"author\":{\"name\":\"Rani Lofstrom\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#\\\/schema\\\/person\\\/a84c77f9cb72a705f03dfbc214dd817e\"},\"headline\":\"Microsoft CISO advice: Apply engineering fundamentals to securing AI\",\"datePublished\":\"2026-04-30T16:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/\"},\"wordCount\":313,\"image\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/uploads\\\/prod\\\/2026\\\/04\\\/10872-Hero_image.jpg\",\"keywords\":[\"Agent\",\"AI\",\"AI deployment and adoption\",\"Cybersecurity\",\"Microsoft 365\",\"Microsoft Azure\",\"Microsoft Copilot Studio\",\"Security and risk management\",\"Zero Trust\"],\"articleSection\":[\"Office of the CISO\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/\",\"url\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/\",\"name\":\"Microsoft CISO advice: Apply engineering fundamentals to securing AI - Inside Track Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/uploads\\\/prod\\\/2026\\\/04\\\/10872-Hero_image.jpg\",\"datePublished\":\"2026-04-30T16:00:00+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#\\\/schema\\\/person\\\/a84c77f9cb72a705f03dfbc214dd817e\"},\"description\":\"Corporate Vice President and Deputy Chief Information Security Officer Yonatan Zunger explains why strong security for AI starts with engineering fundamentals.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/uploads\\\/prod\\\/2026\\\/04\\\/10872-Hero_image.jpg\",\"contentUrl\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/uploads\\\/prod\\\/2026\\\/04\\\/10872-Hero_image.jpg\",\"width\":2300,\"height\":1293,\"caption\":\"Corporate Vice President and Deputy Chief Information Security Officer Yonatan Zunger explains why strong security for AI starts with engineering fundamentals.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft CISO advice: Apply engineering fundamentals to securing AI\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/\",\"name\":\"Inside Track Blog\",\"description\":\"How Microsoft does IT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#\\\/schema\\\/person\\\/a84c77f9cb72a705f03dfbc214dd817e\",\"name\":\"Rani Lofstrom\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/88c3eec1cb70ef934ce9039cd3d24ebd790bdd4d17bba4e5c1cab34692f73822?s=96&d=mm&r=g1f4b72779f158e872aad1ea503fc8b81\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/88c3eec1cb70ef934ce9039cd3d24ebd790bdd4d17bba4e5c1cab34692f73822?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/88c3eec1cb70ef934ce9039cd3d24ebd790bdd4d17bba4e5c1cab34692f73822?s=96&d=mm&r=g\",\"caption\":\"Rani Lofstrom\"},\"url\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/author\\\/rlofstrom\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft CISO advice: Apply engineering fundamentals to securing AI - Inside Track Blog","description":"Corporate Vice President and Deputy Chief Information Security Officer Yonatan Zunger explains why strong security for AI starts with engineering fundamentals.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft CISO advice: Apply engineering fundamentals to securing AI - Inside Track Blog","og_description":"Corporate Vice President and Deputy Chief Information Security Officer Yonatan Zunger explains why strong security for AI starts with engineering fundamentals.","og_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/","og_site_name":"Inside Track Blog","article_published_time":"2026-04-30T16:00:00+00:00","og_image":[{"width":2300,"height":1293,"url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/04\/10872-Hero_image.jpg","type":"image\/jpeg"}],"author":"Rani Lofstrom","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Rani Lofstrom","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/"},"author":{"name":"Rani Lofstrom","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/a84c77f9cb72a705f03dfbc214dd817e"},"headline":"Microsoft CISO advice: Apply engineering fundamentals to securing AI","datePublished":"2026-04-30T16:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/"},"wordCount":313,"image":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/04\/10872-Hero_image.jpg","keywords":["Agent","AI","AI deployment and adoption","Cybersecurity","Microsoft 365","Microsoft Azure","Microsoft Copilot Studio","Security and risk management","Zero Trust"],"articleSection":["Office of the CISO"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/","name":"Microsoft CISO advice: Apply engineering fundamentals to securing AI - Inside Track Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/04\/10872-Hero_image.jpg","datePublished":"2026-04-30T16:00:00+00:00","author":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/a84c77f9cb72a705f03dfbc214dd817e"},"description":"Corporate Vice President and Deputy Chief Information Security Officer Yonatan Zunger explains why strong security for AI starts with engineering fundamentals.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/#primaryimage","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/04\/10872-Hero_image.jpg","contentUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/04\/10872-Hero_image.jpg","width":2300,"height":1293,"caption":"Corporate Vice President and Deputy Chief Information Security Officer Yonatan Zunger explains why strong security for AI starts with engineering fundamentals."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-ciso-advice-apply-engineering-fundamentals-to-securing-ai\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/insidetrack\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft CISO advice: Apply engineering fundamentals to securing AI"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/","name":"Inside Track Blog","description":"How Microsoft does IT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/a84c77f9cb72a705f03dfbc214dd817e","name":"Rani Lofstrom","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/88c3eec1cb70ef934ce9039cd3d24ebd790bdd4d17bba4e5c1cab34692f73822?s=96&d=mm&r=g1f4b72779f158e872aad1ea503fc8b81","url":"https:\/\/secure.gravatar.com\/avatar\/88c3eec1cb70ef934ce9039cd3d24ebd790bdd4d17bba4e5c1cab34692f73822?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/88c3eec1cb70ef934ce9039cd3d24ebd790bdd4d17bba4e5c1cab34692f73822?s=96&d=mm&r=g","caption":"Rani Lofstrom"},"url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/author\/rlofstrom\/"}]}},"jetpack_featured_media_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/04\/10872-Hero_image.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9hcZA-64m","_links":{"self":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/23334","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/users\/228"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/comments?post=23334"}],"version-history":[{"count":2,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/23334\/revisions"}],"predecessor-version":[{"id":23340,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/23334\/revisions\/23340"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media\/23336"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media?parent=23334"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/categories?post=23334"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/tags?post=23334"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/coauthors?post=23334"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}