Microsoft: Innovate AI security with supply chains and Zero Trust

1 min read


  • Microsoft advises incorporating transparency in the supply chain and reinforcing built-in software controls to address AI security needs.
  • The use of AI in fraud highlights the need to understand how malicious actors use AI to exploit vulnerabilities.

Microsoft is emphasizing the importance of looking to supply chains and implementing a zero-trust approach for AI security. The rapid rise of artificial intelligence technologies poses new risks for enterprises, and Microsoft recommends regularly scanning for prompt injection attacks, implementing supply chain transparency, and reinforcing software controls. The company suggests that enterprises define specific use cases and employee access controls to plan for AI threats effectively.

Conditional access policies are recommended to automatically protect tenants based on risk signals, licensing, and usage. Enterprises are advised to regularly evaluate use cases and policies to ensure they align with objectives and learnings. AI can be utilized to improve threat detection and incident response, making it essential for organizations to design, deploy, and utilize AI securely.

AI’s dual nature is exemplified in fraud, where hackers leverage the technology to manipulate data for malicious purposes. Microsoft warns about the potential threats to identity proofing, urging organizations to prevent prompt injection attacks by fine-tuning large language models and implementing contextual filtering and output encoding.

Organizations are encouraged to assess data touchpoints, set up cross-functional cyber risk teams, and establish policies detailing the uses and risks of AI tools. While threat groups from North Korea, China, and Russia are using AI to augment cyber operations, Microsoft has not observed any significant attacks. By focusing on supply chain security and a zero-trust approach, enterprises can enhance their AI security posture and mitigate emerging threats effectively.

Previous Story

U-Haul hack exposes 67,000 customer records with stolen passwords

Next Story

American Technology Services snags Cyber Defense International in major acquisition deal

Latest from News