Microsoft announces Secure Future Initiative to help improve its cybersecurity efforts

Earlier this summer, Microsoft revealed that Chinese hackers had gotten access to government email accounts in the US and Europe, due to the hackers getting access to an "acquired MSA key to forge tokens to access OWA and Outlook.com." The cyberattack caused U.S. Senator Ron Wyden to request an investigation of the incident by government agencies.

Today, Microsoft announced a new cybersecurity effort that it calls the Secure Future Initiative. It will have three main goals that the company says should offer better protection against the threat of cybercriminals.

Microsoft Brad Smith stated in a blog post that this new initiative came about because the company has decided "that the increasing speed, scale, and sophistication of cyberattacks call for a new response." He summarized this new initiative by stating it will have "three pillars, focused on AI-based cyber defenses, advances in fundamental software engineering, and advocacy for stronger application of international norms to protect civilians from cyber threats."

The first pillar of the initiative will be to use AI methods to combat cyberattacks. Smith stated:

Microsoft’s Threat Intelligence Center (MSTIC) and the Microsoft Threat Analysis Center (MTAC) are using advanced AI tools and techniques to detect and analyze cyber threats. We are extending these capabilities directly to customers, including through our Microsoft security technologies, which collect and analyzes customer data from muliple sources

The second pillar is to improve and advance new software engineering methods to fight cybercrime. Microsoft stated in a summary email that will include "moving identity signing keys to an integrated, hardened Azure HSM and confidential computing infrastructure where signing keys are not only encrypted at rest and in transit but also during computational processes as well. "

Microsoft also stated that it plans to cut the time to respond to any cloud-based vulnerabilities that are discovered by 50 percent. It also plans to use more "memory safe" programming languages like C#, Python, Java, and Rust that it says will "eliminate entire classes of traditional software vulnerabilities." The company also plans to require the use of multi-factor authentication (MFA) in more of its software products

Smith also says that the third pillar of this new initiative will ask the international community to set up new practices for fighting cybercrimes. Smith said that Microsoft will propose that "states should recognize cloud services as critical infrastructure, with protection against attack under international law."

Report a problem with article
Next Article

New gameplay trailer shows Omni-Man coming to Mortal Kombat 1 on November 9

Previous Article

The new free game from the Epic Games Store is Turnip Boy Commits Tax Evasion (no, really)