Microsoft Corp., extending a frenzy of artificial intelligence software releases, is introducing new chat tools that can help cybersecurity teams ward off hacks and clean up after an attack.
The latest of Microsoft’s AI assistant tools — the software giant likes to call them Copilots — uses OpenAI’s new GPT-4 language system and data specific to the security field, the company said Tuesday. The idea is to help security workers more quickly see connections between various parts of a hack, such as a suspicious email, malicious software file or the parts of the system that were compromised.
Microsoft and other security software companies have been using machine-learning techniques to root out suspicious behaviour and spot vulnerabilities for several years. But the newest AI technologies allow for faster analysis and add the ability to use plain English questions, making it easier for employees who may not be experts in security or AI.
That’s important because there’s a shortage of workers with these skills, said Vasu Jakkal, Microsoft’s vice president for security, compliance, identity and privacy. Hackers, meanwhile, have only gotten faster.
“Just since the pandemic, we’ve seen an incredible proliferation,” she said. For example, “it takes one hour and 12 minutes on average for an attacker to get full access to your inbox once a user has clicked on a phishing link. It used to be months or weeks for someone to get access.”
The software lets users pose questions such as: “How can I contain devices that are already compromised by an attack?” Or they can ask the Copilot to list anyone who sent or received an email with a dangerous link in the weeks before and after the breach. The tool can also more easily create reports and summaries of an incident and the response.
Microsoft will start by giving a few customers access to the tool and then add more later. Jakkal declined to say when it would be broadly available or who the initial customers are. The Security Copilot uses data from government agencies and Microsoft’s researchers, who track nation states and cybercriminal groups. To take action, the assistant works with Microsoft’s security products and will add integration with programs from other companies in the future.
As with previous AI releases this year, Microsoft is taking pains to make sure users are well aware the new systems make errors. In a demo of the security product, the chatbot cautioned about a flaw in Windows 9 — a product that doesn’t exist.
But it’s also capable of learning from users. The system lets customers choose privacy settings and determine how widely they want to share the information it gleans. If they choose, customers can let Microsoft use the data to help other clients, Jakkal said.
“This is going to be a learning system,” she said. “It’s also a paradigm shift: Now humans become the verifiers, and AI is giving us the data.”