Microsoft unveils OpenAI-based chat tools for fighting cyberattacks
- The latest Microsoft AI assistant tools use OpenAI’s new GPT-4 language system and data specific to the security field
- The new AI technologies allow for faster analysis and add the ability to use plain English questions, making it easier for employees who are not experts
Microsoft Corp, extending a frenzy of artificial intelligence (AI) software releases, is introducing new chat tools that can help cybersecurity teams ward off hacks and clean up after an attack.
The latest of Microsoft’s AI assistant tools – the software giant likes to call them Copilots – uses OpenAI’s new GPT-4 language system and data specific to the security field, the company said Tuesday. The idea is to help security workers more quickly see connections between various parts of a hack, such as a suspicious email, malicious software file or the parts of the system that were compromised.
Microsoft and other security software companies have been using machine-learning techniques to root out suspicious behaviour and spot vulnerabilities for several years. But the newest AI technologies allow for faster analysis and add the ability to use plain English questions, making it easier for employees who may not be experts in security or AI.
That is important because there is a shortage of workers with these skills, said Vasu Jakkal, Microsoft’s vice-president for security, compliance, identity and privacy. Hackers, meanwhile, have only got faster.
“Just since the pandemic, we’ve seen an incredible proliferation,” she said. For example, “it takes one hour and 12 minutes on average for an attacker to get full access to your inbox once a user has clicked on a phishing link. It used to be months or weeks for someone to get access”.
The software lets users pose questions such as: “How can I contain devices that are already compromised by an attack?” Or they can ask the Copilot to list anyone who sent or received an email with a dangerous link in the weeks before and after the breach. The tool can also more easily create reports and summaries of an incident and the response.
Microsoft will start by giving a few customers access to the tool and then add more later. Jakkal declined to say when it would be broadly available or who the initial customers are. The Security Copilot uses data from government agencies and Microsoft’s researchers, who track nation states and cybercriminal groups. To take action, the assistant works with Microsoft’s security products and will add integration with programs from other companies in future.
