I just got back from Chicago and an exciting Microsoft Ignite 2024, jam packed with great content on mostly Copilot. This year’s conference represented a revival for Microsoft in that this was the largest scale in-person Ignite since before the Pandemic. Most people who had been to several Ignites before would have noticed a key difference with this year’s event, because what stood out was how big Microsoft is betting on AI. Right from Satya Nadella’s Keynote address, through the many breakout sessions, and right down to the conversations happening all around the exhibit floor, it was Copilot this and Copilot that. It seems I’m not alone because what did I happened to overhear while I was marching on a mission to grab the one piece of conference swag I really wanted (a laser-engraved luggage tag)?
“they should have called this the Microsoft Copilot World Conference instead of Ignite!”
Not that I’m complaining – I think the value of having so many people talking about the practical opportunities of AI beyond last year’s hype can only be a good thing. These practical discussions are exactly what’s taking place within complex organizations across the globe today, in which technology leaders are exploring not just the productivity upsides of AI, but of the real security concerns that exist in deploying AI within their complex business environments.
As you can imagine, lots of things were announced and revealed, and I was particularly interested in learning more about anything related to Security. Here are my top 3 security-related announcements from Microsoft Ignite 2024.
- Microsoft Purview Data Loss Prevention (DLP) for Copilot.
As generative AI (GenAI) adoption continues, Gartner research confirms that decentralized business units are eagerly experimenting with AI and GenAI use cases without the guidance of an enterprise framework to manage AI trust, risk and security. Naturally this makes security leaders remain concerned about the emerging risks such as data oversharing and leakage, among other things.
Does that sound like you? A successful AI transformation needs to totally re-imagine the approach that complex organizations are taking today when it comes to safeguarding their digital estate. Many organizations are nowhere near where their security leaders want them to be, and without the appropriate security guardrails in place, many remain concerned that these capabilities are too steep a security price to pay for their obvious productivity benefits. I believe Microsoft Purview DLP for Microsoft 365 Copilot gives security leaders a quick win possibility while the work to better secure your environment in the era of AI continues.
What is it? Microsoft Purview DLP for Microsoft 365 Copilot enables admins to configure DLP policies to restrict Microsoft 365 Copilot from processing files based on their sensitivity labels.
Why does it matter? If your sensitive information within Microsoft 365 files and emails has sensitivity labels appropriately applied, then this capability allows your security teams to monitor instances of it being introduced into Copilot. Security admins can now create DLP policies to exclude documents with specified sensitivity labels from being summarized or used in responses in Microsoft 365 Copilot Business Chat. This capability (which currently works with Office files and PDFs in SharePoint Online), helps ensure that potentially sensitive content within a labeled file is not available to users to copy and paste into other applications. This also helps prevent Microsoft 365 Copilot from processing content within a labeled document for grounding data. In effect this prevents Copilot from using the labeled content to generate or inform its responses, thereby protecting sensitive data from being inadvertently overshared.
- Microsoft Purview Data Security Posture Management (Purview DSPM).
Are your security teams complaining that they have poor visibility into sensitive data and its use may be siloed across different systems at your organization? If you’re among the security leaders seeking a comprehensive and unified view to help your security teams address this major challenge, then this announcement may bring some much-needed relief.
What is it? Microsoft Purview Data Security Posture Management (Purview DSPM) gives your security teams visibility into your data security risks, and recommends to them controls to better protect your data. For example, it can provide scenario-based policy recommendations for DLP, and Insider Risk Management (IRM).
Why does it matter? Purview DSPM offers contextual insights on where your data is located and how it’s being used, along with an overall view of your evolving data landscape to support continuous risk assessment initiatives. It is natively integrated into Microsoft 365 (and available in E5) to give your security teams a seamless experience in discovering risks and applying protections to mitigate as needed. A major advantage of DSPM is that it helps organizations trim their tech stack from a number of similarly functioning tools so you can divert cost savings into areas of greater need.
- Microsoft Security Exposure Management.
You’ve probably seen the digital landscape in your organization become far more interconnected than it was even a few years ago. While that’s a good thing, you’ve probably also heard from your security teams that the data and insights from the various tools they use are often siloed and poorly integrated. This fragmentation presents a critical challenge to you and your organization because it becomes hard to gain a holistic view of threats or assess their potential impact on your critical assets.
“Defenders think in lists, attackers think in graphs…”
What is it? Microsoft Security Exposure Management provides coverage for commonly observed attack techniques, using 3 main tools:
- Attack Surface Management that continuously visualizes critical assets that are often prime targets for attackers.
- Attack Path Analysis that prioritizes high-risk attack paths with a specific focus on your critical assets and recommendations on how to best remediate.
- Unified Exposure Insights that provides a clear view of your organization’s threat exposure.
Why does it matter? Traditional ‘vulnerability’ management is no longer effective at safeguarding your digital landscape. Microsoft Security Exposure Management provides your security teams with a “graph” and lets them visualize relationships between assets, vulnerabilities, and threats, ultimately enabling proactive risk management and strengthening your stance against attackers. It also helps communicate the message about impacts more clearly to leadership, by moving beyond abstract terms like ‘vulnerability’ and towards easier-to-grasp language about risk and actionable initiatives related to your environment.
I’ve just nicked the surface of the announcements made, and the full list is included within the Microsoft Ignite 2024 Book of News, which has a table of contents to help you zero in on key announcements made in the solutions or workloads you’re interested in.
Thanks for reading, and please reach out if you have a question or just want to chat more!
