Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI. learn more
VentureBeat recently spoke (virtually) with: Vas JackalCorporate Vice President of Security, Compliance, Identity, Management and Privacy Microsoft, Gain insight into how AI, machine learning (ML), generative AI, and emerging technologies are redefining cybersecurity.
jackal leads microsoft securityone of Microsoft’s fastest growing divisions. 20 billion dollars Earnings increased early last year. She previously served as Executive Vice President and Chief Marketing Officer at FireEye and Vice President of Corporate Marketing at Brocade.
The key takeaway from her interview with VentureBeat is that AI is core to Microsoft Security’s DNA, and that she and her senior management team are leading Gen AI to a more inclusive, productive, and diverse industry. This means that we believe this technology is essential to reducing barriers. for them most recent fiscal year, Microsoft achieved record annual revenue of more than $245 billion, an increase of 16% year-over-year, and operating income of more than $109 billion, an increase of 24%.
CEO Nadella: Security is Microsoft’s top priority
meanwhile Microsoft’s 2025 Q1 Financial Results Conferencewith the chairman CEO Satya Nadella “We continue to prioritize security above all else,” Nadella added. We also help customers secure their AI deployments. Customers use Defender to power over 750,000 generation AI apps. We have used Purview to discover and protect our instances and audited over 1 billion Copilot interactions to meet our compliance obligations.”
I’m writing a letter to him this year annual reportNadella emphasized how important security is to Microsoft’s future, saying, “Security underpins every layer of our technology stack.” Mr. Nadella emphasizes: “We are further strengthening our Secure Future Initiative as we practice the principles of Secure by Design, Secure by Default, and Secure Operations. We are focused on continuing to advance across the six pillars of our isolation initiative: Protect identities and secrets Secure engineering systems Monitor and detect threats. Accelerate response and remediation.
“As part of this commitment, all Microsoft employees are now making security a ‘core priority’ and holding each of us accountable for building secure products and services,” Nadella said. ” states.
Below are excerpts from VentureBeat’s interview with Jakkal.
VentureBeat: First, can you share how Microsoft’s Secure Future Initiative (SFI) has reshaped the company’s approach to cybersecurity and company culture?
jackal: of Commitment to a secure future It’s not just about technology, it’s about transformation. With over 34,000 equivalent engineers dedicated to this effort, it is one of the largest engineering drives in cybersecurity. We focus on secure design, secure defaults, and secure operations. But it’s also about changing the way we think. Security is now the responsibility of everyone at Microsoft, not just specialized teams. That’s how we progress.
We believe it is our job and obligation to provide such a platform. I joined Microsoft because of our mission and to empower everyone, and I love security. Because we believe this is a great place that has an impact on everyone. When we launched the Secure Future Initiative last November, it was certainly about protecting Microsoft and building a resilient Microsoft, but it was about much more than that. It’s about making the world safer in this age of AI and creating fairness, equality, and opportunity for everyone to participate. Because I go to people, not just women, but men, women, all kinds of people, all sides, and they say, “Look, you can have a great, meaningful career connected to purpose.” You can build a great career.
VB: How does generative AI empower defenders? What role does a security co-pilot play?
jackal: gen I feel like AI will bring about a big change in this industry. Let me share some statistics. Three years ago, in 2021, there were 567 identity-related attacks, which are password-related attacks. That means more attacks per second. Today, that number is 7,000 password attacks per second, with over 1,500 attackers being tracked. Security Copilot helps level the playing field. Simplify tasks like incident analysis and reporting automation using Microsoft security data and OpenAI’s GPT models. For early-career defenders, speed increased by 26% and accuracy by 35%. For experienced professionals, it is 22% faster and 7% more accurate. But what statistics are most meaningful to me? More than 90% of users responded that they would like to use the service again. That’s what we call the “joy statistic.” That’s why I love Gen AI. Because I think anyone can easily become a defender using this tool. And that’s a game changer for me.
VB: Can you elaborate on exposure management and how the combination of AI, human collaboration, and threat management aligned with the new exposure management direction streamlines security operations center (SOC) performance? ?
jackal: We’ve been moving in the direction of what’s called unified SOC or unified SecOps for the past few years. This was one of those visions where too many alerts made it difficult for defenders. This means that the noise-to-signal ratio is quite high. So the idea behind our SOC is to take extended detection and response, XDR capabilities (which is actually Defender, our tool), take SIEM capabilities (Sentinel), and integrate them. It was to do. So we have an integrated glass frame and exposure management really fits into that. Because, along with expanded detection capabilities, exposure management now looks at endpoints and identities, data security and cloud security, all of which are considered, rather than just looking at the endpoint. Just integrated into it. That’s why Defender gives SOC teams access to our exposure management capabilities, helping them in the same way that threat protection tools help with detection and response. Our exposure management tools help you plan all the paths an attacker could take. Because I think protection is great, but prevention is the best defense.
VB: Why has Microsoft made exposure management the cornerstone of its active defense strategy?
jackal: Attackers think in graphs; defenders think in lists or silos. Defenders have to think graphically. For Generation AI, this is very important and that is exposure management. We actively incorporate graph functionality into our security products. exposure management is of course the first product with gen AI to use these graphing features. And this allows you to manage your attack surface, such as looking at your digital assets the same way an attacker would look at them and starting to look at all the potential paths and how an attacker might get in. For the first time, attack path analysis can be introduced. There’s also this cool thing where you can find choke points. Are there many attack paths that go through one point? What do they look like? And this uses these graph features. Exposure management is already enabled for 70,000 tenants. We also work with a third-party ecosystem because security is a team sport.
VB: How does exposure management enhance defender capabilities within a unified SOC?
jackal: Exposure management fits perfectly into our vision for a unified security operations center (SOC). Integrate tools like Defender for detection and Sentinel for response into one cohesive system. By integrating exposure insights, defenders can obtain a clear map of attack vectors and risks. It’s about making prevention as seamless as detection and response, giving defenders a single, actionable view.
VB: What role does diversity play in Microsoft’s cybersecurity vision?
jackal: We talk about important graphs and artificial AI, but ultimately cybersecurity is about people and enabling people to use these technologies to change culture. The Secure Future Initiative, graph-based capabilities, Gen AI, and other initiatives are all driving a large-scale cultural change that involves everyone. You’ve probably heard me say that security should be for everyone, and everyone should do it. And that is the purpose for which we live. Cybersecurity thrives on diverse perspectives because attackers are diverse and defenders should be diverse as well. It’s about creating opportunities and allowing everyone to be part of the solution.
VB: How does Microsoft ensure that its AI tools are accessible and fair to defenders?
jackal: Accessibility is key. Tools like Security Copilot are designed to be intuitive and can be used effectively by defenders of all skill levels. By democratizing advanced capabilities, small organizations can have access to the same powerful tools as large enterprises.
Because just imagine how many people will have access to all these tools. Because no matter who you are or where you are, you can start right away. And attackers are very diverse. Our world is quite diverse. So how can we stay ahead if our defenders don’t reflect the diversity of the world? So whether it’s generative AI or the graphs we’re building. I think all of these tools, no matter the platform, can help you do that as well.
VB: What is your ultimate vision for Microsoft’s cybersecurity efforts?
jackal: Our goal is to empower defenders and build a safer digital world. Transform the way your organization approaches cybersecurity and stay ahead of evolving threats with tools like Security Copilot and Exposure Management. It’s about making cybersecurity accessible to everyone and creating a resilient and inclusive future.
