Microsoft Purview is set to introduce a set of security policies for risky AI usage

AI has become a tech industry trend for over 2 years now, with tech companies placing all the bets on it, and using it as an essential part of modern computing. However, after bad actors started to see in AI a new way to conduct disastrous cyber attacks, the enthusiasm has also started to slow down.

Earlier this year, Microsoft in a partnership with OpenAI, the company behind the world’s most popular AI model, released a report chronicling and explaining how bad actors from Russia, Iran, China, or North Korea used AI to initiate various cyber attacks.

Suddenly AI wasn’t seen as an enthusiasm, but as a threat, as well. And Microsoft, it seems, might finally admit that AI could become a serious security risk to organizations if left unchecked.

The Redmond-based tech giant is updating Microsoft Purview, its corporate-oriented platform for IT admins, managers, and security experts, to recognize, and deal with possible risky AI usage.

According to the latest entry to the Microsoft 365 Roadmap, the new update will be previewed in July 2024, with a general availability scheduled for September 2024.

So, what exactly is risky AI usage, according to Microsoft? Well, the Redmond-based tech giant says that any intentional or unintentional risk activity on generative AI apps an organization uses can pose a risk to that organization, so it will automatically be labeled as risky AI usage.

These intentional or unintentional risk activities are varied: from prompts containing sensitive info or risky intent and sensitive responses containing sensitive info to using AI to generate data from sensitive files or sites.

Microsoft Purview will be updated to cover risky AI usage from Microsoft Copilots, to 3P generative AI apps, and it will automatically detect AI-based cyber attacks that end up in IP theft, data leakage, and security violations. The platform will also allow customers to create their own policies to combat risky AI usage according to specific characteristics of their organization.

With this update, Insider risk management will help admins identify risky AI usage. We are adding new detections of intentional and unintentional insider risk activity on generative AI apps that can pose a risk to an organization. Activities will include risky prompts containing sensitive info or risky intent and sensitive responses containing sensitive info or is generated from sensitive files or sites. Coverage will span across Microsoft Copilots and 3P generative AI apps. These detections will also contribute to Adaptive Protection insider risk levels. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Microsoft

Purview will also be updated to ease multiple processes: for instance, the platform will make it easier to implement onboarding processes that deal with setting up new devices to the organization’s network.

The platform will also get a new unified experience that offers access to all solutions in one single place. The new portal will allow IT admins, managers, and cybersecurity experts to access data security, data governance, and risk and compliance solutions for all data, no matter where this data is located. They can also access other settings, such as global search, recommendations, and roles and permissions management, everything in a single portal.

Microsoft Purview will have all the tools to deal with the looming threat of AI-based cyber attacks, but it might be time for the industry tech to admit the obvious: AI is also extremely dangerous.