MANILA, Philippines, 12 December 2023 — Microsoft has announced the launch of its Secure Future Initiative (SFI), a comprehensive response to the increasing speed, scale, and sophistication of cyberattacks worldwide. The initiative consists of three pillars: AI-based cyber defenses; advances in fundamental software engineering; and advocacy for stronger application of international norms to protect civilians from cyber threats.
As cybercriminals and nation-state attackers become more aggressive and innovative, critical infrastructure organizations across the globe have been targeted with sophisticated techniques. In the past two years, 40% of all nation-state attacks have focused on critical infrastructure, posing significant risks to communities and nations. Ransomware attempts have increased by over 200%, targeting smaller and more vulnerable organizations such as hospitals, schools, and local governments.
“The Philippines has experienced rapid digital transformation in recent years, with internet penetration reaching 73.1% in 2021 and over 50 million web threat attempts in 2022 alone,” said Peter Maquera, Chief Executive Officer at Microsoft Philippines. “As more Filipinos embrace digital technologies, it is almost inevitable that we also see a rise in cyber threats. In 2022, the Philippines was ranked as the fourth country most targeted by cybercrime. Now, it has become essential to address the increasing speed, scale, and sophistication of cyberattacks.”
Microsoft’s SFI aims to provide advanced cybersecurity solutions to help organizations and individuals in the country safeguard their digital assets and critical infrastructure. The company is committed to building an AI-based cyber shield that will protect customers and countries around the world. The company’s global network of AI-based data centers and advanced foundation AI models enable it to harness the power of AI to advance cybersecurity protection. As part of the SFI, Microsoft will accelerate its work on multiple fronts, including utilizing AI to advance Microsoft’s threat intelligence, allowing for faster detection and analysis of cyber threats.
Additionally, Microsoft will employ AI as a game-changer for organizations to help defeat cyberattacks at machine speed, addressing the global shortage of trained cybersecurity professionals. With the Philippines facing a growing demand for cybersecurity experts, AI-driven solutions can help bridge the gap and improve overall security. In fact, a 2023 white paper by the International Information System Security Certification Consortium has reported that, despite the great global demand for cybersecurity professionals, there is still a shortage of nearly four million cybersecurity workers compared to the roles that need to be filled. Microsoft’s Security Copilot, which combines a large language model with a security-specific model, can generate natural language insights and recommendations from complex data, making analysts more effective and responsive.
In addition to AI capabilities, the SFI will drive new advances in fundamental software engineering. Microsoft is transforming the way it develops software with automation and AI, evolving its Security Development Lifecycle (SDL) to a dynamic SDL (dSDL). This will integrate cybersecurity protection against emerging threat patterns throughout the coding, testing, deployment, and operation processes.
As part of this process, over the next year, Microsoft will enable customers with more secure configurations for multifactor authentication (MFA) out-of-the-box, which refers to the company’s current MFA default settings. This will expand current default policies to a wider range of customer services, focusing on areas where customers need protection the most. By improving these default settings, Microsoft aims to reduce the risk of successful cyberattacks and strengthen overall security.
Other key steps under the SFI include strengthening identity protection against sophisticated attacks and pushing the envelope in vulnerability response and security updates for cloud platforms. Microsoft plans to cut the time it takes to mitigate cloud vulnerabilities by 50% and encourage more transparent reporting across the tech sector. This is crucial as the Philippine National Police Anti-Cybercrime Group reported that cybercrimes in Metro Manila rose by 152% during the first half of 2023, with at least 6,250 cybercrimes reported to the police.
“Microsoft believes that stronger AI defenses and engineering advances must be combined with a third critical component—the stronger application of international norms in cyberspace,” shared Maquera. “The company advocates for a Digital Geneva Convention, a set of principles and norms governing the behavior of states and non-state actors in cyberspace.”
Under the SFI, Microsoft helps advocate for and supports efforts to unite governments, the private sector, and civil society in advancing international norms on two fronts. These efforts involve endorsing and reinforcing key norms that provide red lines no government should cross, such as not planting software vulnerabilities in critical infrastructure networks or compromising the security of cloud services. Moreover, Microsoft aims to foster greater accountability for nation-states that violate these norms through strong, public, multilateral, and unified attributions from governments.
“Microsoft’s Secure Future Initiative provides an enormous opportunity and imperative for the Philippines. We’re committed to bringing both the scale and strength of Security platform to safeguard organizations and communities across the country against the escalating nature of the cyber threats we face today. With all the excitement around AI, our customers have even more to look forward to because through artificial intelligence, we are leveling the playing field for IT Security in their favor and ultimately towards a safer digital environment for businesses and individuals in the Philippines and across the globe.”