IT security of the future: How AI prevents cyberattacks

At Microsoft Secure Germany, attendees discussed how artificial intelligence is changing IT security and how to defend against cyberattacks. The focus was on the challenges of social engineering and the role of generative AI in modern cyber defense.

How is artificial intelligence reshaping IT security, compliance, and data protection? That was the question for Microsoft Secure Germany as the conference explored the IT security of the future. It’s worthwhile to take a look back at the discussion of this exciting topic at the event and summarize the key points.

Deepfakes call for new rules

All of us know that the number of cybersecurity incidents within companies and organizations is rising sharply. Social engineering is an especially hot topic, as cybercriminals can use simple software and freely available tools or services, for example. This makes it almost impossible for many people to tell whether or not a call is genuine. These days, it is easy and doesn’t cost much to spoof a caller ID and use voice generators and pictures or videos of other faces, so the person who receives the call believes it is from someone they know. 

This means the number of attacks on accounts and the associated attempts to hijack people’s identity will continue to increase going forward. In short, cybercriminals are growing more professional, and the risk of falling victim to social engineering is rising sharply.

There are three measures we can take to counter this risk: 

1. Cyber hygiene 

2. Support from generative AI/Copilot 

3. Data classification

Cyber hygiene is key

Cyber hygiene is all about using advanced technologies to safeguard identities, devices, and applications. It is important to check configurations regularly and adapt them to new situations. These measures should be followed without exception.

A quote from one panel discussion makes this clear: “We’re all working extensively with data protection, but neglecting data security.” This highlights the irony of the situation, in which attackers focus on vulnerabilities in data security, while data protection is irrelevant to them. In light of the decreasing costs of cyberattacks, this is an alarming trend.

Generative AI in cybersecurity

Copilot functions/generative AI can be used in the security sphere to allow companies to adjust the speed at which they mount defenses to the speed of attacks. A couple years back, it took several days for an attacker to go from penetrating an environment to doing damage, but now that window has shrunk to 15 minutes or less. 

To put it plainly, humans are still crucial to defensive action. But harnessing AI lets them take the right actions much faster. This support is scalable, and it can be provided in the form of prompt books, for example, which are used as defensive guides.

Data classification is the basis for responsible AI

In the generative AI context, taking data security and data governance into account is a crucial part of a zero-trust strategy. As a general rule, AI is of limited utility without data classification. It is essential to know which data is used in which AI tools and how rules can be used to prevent uncontrolled outflows of data. This is only possible through classification and supplementary keywords.

The new AI Hub in Microsoft Compliance Manager presents these uses straightforwardly based on the data from Microsoft Purview – including anonymously, as needed. This means AI can be used safely and reliably.

So what does all that mean as a takeaway?

  • We need to learn to question what we see. Everyone involved at a company needs to be prepared for someone to “knock at their door,” so to speak, at any time – meaning a hacking attempt. A person they think they know may not be who they seem. Our experts are happy to demonstrate which security awareness measures would make sense for your organization.
  • Data classification and information protection are crucial to success. “Responsible AI” involves using AI to make your data usable for users, securely and subject to rules. Technical implementation of this kind of classification in Microsoft 365 and associated data sources is now more necessary than ever, but luckily it’s also easier than ever. Our experts will be pleased to show you how you can use Microsoft Purview Information Protection to reach this challenging goal, step by step.
  • There’s no longer any excuse for not using advanced security technologies. Solutions like Microsoft Security and security compliance programs (SCPs) offer wraparound protection for companies. But they can also help with daily “hygiene” for your security environment. Our experts are happy to explain how you can use the Defender Suite to keep pace with attackers, making it more expensive for them to attack.


On a final note, now it’s your turn to take action toward advanced IT security. From our perspective, it’s time to get started – and there's no time like the present!


Stefan Haffner

Associate Partner | Cyber Security

Michael Matthies

Manager | Modern Workplace Strategy & Security