Security and risk management
-
|
Transforming our approach to sensitivity labels at Microsoft with Microsoft Entra
Security groups serve as the backbone of our approach to access control across the Microsoft corporate tenant. These groups determine who has access to different resources across our network, including Azure subscriptions, Power BI reports, SharePoint sites, and more. For…
-
|
Governing AI agents at scale: Lessons from our journey at Microsoft
Empowering employees and protecting your organization through agent governance Welcome to the agentic frontier Engage with our experts! Customers or Microsoft account team representatives from Fortune 500 companies are welcome to request a virtual engagement on this topic with experts…
-
|
How Work IQ is supercharging our AI usage at Microsoft
At Microsoft, we’re constantly thinking about the future of work—how the power of AI and agents is transforming the way knowledge workers do their jobs, streamlining workflows, and boosting employee productivity. These innovations have come in many different forms across…
-
|
Microsoft CISO advice: Consider the risks of early integration with mergers and acquisitions
When considering mergers and acquisitions (M&A), security needs to be an important part of the financial and operational due diligence process. At Microsoft, the security organization does more than fulfill the traditional role of assessing risk. It seeks also to…
-
|
Fast Train to the AI Frontier: Balancing risk and innovation in the era of AI at Microsoft
Every IT leader today feels the same tension. On the one side, there’s unprecedented pressure to move faster. To deploy AI‑powered capabilities, embrace agents, modernize workflows, and compete in an environment where speed and adaptation increasingly define advantage. On the…
-
|
Microsoft CISO advice: Apply engineering fundamentals to securing AI
Agentic AI, like any software, is just one part of a business solution. It is not the only element that needs to be secured. Engineers need to approach securing agentic AI in the corporate IT ecosystem the same way they…
-
|
Unfolding our AI-in-IT story: What to expect at the 2026 Microsoft 365 Community Conference
This article is about an event that is now completed. We leave the post up on our site as a record of the conference and the topics covered by some of our Microsoft Digital subject matter experts. At Microsoft Digital,…
-
|
Microsoft CISO advice: How to build trustworthy agentic AI
Building production-ready solutions with agentic AI comes with inherent risks. When agents make mistakes or hallucinate, the potential impacts can multiply rapidly. “It turns out that it’s very easy to write AI-powered software, but it’s very hard to write AI-powered…
-
|
Microsoft CISO advice: The importance of a written AI safety plan
Yonatan Zunger, CVP and Deputy CISO for Microsoft, has spent his career considering complex questions with security and privacy while building platform infrastructure and solutions. His experience underpins his advice on how to build a safety plan for working with…
-
|
Harnessing AI: How a data council is powering our unified data strategy at Microsoft
Information technology is an ever-evolving landscape. Artificial Intelligence is accelerating that evolution, providing employees with unprecedented access to information and insights. Data-driven decision making has never been more critical for businesses to achieve their goals. In light of this priority,…
-
|
Microsoft CISO advice: The most important thing to know about securing AI
Using AI comes with inherent risks. In a recent video, Yonatan Zunger, CVP and deputy CISO for Microsoft, suggests thinking about AI as a new intern will help you naturally take the right approach to AI security. Zunger and his…
-
|
Deploying Microsoft Baseline Security Mode at Microsoft: Our virtuous learning cycle
The enterprise security frontier isn’t just evolving. It’s accelerating beyond the limits of traditional security models. AI acceleration, cloud adoption, and rapid growth of enterprise apps have dramatically expanded the attack surface. Every new app introduces a new identity. Every…