Commercial Solutions Area Director and CTO at Microsoft South Africa, Colin Baumgart, has identified Artificial Intelligence (AI) as a pivotal ally in the fight against cybercrime.
Baumgart explained that AI’s ability to analyse vast amounts of data at lightning speeds enables the identification of patterns and anomalies that “may indicate a security breach, often before it occurs”.
According to Baumgart, organisations must remain vigilant, “adapting our defences to counteract the evolving threats in the cybersecurity landscape“.
In his virtual presentation on Cybersecurity at the 2024 Microsoft Africa AI Journalist Academy, Baumgart said:” The cybersecurity landscape is undergoing a profound transformation, driven by the relentless evolution of technology and the increasing sophistication of cyber threats.
“In this dynamic environment, artificial intelligence (AI) has emerged as a pivotal ally in the fight against cybercrime.
“This proactive stance is crucial in a time when reactive measures are no longer sufficient.
“But, in an era where digital threats are escalating in complexity and scale, we cannot just think about defending against cyber threats, we need to be advancing the way we design, build, test and operate our technology to meet the highest standards of security.
“It is why, we have created The Secure Future Initiative (SFI), a multi-year undertaking to safeguard our digital ecosystem.
“It is an approach that is anchored in three fundamental principles: secure by design, secure by default, and secure operations, ensuring that security is not an afterthought but a foundational element of everything we create”.
He explained that recent cyber threats have shown a marked increase in both sophistication and frequency, posing significant challenges to cybersecurity defences worldwide.
“This commitment to cybersecurity extends beyond our own products. Through collaborations and partnerships, we are contributing to a broader security ecosystem, sharing threat intelligence and best practices.
“This collaborative effort is vital because cyber threats do not recognise boundaries and can ripple through networks, affecting countless users.
“A notable trend is the surge in mobile, Internet of Things (IoT), and operational technology (OT) cyberattacks, which underscores the expanding threat landscape beyond traditional computing environments”.
Meanwhile, Microsoft 2024 Digital Defense Report highlights an alarming rise in attacks, with incidents targeting customers globally, doubling to 600 million per day, “revealing the growing collaboration between nation-state actors and cybercriminals.
“Over 78 trillion security signals per day from the cloud, endpoints, software tools and our partner ecosystem inform our insights, and help us to understand and protect against digital threats and criminal cyberactivity”.
According to Microsoft, Data breaches have also been rampant, with TechCrunch reporting over 1 billion stolen records in 2024 alone.
“These breaches have not only compromised personal information but have also emboldened criminals who profit from cyberattacks.
“As the threats evolve, so must the strategies to combat them, requiring a concerted effort from individuals, organisations, and governments alike”.
According to Interpol’s African Cyberthreat Assessment Report 2024, the rapid growth of cybercrime is further illustrated by the estimation that in 2023 there was a 23% year-on-year increase in the average number of weekly cyberattacks per organisation in Africa – this average was the highest in the world.
“Despite this, 52% of employees still say their job has nothing to do with cybersecurity, according to The Phishing Benchmark Global Report.
According to Microsoft, there is a widespread recognition of the need to build a security culture to increase the understanding of security’s value to the business, as well as drive security awareness.
“People, process and technology need to be in harmony – because businesses can have the most sophisticated technology and comprehensive processes in place to monitor, detect and respond to breaches, but if a person gives their password away or clicks on a phishing email, it becomes exponentially more difficult to protect the organisation.
“Ultimately, it boils down to the fact that the individual user level is a person – and unless they have been trained to be security aware, they are capable of human error and are likely to remain the weakest link in the security chain.
“Many organisations are investing in strengthening their employees’ cybersecurity knowledge and offer theoretical and practical training by carrying out spoof attacks, such as sending out phishing emails, evaluating who clicks on the links and then providing more in-depth training to plug identified gaps.
“Employees are the first and last line of defence and it is why educating everyone on staying cybersafe is so important. It’s time to act now.
“We recognise that the path to a secure future is paved with challenges and opportunities alike.
“The same technology that empowers us can also empower adversaries.
“Cybercriminals are increasingly utilising AI to launch more sophisticated attacks, bypass traditional defences, and automate their malicious activities.
“This escalation necessitates a continuous evolution of our security strategies to stay ahead of these AI-generated threats.
“As the cybersecurity landscape continues to evolve, the partnership between AI and human expertise becomes increasingly important.
“AI can handle the heavy lifting of data analysis, but human judgment is irreplaceable when it comes to nuanced decision-making.
“Organisations must foster a culture of continuous learning and adaptability, empowering their workforce to leverage AI effectively.
”And as we navigate this shifting terrain, the synergy between AI and human intelligence will be the cornerstone of a resilient cybersecurity posture.
“By embracing the transformative potential of AI while remaining cognisant of its risks, we are setting a new standard for digital defence—one that is robust, intelligent, and ever-evolving.
“Our mission is clear: to secure our digital world, so that everyone, everywhere, can achieve more”.
Speaking at Microsoft Ignite in November last year, Vasu Jakkal, Corporate Vice President, Security, Compliance, Identity, and Management said, “the increasing speed, scale, and sophistication of recent cyberattacks demand a new approach to security”.
He added that traditional tools are no longer enough to keep pace with the threats posed by cybercriminals.
“The changing threat landscape, and evolution of AI means that we need to think about cybersecurity differently.
