In this week’s episode of the Practical 365 podcast, Rich Dean and I had the pleasure of speaking with Rod Trent, Senior Program Manager at Microsoft.
Before we discussed Microsoft Copilot for Security, Rod shared insights into his diverse career. From running conferences to writing books (both fiction and technical), managing communities, and serving as editor-in-chief for publications like Windows IT Pro, Rod’s journey has been centered around content creation. Now in his role at Microsoft, provided us with a deep dive into Microsoft Security Copilot and its potential to transform the cybersecurity landscape.
Microsoft Copilot for Security: Bridging the Gap Between AI and Cybersecurity
The core of our discussion revolved around Microsoft Copilot for Security, an AI-powered tool designed to assist security professionals and IT generalists alike. Rod explained that Copilot for Security aims to streamline security operations, making them more efficient and accessible to organizations of all sizes.
Currently, early adopters, particularly in the finance sector, make up much of the first cohort of customers to fully leverage Copilot for Security. Whilst these organizations are often already familiar with AI tools, Rod emphasized how Security Copilot is designed to help bridge the significant skills gap in cybersecurity.
The core point Rod stressed is that the intention of Microsoft providing AI-assisted analysis and recommendations is so that it can support IT generalists who may be stretched thin across multiple responsibilities.
Of particular interest to Rich was Copilot for Security’s plugin architecture and API integration capabilities. Rod explains on the show how this allows for easy customization and extension of the tool’s functionality, and how one partner/ISV is heavily using Logic Apps connectors as a more straightforward way to integrate Copilot for Security via workflows.
A crucial aspect of AI adoption in security is the quality of data and the trust organizations have in the system. If you’ve used Microsoft 365 Copilot, you’ll be aware that it often struggles with basic questions that revolve around data it has access to. Rod was keen to point out that Copilot for Security is accurate in the answers it gives, which admittedly makes sense – log data and other signals are often machine-generated data ingested in an organized format. Whilst using AI to sort and analyze data of the volume you’d see in a busy Microsoft 365 tenant is still a difficult task, Copilot for Security doesn’t have an impossible goal – but much engineering effort must have been spent on ensuring accuracy.
The Future of Security Operations
Rod envisages a future where security operations could be significantly transformed by AI. I asked if we might move away from the traditional “war room” setup – the darkened room, with multiple screens on a large wall to a more streamlined approach where AI handles much of the initial analysis, allowing human experts to focus on high-level decision-making and complex problem-solving.
This shift could lead to new career paths in cybersecurity, with professionals needing to adapt their skills to work alongside AI systems effectively. Rod emphasized that the key to success in this new landscape will be learning to ask the right questions and interpret AI-generated insights correctly.
The Art of Asking the Right Questions
One of the most intriguing points Rod made was about the importance of asking the right questions when working with AI tools like Security Copilot. He compared it to the early days of Google, where knowing how to structure a search query effectively was a valuable skill. Similarly, security professionals will need to develop the ability to frame their queries in ways that elicit the most useful responses from AI systems. For larger organizations, this sets the expectation that SMEs in particular areas will create promptbooks, which can then be used by operations teams to perform a well-known multi-prompt task workflow.
Wrapping Up
Our conversation with Rod Trent provided valuable insights into the current state and future potential of AI in cybersecurity. It’s clear that tools like Microsoft Security Copilot are set to play a crucial role in helping organizations navigate the increasingly complex threat landscape.
Join us in two weeks for our next episode, where we’ll continue to explore the latest developments in Microsoft 365 and the broader tech world. Until then, don’t forget to subscribe to the Practical 365 podcast on your favorite podcast platform..