Today, we interview Glaucia Young, VP of Software Engineering at Microsoft, who has been on the AMTSO board for nearly eight years, and Microsoft has been an AMTSO member for about eleven years. Glaucia will step back as a board member this summer, and we wanted to take the chance to speak to her before that. We’re very thankful for her contributions over all these past years.
You recently got promoted to VP of Software Engineering at Microsoft, congratulations, Glaucia! How have your role and responsibility changed since?
Thank you! I appreciate the acknowledgment of my impact in various sectors, including Windows, Defender, and Microsoft Trust Services, as well as my leadership within the Hispanic/LatinX and Women groups.
Since March, I have been a part of the Identity and Network Access extended leadership team within the Microsoft Security division. My primary role involves spearheading the engineering efforts for the organization’s MSPKI, Code Signing, and Licensing services.
There was a time at Microsoft when Microsoft Defender only offered basic protection, but its protection capabilities have become very strong now. How has the meaning of cybersecurity changed within Microsoft the past ten years?
Over the past decade we have created a Security division to unify our security investments. It helps that we have so many security experts collaborating with the goal of delivering strong protection to our customers.
Cybersecurity has changed significantly with AI becoming a critical component of our company’s security. We recently launched Microsoft Copilot for Security, a groundbreaking generative AI solution that assists security and IT teams in defending against cyber threats at the speed and scale of AI. From incident response and threat hunting, to threat intelligence gathering and summarization, Copilot for Security increases the speed and accuracy for practitioners to take action and is integrated across our Security portfolio tipping the scales back in favor of IT professionals.
Partnerships across the technology community are an absolute necessity to ensure organizations of all types and sizes, in every industry and region, can protect themselves. I have always stated, Security is a team sport! This means working together to innovate, integrate products in the security space, and meet customers’ security needs.
Which cybersecurity threats do you regard as the most challenging for users today?
With the use of generative AI, collaboration tools and social media, I expect the sophistication of cyber-attacks to increase. With the increase in sophistication, some of the hardest threats I see for users today are:
- Phishing and ransomware: These attacks deceive users into exposing sensitive information or locking their data for ransom. AI will significantly increase the sophistication of phishing campaigns and make them much harder to combat against.
- Deepfakes: AI will also make deep fakes even more challenging to detect and combat against. Deepfakes are altered audio clips that look real, causing major problems in checking validity.
For enterprises, they also face significant challenges from:
- Supply chain attacks: These are a type of cyberattack that target vulnerabilities within a company’s supply chain network. These attacks can be particularly insidious because they exploit the interconnected nature of supply chains, where a single compromised component can affect the entire network. Supply chain attacks can lead to data theft, sensitive data exposure, and can give attackers remote control over affected systems.
- Advanced persistent threats: These are sustained and focused cyberattacks where an invader breaks into a network and stays hidden for a long time.
Enterprises can now leverage Copilot for Security to stay ahead of advanced cyber threats. With Security Copilot, Microsoft brings the power of AI to cyberdefense. People can learn more about Copilot’s capabilities here.
Microsoft has published some great resources to help users to protect from phishing threats.
We have recently made passkeys available for all Microsoft consumer accounts, providing everyone with a Microsoft account the opportunity to adopt a passwordless approach. This advancement allows consumers to enhance their security against phishing attacks by using a passkey starting now.
How does Microsoft test the capabilities of its own cybersecurity products?
It starts with internal testing. We test each of our capabilities through automated testing, and self-host our own cybersecurity products. That drives rich internal feedback prior to public releases.
Microsoft does extensive red-teaming on its own products both from the context of threat actors as well as usability for CISOs and the SOC. We use both custom and off-the-shelf tools to measure our performance against threats and threat techniques.
We use telemetry more than ever, particularly with the broad deployment of our solutions, we get ~78T of signals per day. We combine those signals, learnings from our research, and our own incidents to enrich testing of products.
Microsoft is committed to enhancing security and protecting users against evolving threats. We make extensive use of behavioral telemetry to enable cloud-delivered heuristic and machine-learning based detection and prevention.
What role do independent cybersecurity testing institutions play for Microsoft?
Independent cybersecurity testing plays a key role and provides valuable external metrics and feedback we use to drive learnings back into our products. It is also important to put our products out there for public assessment and comparison.
Microsoft has been an AMTSO member for many years. In what ways is AMTSO important for Microsoft?
AMTSO has played a crucial role in shaping the cybersecurity testing landscape by fostering collaboration, defining guidelines, and promoting fairness in evaluating anti-malware solutions. It’s a valuable resource for both the cybersecurity industry and end-users seeking reliable protection.
AMTSO has helped drive alignment across testers and vendors to ensure that best practices in testing are established and enforced. That creates a level playing field to ensure that products can be meaningfully compared. For Microsoft, it’s a much easier decision to participate in a test that we know has been approved by AMTSO; we can trust that it will be thoughtfully designed.