• Constraints imposed by an austere and remote operating environment. 
• Increased cognitive load on individuals conducting operations due to exponential growth in the volume, veracity, and velocity of data. 
• Survivability and the need for distributed nodal command and control.

The dilemma posed here is whether technological advancements inadvertently compromise decision-making abilities due to the heightened cognitive burden on users. 

Decisive action powered by AI 

Speed, precision, and data are critical on the modern digital battlefield. Human-machine teaming allows modern soldiers to work with AI as their digital agents, using natural language or voice commands through military radios. This hands-free interaction improves situational awareness and enhances decision-making by combining AI’s analytical power with human intuition and judgment.  

Using AI and machine learning on missions will become critical to effective command and control environments. Language models have evolved to create and use enterprise-level knowledge bases, integrating external data for more complex interactions. This advancement has significant effects for mission capabilities, with early applications in: 

• Voice transcription and translation—We have already seen that when paired with Push-To-Talk (PTT) voice radios, digital audio voice streams can be captured for real-time transcription, translations, and augmentation with other sources of data. 
• Robotic command and control orchestration—With an intent to release operators from the need to operate these systems manually, we can not only free human resources to concentrate on the specifics of their mission but also reduce the force protection overhead that is required to keep operators safe. 
• Intelligence, Surveillance, and Reconnaissance (ISR) analysis—Working with multiple agents and multimodal sensors for defense use cases, we can help increase the accuracy and range of surveillance and provide a multilayered approach to detection and action. 
• Querying Battle Management Systems—We not only provide the capability to access information in a humanistic way, at the point of need, we also reduce the intense staff effort associated with briefing and analysis of data—the AI agents can take on the manual load, freeing up the human cognitive load to enable better and faster decision making. 

Agentic AI explained 

So, what do we understand about the advancement and application of Agentic AI? When discussing Agentic AI, it’s crucial to highlight the characteristics that distinguish an agent from tools like ChatGPT or traditional digital assistants we’ve seen in office settings. There are five key nonlinear elements that define agentic capabilities: 

• Planning—Instead of diving right into a task, an AI agent pauses and plans the series of steps required. This structured approach prevents errors, as we often see in traditional language model implementations with robots. 
• Reflection—Current models like ChatGPT provide answers but don’t validate them, as they lack a built-in ‘reflection’ capability. The ability to ‘reflect’ and ensure completeness is crucial to confirm that tasks are executed properly and are relevant to each subsequent step in the Agentic AI lifecycle. 
• Use of tools—When the AI agent encounters a step it can’t perform, it checks its manual for a corresponding tool, gathers needed information, executes the task, and processes the response. This is crucial for proprietary industry capabilities, allowing handoffs to external sources. 
• Collaboration—Where the human or agents work collaboratively on collective tasks. This is important for two reasons: creating clear boundaries and ensuring agents are task-specific.  
• Memory—This cycle is further powered by memory, where the agent retains and can recall prior inputs, actions, and outcomes. With this memory, the agent learns from past decisions, allowing it to improve future actions and refine its planning and reflection. 

Traditional non-agentic AI workflows vs agentic AI workflows 

Collectively, these five characteristics form a framework known as the REACT framework (Reasoning and Action). Reasoning involves planning and reflection, while action is about the execution.  

The key difference between traditional non-agentic AI workflows, often seen in zero-shot prompts, and the more advanced, agentic workflows we’ve been discussing can be seen in the diagram below. 

In practice, AI agents can be seamlessly integrated into an organization’s workflow, especially for field operators. This will result in more efficient missions, quicker responses, and a trusted pairing of humans and machines. Additionally, it will allow warfighters to focus on tactical operations while AI handles data processing and situational analysis in the background.  

This is where digital agents can come into play. Digital agents that allow operators, particularly those in forward positions, to delegate specific tasks using natural language. Incorporating these agents into your workflow can help revolutionize how your organization handles complex operations. By offering an intuitive interface, robust performance under duress, and the ability to manage tedious tasks, these agents ensure that operators at the tactical edge can focus on what really matters—making critical decisions in dynamic environments. 

Microsoft AI principles 

Microsoft is committed to advancing AI through principles that put people first. 

We put our responsible AI principles into practice through the AI, Ethics, and Effects in Engineering and Research (Aether) Committee, as well as our Office of Responsible AI (ORA). The Aether Committee advises our leadership on the challenges and opportunities presented by AI innovations. ORA sets our rules and governance processes, working closely with teams across the company to support the effort. 

Microsoft AI serves to enhance human capabilities, not replace them. It’s designed to embody principles such as fairness, inclusivity, reliability and safety, transparency, privacy and security, and accountability. By using AI to optimize administrative functions and services, stakeholders can focus on what matters most: human-centered design, decision-making, and empathy.  

Implement emerging technologies strategically 

Defense decision makers should consider not just what AI can do, but what it should do to innovate in a reliable and trusted way. It’s critical to understand the components of a holistic approach to AI that will help agencies turn meaningful innovation into actionable results that will benefit society.  To learn more contact your Microsoft Defense and Intelligence representative today, or engage with the following Microsoft resources:  

• Microsoft Agentic Agents.
• AutoGen Update: Complex Tasks and Agents.
• Copilot agent builder.  

The post Empowering defense operations with Microsoft AI appeared first on The Microsoft Cloud Blog.

There’s now a greater understanding that in the face of aggressive and integrated cyber and kinetic actions, the physical dispersal of critical infrastructure, systems, and data is a critical defense strategy. Data security and resiliency are now being enhanced by the distribution of digital operations and data assets across borders and into other countries. It’s underscored the value of, and need for, the migration of defense and intelligence workloads to the cloud—so long as that cloud is built from a foundation of trust, privacy, and security, like Microsoft Azure.

“Before the invasion of Ukraine, governments thought that data needed to stay inside a country in order to be secure. After the invasion, migrating data to the cloud and moving outside territorial borders is now a part of resiliency planning and good governance.“—Cristin Flynn Goodwin, Associate General Counsel, Customer Security and Trust, Microsoft.¹

Microsoft for Defense and Intelligence

Learn how defense and intelligence agencies advance their missions to promote stability and security for residents, nations, and multinational alliances with the help of Microsoft Cloud solutions.

Read more

Digital transformation in defense hinges on partnership and interoperability

Recent geopolitical events have highlighted advances in cyber threat intelligence and end-point protection. They’ve also demonstrated that a coordinated and comprehensive strategy to strengthen defenses against the full range of cyber destructive attacks, espionage, and influence operations is required.

The latter point recognizes the principle at the heart of interoperability—that allies and industry must collaborate and develop a collective response for the most effective defense. When responding to adversaries, allied support and coordination are critical. With today’s adversaries engaging in hybrid warfare methods, cyberattacks, disinformation campaigns, and domestic terrorism, defense agencies are increasingly reliant on data-sharing and collaborating—across organizations, agencies, and national and international borders.  

Furthermore, it’s clear that digital transformation and technology acceleration in defense hinges on partnerships with the defense industrial base and non-traditional technology vendors—including commercial tech companies and the start-up ecosystem.

Nevertheless, the risk appetite for sharing resources remains low due to legacy policies that continue to guide the adoption of on-premises solutions that are vulnerable to modern attacks.

Instead, through the adoption of hyper-scale cloud and edge, with a cybersecurity approach built on a foundation of trust and security, defense and intelligence organizations can achieve their goals as it relates to both security and interoperability. When defense and intelligence organizations migrate workloads into the Microsoft Azure Cloud, they benefit from an unprecedented, ever-deepening, and unwavering commitment to securing data from the ever-increasing number of cyber threats.

The Microsoft Cyber Defense Operations Center (CDOC) is one example of the more than USD20 billion we’ve committed to investing over the next five years in security, data protection, and risk management. The CDOC brings together cybersecurity specialists and data scientists in an every day facility to combat threats in real-time. Microsoft is connected to more than 8,500 security professionals globally across our product development teams, information security groups, and legal teams to protect our cloud infrastructure and services, products and devices, and internal resources.²

So let’s take a look at the threat environment that is shaping the Microsoft cybersecurity approach.

The Current threat environment

National defense and intelligence organizations around the world are facing three types of cyber adversaries that threaten national security:

1. Cybercriminals

Cybercriminals look to monetize compromised data either through ransomware directly from victims or by selling it to Foreign Nation States.

2. Foreign Nation State actors

Foreign Nation State actors aim to engage in intellectual property theft, espionage, surveillance, credential theft, and disruptive and destructive attacks to further their national interests.

3. Hacktivists

Hacktivists conduct cyberattacks to cause disruption in order to further social or political goals.

Given the motivation, scale, organization, and sophistication of adversaries launching cyberattacks, defense and intelligence organizations must modernize their cybersecurity systems and approach. Otherwise, they risk being outmaneuvered by more sophisticated adversaries (or even less sophisticated actors with access to technology) leveraging AI, automation, and the scale of hyper-cloud systems to carry out their attacks.

Three steps to improving cybersecurity capabilities

Below are three key actions defense and intelligence organizations can take to modernize and improve their cybersecurity capabilities:

1. Enhance early-detection systems across the defense digital ecosystem continuum

Leveraging a hyper-scale cloud enables defense and intelligence organizations to detect, respond, and deter attacks early. For example, Microsoft Cloud spans over 200 data centers across 140 countries and analyzes 43 trillion security signals daily. Combined with the intelligence gained by tracking more than 250 unique nation-states, cybercriminals, and other threat actors, we provide defense and intelligence organizations with a unique global perspective. This global threat intelligence perspective enables early detection and response to emerging threats across multi-cloud, hybrid, on-premises, and heterogeneous platforms.

2. Adopt an organization-wide Zero Trust philosophy

Beyond the technical architecture and products necessary to implement a Zero Trust Framework, every individual at every level of the organization must live by, implement, and adhere to the three core principles of Zero Trust:

1. Explicitly verify: Always authenticate and authorize users based on all available data points before allowing access to resources. This includes user identity, location, device health, service or workload, data classification, and anomalies.
2. Use least privilege access: Limit user access with just-in-time (JIT) and just-enough-access (JEA), risk-based adaptive policies, and data protection to help secure both data and productivity.
3. Assume breach: Assume system defenses have been breached and systems might be compromised. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses.

3. Use Automation as a force multiplier to mitigate threats at scale

According to the 2022 (ISC)² Cybersecurity Workforce Study, there’s a global shortage of 3.4 million workers in cybersecurity. With this deficit, modern automated security platforms must be used by all organizations, including the defense and intelligence community, as a force multiplier to fill in the cyber talent gap.

Microsoft offers best-in-class capabilities across all security pillars of the digital estate. According to the Forrester Total Economic Impact Studies, Microsoft Security tools reduce the likelihood of a data breach by 45 percent,³ reduce the time to threat mitigation by 50 percent,⁴ and reduce the amount of labor associated with advanced investigations by 80 percent.⁵ 

A foundation that supports the mission

As mentioned, defense and intelligence organizations seek to simultaneously increase security, while also increasing interoperability. In the face of the threat environment highlighted above, Microsoft is committed to meeting the increasing need for defense and intelligence organizations to interoperate with allies and collaborate with trusted partners. Hyperscale cloud serves as the digital foundation for interoperability and collaboration while offering improved security postures over traditional legacy, on-premises approaches.

That’s not to say that the cloud is appropriate for every single scenario. Certainly, in our industry, we know that’s not the case. For instance, there are currently requirements for mission data to remain air-gapped. Nonetheless, we also recognize that the vast majority of workloads across all industries—defense and intelligence included—can and should be serviced in the public hyper-scale cloud because it is the gold standard for security, resilience, and economics.

So how can we deliver on the unique needs of our defense and intelligence customers who work across the entire classification spectrum, and for which classified mission workloads must be air-gapped? We take an end-to-end view of our customer’s needs—from the enterprise to tactical edge—and include coalition and industry requirements for interoperability and collaboration.

For classified mission workloads, hybrid and on-premises capabilities remain an important part of the overall landscape and Microsoft will deliver on that need. We also recognize the need to leverage contemporary capabilities, such as AI, digital twin, and simulation, and understand how information superiority, through the application of these capabilities, is a force multiplier.

That’s why we support your mission by first leveraging our hyper-scale capabilities, to meet as many customer requirements as we can, across the entire classification spectrum. Where this isn’t possible (like some classified and mission workloads) we leverage our Azure Stack portfolio for air-gapped and disconnected operations, whilst continuing to invest in hybrid infrastructure and provision of control plane technologies that bring all of these environments seamlessly together.

Achieving a secure digital backbone

The task to modernize and increase interoperability while navigating today’s threat environment is achievable with partnership across defense, intelligence, government, non-government organizations and industry, academia, and the science and technology (S&T) community. Cybersecurity threats are increasing and will continue to evolve as threat actors gain access to technology and evolve their techniques to conduct destructive cyber-attacks, espionage, and influence operations. Defense and intelligence organizations can have confidence knowing Microsoft Azure is designed to implement the steps discussed to improve cybersecurity and serve as the organization’s secure digital backbone to achieve the mission.

We recognize, though, that transformational progress can be often tempered by policies that seek to simply reinforce legacy approaches rather than inspire new ones. To move forward, we encourage open discussion between defense and industry and across government alliances, working together to express your interest in sharing a common digital backbone and data fabric. 

Learn more

To discuss how Microsoft can help you deliver a secure digital defense and intelligence backbone, we invite you to connect with us on LinkedIn or reach out to your account team representative.

• Alvaro Vitta | LinkedIn
• Jonathon (Jono) Beesley, DSM, GAICD | LinkedIn
• Lloyd Hewitt | LinkedIn

For more insights, you can also listen to a two-part cybersecurity miniseries on the Microsoft Public Sector Future Podcast, Episode 36: Cyber Resilience in Government and Episode 37: Military Lessons on Cyberdefense, where we discuss how public sector organizations can be better prepared for future attacks, best practices for protecting sensitive data, and why making risk-based decisions are so important.

¹Microsoft Digital Defense Report 2022 | Microsoft Security

² Microsoft Cybersecurity Defense Operations Center—Security | Microsoft Docs

³ The Total Economic Impact™ Of Securing Apps With Microsoft Azure Active Directory

⁴ The Total Economic Impact™ of Defender for Cloud from Forrester Consulting

⁵ The Total Economic Impact™ of Microsoft Sentinel from Forrester Consulting.

The post Microsoft for Defense and Intelligence: Secure the digital defense ecosystem and improve interoperability appeared first on The Microsoft Cloud Blog.

Cyber threats play a key role in global conflicts. The speed and relentlessness of worldwide cyber attacks reflect the ubiquitous global routes for their advance. They are unrestricted by borders and unimpeded by the resistance and risks imposed by more traditional terrain that military forces must traverse when conducting operations across sea, land, or air.

The cyber domain is a man-made construct. It is characterized by a combination of public and private-sector ownership, operations, sustainment, and even security. This in turn requires a new form of collective defense. Cyber defense relies on a coalition of countries, private companies, and non-governmental organizations (NGOs). Central to these efforts is protecting civilians from attacks that can impact their lives and access to critical services.

Check out Microsoft for Defense and Intelligence to see how other defense agencies are using new and innovative ways to manage these threats.

Microsoft and securing the cyber domain

Microsoft’s cybersecurity strategies are informed by the visibility we have into the cyber threat landscape. Microsoft serves billions of endpoints globally, allowing us to aggregate security data from a broad and diverse spectrum of sources, including enterprise organizations and consumers. With a view of more than 24 trillion security signals per day, we can build a granular understanding of the current state of cybersecurity. We also can provide indicators that help us predict what the threat will attempt to do next.

While security has always been a priority for Microsoft, we recognize that the digital world requires continuous advances in how we protect, detect, and respond to cybersecurity threats. The Microsoft Cyber Defense Operations Center (CDOC) is one example of the more than USD1 billion we invest each year in security, data protection, and risk management.

Showcasing the future of cyber security

How the cyber domain is shaping the conflicts around the world will no doubt be top of mind for everyone attending the Atlantic Future Forum 2022 (AFF’22). This event takes place in New York City from September 28 to 29, 2022. The AFF will be hosted onboard the Royal Navy aircraft carrier HMS Prince of Wales as part of her maiden visit to the United States. Now in its fifth iteration, this summit brings together military leaders, senior politicians, and policymakers, together with business leaders, innovators, and tech entrepreneurs from both sides of the Atlantic.

AFF ‘22 will address the new threats and security dimensions in the world. This year’s forum will help showcase advances in quantum computing, artificial intelligence, cyber security, and the emerging technologies that are proving to be critical for collective security, economic resilience, and future prosperity.

AFF’22 looks to reinforce and cement the partnership between the North Atlantic allies who seek to reassert Western values while defending democratic institutions and the global rules-based order. Informed by the urgent challenges now facing the west, this year’s forum seeks to reinvigorate collective security discussion across the NATO alliance and will include other partners to broaden these dialogues.

“AFF22 comes at a critical time for the Euro-Atlantic alliance with the Russian invasion of Ukraine. The US/UK relationship has always been at the core of the alliance and the AFF is a unique opportunity to bring together government and the military, together with academia and business, to strengthen not only security and defence but also the trade and economic sinews of the alliance.”—Lord Sedwill, Chairman of Atlantic Future Forum, AFF’22 Press Release.

Learn more

As an active partner, the Microsoft Defense and Intelligence team will be at the Atlantic Future Forum 2022 to discuss ways in which we are working with militaries and other security forces; helping them reimagine what digital operations can do to protect national security. We’re seeing tremendous instability in the global environment, not just in eastern Europe. As a result, we’re watching new alliances form and, as with NATO, old ones reinvigorated. These new alliances drive a need for improved interoperability and cybersecurity so that alliance members can respond quickly and effectively to traditional warfare, cyberwarfare, or warfare in space. The Atlantic Future Forum 2022 could not be more relevant or important. We’re looking forward to connecting with existing partners—and making new ones—at this significant event.

The post Secure the cyber domain with Microsoft Defense and Intelligence appeared first on The Microsoft Cloud Blog.