Digital sovereignty has rapidly moved from a policy debate to a strategic business priority. As nations recognize that cloud, data, and AI are quickly becoming the backbone of economic competitiveness and national security, the focus has shifted toward managing risk, ensuring control, and building resilience in an increasingly volatile environment.

At the same time, leaders face unprecedented complexity: fragmented regulations, rising cyber threats, geopolitical volatility, and accelerating AI adoption are reshaping where data can live, how AI can be trained, and how organizations can balance innovation with control.

Against this backdrop, Microsoft convened global policymakers, CIOs, partners, regulators, and industry leaders in Brussels—and online—for the 2026 Microsoft Digital Sovereignty Summit. The summit brought forward a shared message: Digital sovereignty is not a fixed destination; it is a continuous risk management discipline that underpins resilience, security, and innovation.

Below, we’ll dive into our top five insights from the event and what they mean for organizations both across Europe and globally.

5 key insights from the 2026 Microsoft Digital Sovereignty Summit

1. Digital sovereignty is fundamentally about risk management

One of the clearest themes from the summit was a shift in how leaders define digital sovereignty: not as an abstract policy concept, but as a practical exercise in risk management.

Leaders emphasized that sovereignty today means understanding and managing a complex risk landscape spanning cybersecurity threats, geopolitical disruption, regulatory requirements, and business continuity. The objective is not to eliminate risk entirely, but to assess it clearly and manage it proportionally.

A key takeaway from discussions was that there is no one-size-fits-all approach. Every organization—and every workload—has a unique risk profile, legal obligation, and level of criticality. As a result, sovereignty decisions must be made deliberately, workload by workload, rather than through a single architectural choice or a “universal sovereign cloud” model. This view reflects a broader industry trend away from location‑based assurances and toward enforceable, auditable control across data, operations, and AI.

This reframing marks an important shift: digital sovereignty is no longer about rigid control or ideology but about enabling organizations to operate confidently in uncertainty.

2. Cybersecurity is the foundation of digital sovereignty

A central message throughout the summit was clear: sovereignty without cybersecurity is a non-starter.

Cyber risk has become the most immediate and pervasive threat across sectors, from government and defense to finance, healthcare, and critical infrastructure. Leaders emphasized that cyber threats are persistent, adaptive, and increasingly linked to geopolitical dynamics.

Importantly, discussions challenged the common misconception that isolation equals security. Disconnecting systems or building digital “walls” can create blind spots by limiting access to shared threat intelligence, coordinated response capabilities, and real-time threat detection. As highlighted during the event, modern cyber defense depends on scale, collaboration, and integrated visibility across identity, endpoints, cloud infrastructure, applications, and data.

This reinforces a critical point: sovereignty cannot be achieved without cybersecurity. Without continuous access to global threat intelligence, modern cyber defenses, and interoperable security platforms, organizations cannot maintain real control, resilience, or continuity, regardless of where data resides.

3. Sovereignty and innovation are not tradeoffs; they are mutually reinforcing

Summit speakers shared a strong consensus that organizations do not need to choose between innovation and control. When grounded in strong security and governance, sovereignty creates the conditions necessary for innovation to thrive.

From legal and contractual commitments to purpose-built technical capabilities, discussions highlighted how sovereign frameworks can reduce uncertainty to allow teams to adopt cloud and AI with greater confidence, enabling organizations to move faster, not slower.

This perspective reframes digital sovereignty from a perceived constraint into a strategic enabler that supports competitiveness, resilience, and growth across Europe’s digital economy.

4. Sovereign and powerful AI requires responsible data processing and transparent control

Another major insight from the summit was the growing expectation that sovereign AI must be built on responsible data processing and transparent control. Leaders emphasized that as AI becomes more deeply embedded in core operations, organizations need systems that not only meet today’s regulatory and security obligations, but remain trustworthy, auditable, and resilient as requirements continue to evolve.

Sovereignty in the age of AI extends well beyond data residency. It requires clear, enforceable boundaries around where data is processed, how it is used, and how AI models are trained and executed, combined with full visibility into how AI systems operate across their lifecycle. Assumptions of trust are no longer sufficient—organizations increasingly expect verifiable control, including customer-managed encryption, protections for data while in use, restrictions on operator access, and auditable governance mechanisms that demonstrate compliance in practice.

Critically, sovereignty must be designed end-to-end—spanning infrastructure, platforms, security, data governance, and AI workloads. It is not a single architectural choice or off-the-shelf solution, but a workload-dependent approach aligned to risk, criticality, and mission needs. The summit highlighted how new capabilities are being built across the stack to support sovereign requirements at scale.

5. Digital sovereignty succeeds through collaboration, not isolation

A final and critical insight from the Summit was that digital sovereignty succeeds through collaboration, not isolation.

Across panels and discussions, leaders reinforced that sovereignty depends on ecosystems, where governments, enterprises, and technology providers work together to translate policy into operational reality. Attempts to isolate systems or fragment digital infrastructure can increase risk rather than reduce it, limiting access to innovation, intelligence, and coordinated defense.

Real world examples from customers across Europe, including organizations running regulated workloads on Azure Local, demonstrated how collaboration enables sovereignty at scale. Combining local expertise with global platforms helps organizations maintain control, meet regulatory requirements, and drive innovation simultaneously.

The message was clear: sovereignty is not the responsibility of any single institution. It is a shared commitment, strengthened through cooperation across public and private sectors, and reinforced by partners who align with local priorities.

Digital sovereignty posture in practice

A strong digital sovereignty posture gives organizations choice, visibility, and control across diverse environments. As emphasized throughout the summit, the objective is to align capabilities with risk exposure, regulatory expectations, and the specific needs of different workloads, applying proportionate controls rather than forcing a single model across the entire estate.

In public cloud settings, this means transparency, strong encryption, clear access controls, and accountable operations. For workloads that need greater isolation or local control, hybrid and sovereign solutions provide essential options. Earlier this year, Microsoft expanded its sovereign cloud continuum, enabling critical workloads to run in constrained or disconnected environments while still benefiting from innovation and advanced security practices. This enables critical workloads to run in constrained or disconnected environments while still benefiting from innovation and advanced security practices.

Organizations must focus on flexibility, working to meet today’s requirements while preparing for tomorrow. Features like the EU Data Boundary, long-standing encryption and access safeguards, and operational transparency give customers concrete ways to align with regulations and manage risk.

Across public, hybrid, and private clouds, Microsoft’s approach combines operational discipline with commitments to privacy, security, and responsible AI, creating a foundation for trust, resilience, and sustainable digital sovereignty.

Rooted in risk management

Across every session and conversation throughout the summit, one theme was unmistakable: digital sovereignty is now a continuous, organization-wide discipline rooted in risk management.

Leaders must balance security, compliance, resilience, and innovation—making deliberate, workload-specific decisions in an environment where risks are constantly evolving. Organizations that succeed will be those that treat sovereignty not as a fixed state, but as an adaptive capability built on strong cybersecurity, flexible architectures, and trusted collaboration.

The 2026 Microsoft Digital Sovereignty Summit made this clearer than ever: a sovereign, secure, and innovative digital future is possible, and it’s already taking shape.

Learn more about Microsoft’s approach to Sovereign Cloud and Sovereign AI

• Microsoft Sovereign Cloud website
  
• Build sovereign AI at the edge with Azure Local
  
• Microsoft Sovereign Cloud adds governance, productivity and support for large AI models securely running even when completely disconnected
  
• Navigating digital sovereignty at the frontier of transformation
  
• IDC InfoBrief: Digital Sovereignty Reconsidered: From Location-Based Assurance to Enforceable Control
  
• Sovereignty designed in Europe: Microsoft opens its first studio for resilient cloud and AI architectures in Munich, Brussels and Amsterdam
  
• Microsoft Sovereign Cloud in Europe white paper
  
• Discover Microsoft Sovereign Cloud videos
  

The post 5 takeaways from the 2026 Microsoft Digital Sovereignty Summit appeared first on The Microsoft Cloud Blog.

• Data collection and processing at the edge: Providing secure, reliable, and low-latency data transfer and processing in highly sensitive and distributed environments.
• Secure communication and interoperability: Ensuring seamless integration and communication across different domains and platforms.
• Data security: Protecting sensitive information from cyber threats and unauthorized access.
• Real-time analytics: Providing real-time insights and analytics across a fusion of many different data types, to support decision-making.

By solving these challenges, decision-makers can act on near real-time updates and intelligence, enhancing situational awareness and enabling mission success.

How Microsoft Cloud helps solve legacy system challenges

Microsoft is well placed to respond to these challenges through the hyperscale cloud capabilities of Microsoft Azure, encompassing a global network of data centers, servers, and networks that power cloud services, including:

• The Microsoft Adaptive Cloud approach, which lets organizations use cloud-native and AI technologies across hybrid, multi-cloud, edge, and Internet of Things (IoT) environments. This helps defense organizations ensure consistent operations by extending cloud services to on-premises and multi-cloud environments, and it simplifies operations with centralized management, enhanced security, and seamless integration across diverse and complex environments. Additionally, it allows for easier application deployment and a common data foundation across environments.
• Azure Local, enabled by Azure Arc, which is a specialized offering designed to bring cloud computing capabilities directly to the edge, closer to where data is generated, and decisions need to be made. For defense and intelligence customers, this means enhanced security, reduced latency, and improved operational efficiency by processing data locally rather than relying solely on centralized cloud services. This approach is crucial for defense and intelligence operations, where timely and secure data handling significantly impacts mission success.

Adaptive Cloud and Azure Local solutions in action

By way of illustration, consider a joint task force assigned to secure a national border as part of a multi-domain operation (MDO). The objective is to identify and address potential threats, including unauthorized crossings, smuggling activities, and aerial incursions. This is achieved by using advanced technologies, which can potentially benefit the following warfighting functions:

• Land forces patrolling the coastline
• Naval units monitoring the sea lines of communication
• Air units conducting intelligence, surveillance and reconnaissance (ISR) collection
• Cyber units ensuring secure communication and protecting against cyber threats
• Space units ensuring satellite availability for communications and geospatial intelligence collection

Let’s look at some specific scenarios and how technology can help achieve success:

Real-time data collection and edge processing

IoT data collection

Data is collected and processed directly from IoT devices in real-time, close to the source, reducing latency and enhancing security.

How it works:

• Ground sensors and drones equipped with cameras and motion detectors monitor coastline activities.
• Buoys and unmanned surface vehicles (USVs) collect data on maritime traffic and environmental conditions.
• Drones and aircraft equipped with radar and cameras provide aerial surveillance.
• Azure IoT operations deployed on Azure Local securely process and normalize this data at the edge.

Edge processing

The data collected from sensors is processed and transmitted to Azure Local instances deployed at mobile command centers.

How it works:

• Local AI inferencing, such as Azure AI Video Indexer, allows the processing of data at the source. By conducting real-time analysis directly within an environmental context, defense organizations can respond faster and more accurately to emergent situations using AI and machine learning models to analyze patterns, detect anomalies, and provide actionable insights to field commanders.
• Azure Local supports both legacy systems and modern containerized applications, allowing the defense organization to run a mix of applications needed for the mission, from traditional command and control systems to advanced AI-powered analytics.
• Through edge processing, critical information can now be filtered prior to its transmission to the cloud—for instance, identifying potential threats, such as unidentified aircraft or submarines, and alerting the command center for appropriate action.
  • For all tactical units, where traditional terrestrial connectivity is limited or unavailable, low earth orbit (LEO) satellite connections provide connectivity to remote and mobile units, such as ships at sea, aircraft in flight, or land-based command and control nodes. Satellite communication can ensure continuous and secure data transmission, critical to information sharing in a joint operation.
  • Forward operating bases (FOBs) process data on Azure Local, securely transmitting it to the cloud using Azure ExpressRoute, which provides a private connection between the edge and Azure, bypassing the public internet and supporting encryption technologies like MACsec and IPsec to ensure data confidentiality and integrity.

Command and control (C2) situational awareness

The task force sustains a thorough and current operational overview by using data transmitted to Azure from Azure Local. With cloud technologies, command and control data flows seamlessly from collection to actionable insights. The C2 node assesses the situation and determines the appropriate response such as route planning, resource allocation, and threat assessment.

How it works:

• Real-time intelligence managed with Microsoft Fabric, a unified AI data and analytics platform, enables a C2 node to swiftly analyze data from the edge using technologies like Azure Event Hubs and AMQP for data ingestion, and Microsoft Power BI for visualization. The real-time hub provides a unified interface for managing streaming data sources, allowing for rapid decision-making and enhanced situational awareness. Data is further processed and made available to Azure AI Foundry, for use in advanced AI applications.
• AI Foundry uses this data to deploy AI models assisting commanders in analyzing battlefield data and suggesting optimal strategies—for example, using AI models to perform sentiment analysis on communication data from the field. By analyzing the sentiment of messages, AI can identify potential stress or urgency in communications, providing valuable insights to commanders. Additionally, AI can detect patterns and anomalies in the data, such as unusual movements or activities, and alert the command center for further investigation.
• Units can then swiftly adapt to the updated operational plan. Analyzed data and directives from the C2 node are sent to Azure Local. Military applications running on Azure Local Virtual Machine receive directives from the C2 node. The units reconfigure their routes based on the optimized path provided, ensuring efficient movement and resource utilization. They allocate resources as per the new directives, prioritizing critical areas identified by the C2 node. Additionally, the units enhance their threat assessment protocols, incorporating the latest intelligence to mitigate potential risks.

By using Azure Local, the joint task force’s multi-domain operation not only addresses immediate threats but also establishes a robust framework for ongoing border security enabling seamless coordination and integration across land, sea, air, cyber, and space domains. By extending Azure services and security to distributed locations, apps and data are better safeguarded against advanced threats, ensuring reliable protection and operational efficiency.

• Real-time situational awareness: Rapidly assess and respond to emergent situations ensuring the border remains secure.
• Enhanced security: Secure communication channels and robust cybersecurity measures protect sensitive information from cyber threats. This ensures that all units can communicate effectively and securely, maintaining the integrity of the operation.
• Efficient decision-making: Advanced analytics and AI-powered insights enable quick and informed decision-making. The command center can process vast amounts of data in real-time, allowing for swift and accurate responses to emerging threats.

Benefits of Microsoft Adaptive Cloud and Azure Local in defense operations

Enhanced security

• Hardened security posture: Azure Local instances are configured with secured-core settings and automatic data encryption by default, protecting sensitive military communications and intelligence data from cyber threats.
• Microsoft Defender for Cloud Integration: Azure Local integrates natively with Microsoft Defender for Cloud, offering comprehensive monitoring and advanced threat protection. This ensures that potential security breaches are promptly detected and mitigated.
• Network Security Groups (NSGs): NSGs in Azure Local manage and secure network traffic within the Azure environment, allowing for control of inbound and outbound traffic to virtual networks, subnets, and network interfaces with defined security rules. These rules can permit or deny traffic based on various criteria such as source and destination IP addresses, ports, and protocols.
• Trusted launch: Enhance protection against sophisticated threats such as malware-based rootkits and bootkits with Trusted launch security. This includes secure boot, which guarantees that only trusted software is loaded during the boot process, and a virtual trusted platform module (vTPM), which securely stores keys, certificates, and secrets.

Operational flexibility

• Disconnected operations: In areas with limited or no connectivity, Azure Local supports disconnected operations, allowing joint forces to maintain situational awareness and make informed decisions even when not connected to Azure. Data can be synchronized with the C2 node once connectivity is restored.
• Flexible hardware options: Azure Local’s extensive catalog supports rugged hardware suitable for harsh environments, ensuring reliable performance even in extreme conditions.
• Scalability: In support of mission needs, additional Azure Local instances can be quickly deployed to new locations, providing the necessary computing and storage resources to support expanding operations.

Explore Microsoft for defense and intelligence

Learn how Microsoft Cloud can help achieve mission outcomes to promote stability and security:

• Contact your Microsoft representative or technology solution partner.
• Visit the Microsoft for defense and intelligence website

Microsoft for defense and intelligence

Explore solutions

The post Microsoft Adaptive Cloud: Advancing edge computing in the defense sector appeared first on The Microsoft Cloud Blog.

This was the overriding message we heard in our many meetings and conversations with city leaders at Smart City Expo World Congress (SCEWC) 2024, a phenomenal 3-day event in Barcelona, Spain, where government officials, business leaders, and urban planners gathered to showcase and discuss innovative solutions for connected and sustainable urban development.  

At Microsoft for Government, we share city leaders’ concerns about security, which is a foundational aspect of our approach to empowering cities to build inclusive programs and enable thriving communities. And the good news is that AI is not only a benefit that is unlocked by strong cybersecurity, but it also plays a key role in helping cities to counter the escalating threat of modern cyberattacks.  

As cybercrime escalates, cities are prime targets  

The scale, scope, and sophistication of cybercrime has grown dramatically in the past decade, and the escalation shows no signs of letting up. For example, in the past three years, the number of cyberattacks aiming to exploit weaknesses in password security has exploded from 579 per second to more than 7,000, nearly doubling in the last year alone.¹  

Threat actors from hostile nation-states and criminal organizations are relentless in their attacks, driven by motives including financial gain, intelligence gathering, and disruption. Governments are among the top three targeted sectors worldwide, and local and national organizations struggle to defend against increasingly effective ransomware, phishing, and fraud attacks. Adversaries who are highly motivated and well-funded hold a significant asymmetrical advantage over a typical city government organization, for whom cyber security is just one serious concern among many.  

As the threat landscape worsens, the cybersecurity playing field tilts more to the advantage of the attackers—for several reasons.  

First, city governments often carry a significant “technical debt,” in the form of legacy software and systems. These aging assets typically handle core IT tasks and are stretched well beyond their original design intent due to budget constraints and other factors. Many are rife with security vulnerabilities that are difficult to patch or effectively secure.  

Adding to the challenge is the difficulty of recruiting and retaining strong cybersecurity professionals. The world is facing a growing cybersecurity talent shortage (the global workforce gap stands at 4.8 million, up 19% in the past year),² and the staff who are in place are often constrained by relatively slower, disconnected tools and systems, which are often no match for modern attackers. 

Meet the challenge with a modern cyber defense strategy

Fortunately, cities now have new options to dramatically improve their security postures. Modernizing IT with customized cloud and hybrid solutions doesn’t just offer the critical benefits of scale, agility, and cost-effectiveness that cities need for innovation. It also enables new cybersecurity approaches that leverage the advanced capabilities of the cloud to protect the network, manage access and identities, and critically meet cyber attackers head-on using advanced AI tools.  

To achieve optimal cybersecurity, we advise a strategy built on Zero Trust—a security model that assumes that no user or device is trusted by default. Achieving Zero Trust delivers a robust security posture in which every cornerstone of modern cyber defense is in place—continuous identity verification, updated endpoint security, encryption, event logging, and more. With these, automation can then be used to quickly respond to and mitigate security incidents and reduce the time attackers have to exploit vulnerabilities. This is where AI makes all the difference.  

Cyber defense is a game of scope and speed. The greater the scope of network data you have, the better your chances of identifying suspicious activities. And the faster you spot an issue, the less damage it can potentially cause. Humans tend to be very bad at analyzing large amounts of data at super high speed, but AI is built for it.

And now, just seven months after its general availability, Microsoft Security Copilot is helping to further tip the scale back to the side of the defenders. 

Microsoft Security Copilot—the game changer for cyber defense  

Security Copilot is built to enhance a broad range of security operations across identities, devices, data, and workloads. By synthesizing global threat intelligence, best practices, and a city’s own data, it can deliver actionable insights that help teams counter sophisticated attacks faster and with less impact.

Security Copilot helps cybersecurity professionals handle an incredible range of day-to-day challenges with dramatic results. For example, new research from Microsoft shows that organizations that adopted Security Copilot saw a 30% reduction in the time required to detect, respond to, and resolve security incidents (known as mean time to resolution, or MTTR), a major benefit in a world where analysts spend an average of 2.7 hours a day resolving incidents.³   

Also, thanks to its generative AI and natural language capabilities, Security Copilot helps ease the staffing challenge by helping admins and security analysts to work “above their pay grade” with tools and guidance that empower them to handle tasks typically reserved for more experienced professionals. Security Copilot integrates with Microsoft’s main security products, including Microsoft Defender XDR, Microsoft Sentinel, Microsoft Intune, Microsoft Entra, and Microsoft Purview, and it can also work seamlessly with third-party services like Red Canary and Jamf.

See how advanced threat protection helps secure public sector organizations worldwide:

Partner with us to build your unique city cybersecurity strategy  

Modern cyber defense is a team sport that incorporates a city’s leadership, security professionals, broader workforce, and even its citizens. There is no single roadmap for success, but there are some essentials, among them a long-term commitment to security and partnership.  

At Microsoft, we regard security as our top corporate priority. This was reinforced emphatically at Microsoft Ignite 2024, where we shared new insights on our Secure Future Initiative , to which we’ve dedicated the equivalent of 34,000 full-time engineers. Also announced was the general availability of Microsoft Security Exposure Management, which dynamically maps changing relationships between critical assets such as devices, data, identities, and other connections. 

These types of advances are only as valuable as the partnership a city builds with its technology and solution providers. That is why we work closely with city government organizations and our global partner ecosystem to build solutions and strategies that are tailored to meet each city’s unique needs. This helps customers like the City of Lokeren in Belgium, who built a modern cyber defense strategy for their hybrid cloud environment based on the Microsoft Security stack, the Government of Albania, which limited damage in the face of a sophisticated nation-state cyberattack, and the Dominican Republic’s National Cybersecurity Center (Centro Nacional de Ciberseguridad, CNCS), who built a customized cybersecurity strategy based on Azure and Dynamics 365.  

We view security as a foundational, long-term commitment, and we would be delighted to partner with you to develop a cybersecurity strategy that meets your city’s unique needs.  

Learn more 

• Visit the Public Sector Center of Expertise to see how the adoption of modern security technology, processes, and skills development can help public sector organizations.
• Read the Microsoft Digital Defense Report 2024 for an in-depth view of today’s cybersecurity landscape our security efforts.
• Learn more about the Secure Future Initiative and Microsoft’s commitment to security.
• For more about how Microsoft Security Copilot advances government security, read our recent blog post.

Microsoft for Government

Achieve your mission with Microsoft

Explore our solutions

¹ Microsoft Digital Defense Report 2024.

² ICS2, “Growth of Cybersecurity Workforce Slows in 2024 as Economic Uncertainty Persists,” September 2024.

³ Microsoft, “Generative AI and Security Operations Center Productivity: Evidence from Live Operations,” November, 2024.

The post Cybersecurity for the smart city: How AI helps level the playing field appeared first on The Microsoft Cloud Blog.

• Constraints imposed by an austere and remote operating environment. 
• Increased cognitive load on individuals conducting operations due to exponential growth in the volume, veracity, and velocity of data. 
• Survivability and the need for distributed nodal command and control.

The dilemma posed here is whether technological advancements inadvertently compromise decision-making abilities due to the heightened cognitive burden on users. 

Decisive action powered by AI 

Speed, precision, and data are critical on the modern digital battlefield. Human-machine teaming allows modern soldiers to work with AI as their digital agents, using natural language or voice commands through military radios. This hands-free interaction improves situational awareness and enhances decision-making by combining AI’s analytical power with human intuition and judgment.  

Using AI and machine learning on missions will become critical to effective command and control environments. Language models have evolved to create and use enterprise-level knowledge bases, integrating external data for more complex interactions. This advancement has significant effects for mission capabilities, with early applications in: 

• Voice transcription and translation—We have already seen that when paired with Push-To-Talk (PTT) voice radios, digital audio voice streams can be captured for real-time transcription, translations, and augmentation with other sources of data. 
• Robotic command and control orchestration—With an intent to release operators from the need to operate these systems manually, we can not only free human resources to concentrate on the specifics of their mission but also reduce the force protection overhead that is required to keep operators safe. 
• Intelligence, Surveillance, and Reconnaissance (ISR) analysis—Working with multiple agents and multimodal sensors for defense use cases, we can help increase the accuracy and range of surveillance and provide a multilayered approach to detection and action. 
• Querying Battle Management Systems—We not only provide the capability to access information in a humanistic way, at the point of need, we also reduce the intense staff effort associated with briefing and analysis of data—the AI agents can take on the manual load, freeing up the human cognitive load to enable better and faster decision making. 

Agentic AI explained 

So, what do we understand about the advancement and application of Agentic AI? When discussing Agentic AI, it’s crucial to highlight the characteristics that distinguish an agent from tools like ChatGPT or traditional digital assistants we’ve seen in office settings. There are five key nonlinear elements that define agentic capabilities: 

• Planning—Instead of diving right into a task, an AI agent pauses and plans the series of steps required. This structured approach prevents errors, as we often see in traditional language model implementations with robots. 
• Reflection—Current models like ChatGPT provide answers but don’t validate them, as they lack a built-in ‘reflection’ capability. The ability to ‘reflect’ and ensure completeness is crucial to confirm that tasks are executed properly and are relevant to each subsequent step in the Agentic AI lifecycle. 
• Use of tools—When the AI agent encounters a step it can’t perform, it checks its manual for a corresponding tool, gathers needed information, executes the task, and processes the response. This is crucial for proprietary industry capabilities, allowing handoffs to external sources. 
• Collaboration—Where the human or agents work collaboratively on collective tasks. This is important for two reasons: creating clear boundaries and ensuring agents are task-specific.  
• Memory—This cycle is further powered by memory, where the agent retains and can recall prior inputs, actions, and outcomes. With this memory, the agent learns from past decisions, allowing it to improve future actions and refine its planning and reflection. 

Traditional non-agentic AI workflows vs agentic AI workflows 

Collectively, these five characteristics form a framework known as the REACT framework (Reasoning and Action). Reasoning involves planning and reflection, while action is about the execution.  

The key difference between traditional non-agentic AI workflows, often seen in zero-shot prompts, and the more advanced, agentic workflows we’ve been discussing can be seen in the diagram below. 

In practice, AI agents can be seamlessly integrated into an organization’s workflow, especially for field operators. This will result in more efficient missions, quicker responses, and a trusted pairing of humans and machines. Additionally, it will allow warfighters to focus on tactical operations while AI handles data processing and situational analysis in the background.  

This is where digital agents can come into play. Digital agents that allow operators, particularly those in forward positions, to delegate specific tasks using natural language. Incorporating these agents into your workflow can help revolutionize how your organization handles complex operations. By offering an intuitive interface, robust performance under duress, and the ability to manage tedious tasks, these agents ensure that operators at the tactical edge can focus on what really matters—making critical decisions in dynamic environments. 

Microsoft AI principles 

Microsoft is committed to advancing AI through principles that put people first. 

We put our responsible AI principles into practice through the AI, Ethics, and Effects in Engineering and Research (Aether) Committee, as well as our Office of Responsible AI (ORA). The Aether Committee advises our leadership on the challenges and opportunities presented by AI innovations. ORA sets our rules and governance processes, working closely with teams across the company to support the effort. 

Microsoft AI serves to enhance human capabilities, not replace them. It’s designed to embody principles such as fairness, inclusivity, reliability and safety, transparency, privacy and security, and accountability. By using AI to optimize administrative functions and services, stakeholders can focus on what matters most: human-centered design, decision-making, and empathy.  

Implement emerging technologies strategically 

Defense decision makers should consider not just what AI can do, but what it should do to innovate in a reliable and trusted way. It’s critical to understand the components of a holistic approach to AI that will help agencies turn meaningful innovation into actionable results that will benefit society.  To learn more contact your Microsoft Defense and Intelligence representative today, or engage with the following Microsoft resources:  

• Microsoft Agentic Agents.
• AutoGen Update: Complex Tasks and Agents.
• Copilot agent builder.  

The post Empowering defense operations with Microsoft AI appeared first on The Microsoft Cloud Blog.

The underwater and littoral environments remain critical to a nation’s economic interests and its ability to exploit marine resources. In addition to the traditional resources, energy production from water and wind are vital resources carried by subsea cables. These cables provide high-speed, low-cost, and reliable connections, with more than 400 cables spanning over 1.3 million kilometers across the world. They are essential for global data transmission, including the financial and digital economies.

In October 2020, NATO Defense Ministers discussed the threat to critical subsea infrastructure posed by increasing state actor capability and aggression.¹ Subsea protection was renewed in 2022 by the United Kingdom Defence Chief, Admiral Sir Tony Radakin, and is a current priority by NATO in the Digital Ocean initiative.² Subsea protection is a subject of debate across the globe spanning the Atlantic Ocean, Pacific Ocean, and European seas, which experience highly congested sea-borne infrastructures.³ Furthermore, in 2024, NATO is exploring the “Digital Ocean” as a pioneering initiative for maritime situational awareness.⁴

Protection of the subsea domain relies on allied defense organizations and asset operators developing and deploying innovative solutions and data-driven insights to enhance situational awareness, communication, and decision-making capabilities. However, this is a complex environment, and several technical and operational challenges need to be addressed, such as high latency, low bandwidth, power consumption, security, data quality, multi-domain sensor integration, and processing at the edge.

Transforming Sub-Surface Operations

Leverage the power of data and AI to empower the defense ecosystem

Read the whitepaper

Strategies can be implemented to address these challenges by using industry-leading capabilities and integrating them with hyperscale data fabric. This collaborative effort involves working closely with allied defense organizations, coast guard, government entities, and asset operators to determine innovative ways of deploying a secure and intelligent digital backbone to safeguard critical underwater infrastructure.

Meeting the challenge

Fundamentally, meeting the operational information demands requires the ingestion, analysis, distribution, and visualization of data across the subsea domain:

• Data ingestion: Securely and reliably collect, store, and process data from various sources, such as sensors, devices, satellites, and surface links. Additionally, this may require technology and infrastructure that can operate disconnected for extended periods and with an innate ability to conduct safe, secure syncing when connectivity becomes available.
• Data analysis: Applying artificial techniques, such as anomaly detection, classification, and prediction, to data to generate actionable insights and intelligence. This may require those AI and machine learning models to be developed using high-performance computing and packaged for inferencing at the extreme edge, with processes that allow efficient deployment and an effective feedback loop.
• Data distribution: Sharing and exchanging data across different domains, platforms, and stakeholders in a timely and efficient manner while respecting data governance, together with the ability to support interoperability standards (such as Standardization Agreements [STANAGs], CATL, and others) and also meeting the challenge of denied, degraded, intermitted, and latent network requirements while maintaining security policies.
• Data visualization: Presenting and displaying the data and insights in a user-friendly and intuitive way, such as dashboards, holographic displays, geospatial data infrastructure, and charts to support situational awareness and enhance decision-making.

Meeting the challenges is a significant undertaking and requires a flexible, modular, and interoperable solution. That solution must support and adapt to the dynamic and complex underwater environment, while meeting security requirements and the priorities of allied defense organizations and industry partners.

Therefore, we aim to support the construction of a common reference architecture for a test and development environment based on the principles of a digital software factory. This will enable the implementation and underpin the sustainment of a machine learning ecosystem for an interoperable, underwater infrastructure in support for continuous innovation at speed and at scale.

A proposed solution

At the core, there are four principles of design to help ensure security and intelligence in an underwater environment. They include:

1. Hyperscale compute at scale in the cloud and at the edge to enable secure information operations that extends cloud services to the edge, providing a trusted collaboration environment for a wide range of infrastructure partners. The provision of a hyperscale environment also meets the ongoing needs for security, scalability, and reliability.
2. Secure data exchange to support a Zero Trust, multi-domain network of asset operations and sensors, while maintaining security and data controls. A secure data exchange capability also meets the operational requirements for trusted data and information sharing across a complex ecosystem of agencies and public and private infrastructures within a multi-dimensional legal framework that cross the boundaries of territorial waters.
3. Ubiquitous connectivity through terrestrial and non-terrestrial networks, leveraging current infrastructures at scale and meeting the asymmetric growth in data volume and near real-time data insights. Furthermore, we envision the (future) application of private 5G and satellite backhaul connecting sensors at subsurface, surface, and above surface that enhance risk management and reduce mitigation at sea.
4. Assurance and risk management services for the maritime and energy sectors combining the requirement for public and private partnerships in current and future energy infrastructure.

Applying these design principles provides a comprehensive solution for a secure undersea digital backbone. It will:

• Enable enhanced situational awareness for all parties across the operating landscape.
• Facilitate data sharing and exchange across domains, platforms, and stakeholders.
• Ensure security and reliability across the infrastructure and environment.
• Optimize the performance and operations through the provision of undersea digital services for the maritime, energy, and defense sectors.  

Ultimately, delivering enhanced human-machine teaming in military and non-military operations provides the backbone for computational decision-assist capabilities that are data-driven, trusted, and transparent.

Enhance maritime operations with Microsoft solutions

The domain of critical underwater infrastructure is a strategic and challenging environment that requires cloud-enabled innovative and interoperable capabilities to enhance data and network management for undersea operations.

Microsoft for Defense and Intelligence believes this approach will provide a comprehensive and flexible solution that delivers significant benefits for situational awareness, communication, collaboration, security, reliability, performance, as well as efficiency of undersea operations and the critical infrastructure situated in the maritime environment.

For more insights, read the “Transforming Sub-Surface Operations with Data-Driven Decision Support” whitepaper.

Empowering militaries. Improving operations. Protecting national security.

¹NATO seeks ways of protecting undersea cables from Russian attacks, Euractiv.

²Chief of Defence Staff: Russia cutting underwater cables could be ‘an act of war, Froces.net.

³Australia must do more to secure the cables that connect the Indo-Pacific, ASPI Strategist.

⁴NATO Digital Ocean Industry Symposium, NATO.

The post Microsoft and partners: Securing the digital subsea environment through innovation appeared first on The Microsoft Cloud Blog.

Isn’t the “metaverse” just a virtual reality gaming environment?

Contrary to popular belief, the metaverse is not merely a virtual reality gaming environment, akin to the virtual holodeck in science fiction. While virtual reality certainly has a place in the metaverse, the metaverse goes beyond the visualization layer, transcending into an interconnected, persistent virtual environment for immersive interaction with data and AI.  

Microsoft is seeing three distinct domains of the metaverse: 

1. The consumer metaverse: This is the one most of us are familiar with, underpinned by social technologies—like bitcoin, non-fungible tokens (NFTs), blockchain, and gaming—the consumer metaverse is focused on enhancing the entertainment and well-being experiences of individuals. 
2. The commercial metaverse (or enterprise metaverse in public sector scenarios): Where employees communicate and collaborate as they work toward achieving organizational goals. Microsoft cloud-based modern work technologies, such as immersive spaces for Microsoft Teams and Microsoft Mesh, are examples of the type of innovative technologies that are gaining rise because they can be accessed on PCs or virtual reality and mixed reality headsets and increase connection, build social capital in the workplace, and support collaboration for hybrid and remote workers all over the globe. 
3. The industrial metaverse: This is perhaps best positioned for defense industry use. This is where we see people and AI working together to design, develop, model, and optimize defense products, processes, and operations with real-time data in context. Furthermore, technological advances are modernizing the value chain with digital context to improve engineering and manufacturing processes, accelerate remote training, and automate tasks reducing the cognitive burden of humans.  

Through the application of these distinct domains, and the intersection points across the consumer, commercial, and industrial spheres, we are likely to unlock new opportunities that could inevitably play a significant role in extending individual metaverse capabilities. 

Unlocking the potential for defense 

The concept of the metaverse presents an exciting opportunity for the defense industry to revolutionize its operations, capabilities, and preparedness. To realize this opportunity, it is important for the defense industry to recognize that, at its core, the metaverse offers the ability to break down physical barriers and greatly enhance decision support through the confluence of technologies that connect and integrate, store, model, analyze, visualize, and interact with the vast data resources that defense accesses.  

At Microsoft, we are seeing two distinct lines of development for the defense metaverse emerge. The first extends from engineering and manufacturing, and is focused on capability development, where we envisage defense unlocking:  

• Modernized defense capability lifecycle methods and processes.
• Improved engineering and manufacturing processes, tools, and methodologies.
• Data-oriented approaches enable greater visibility and more timely insights into physical and digital assets and systems.  

Here, we see the industrial metaverse offering significant improvements over traditional engineering and manufacturing methods by facilitating a new way of engaging with designs, products, and systems through immersive and interactive experiences and digital models. This immersive experience can help people make sense of large quantities of information quickly, enhance design and engineering decision-making, reduce production and manufacturing costs, and provide direct feedback across the capability lifecycle from design and build through to whole-life sustainment. Modeling and simulation capabilities expand these insights by providing engineers, manufacturers, and capability managers with the ability to experience, experiment, and trial a near-infinite number of hypothetical scenarios and input conditions before ever going to physical production. 

For example, through virtual prototyping, engineers and designers can collaborate in real-time, rapidly iterating on designs and testing digital capabilities before any physical production. This can significantly reduce costs, minimize errors, and shrink time-to-market for cutting-edge defense capabilities—thereby, getting them in the hands of end users under much more rapid timescales, and incorporating their feedback throughout the entire capability lifecycle. 

Advancing defense missions 

The second line of emerging industrial metaverse development is focused on the defense mission itself. Here, we start with the premise that a common operating picture (COP) can be represented as a digital twin of the battlespace and that the technologies available can enhance interaction with the digitally twinned battlespace, provide an immersive experience, and enhance decision support. We see a clear alignment between this and the ‘sensor to effector’ process, with the Industrial Metaverse for Missions incorporating:  

• Internet of Military Things (IoMT) and other sensors (such as intelligence, surveillance, and reconnaissance devices) gather information from the physical world and physical platforms and assets.
• Digital network technologies like edge computing, 5G, mesh radios, and satellite connectivity, enable this data to be processed from edge-to-cloud and transmitted around the battlespace and to headquarters, at speed. 
• Cloud infrastructure and high-performance computing (HPC) can be used to process and synthesize the data at scale to build and leverage complex machine learning models and algorithms.
• AI, which is used to reason over complex simulations, perform analytical processing, and enable the automation of routine tasks.
• Delivery of results in a user-friendly and accessible format, such as through advanced visualization techniques and mixed reality, thereby supporting immersive visualization and enhanced situational awareness.

All of these can be subject to, or utilized within, a closed feedback loop that enables the measurement of the impact of the effect as part of simulation and analysis in future cycles.

There are, of course, many other scenarios and use cases being explored for the industrial metaverse in the defense and intelligence industry. These use cases will continue to gain momentum, particularly as AI techniques continue to improve and become more ubiquitous in their deployment, and as augmented, mixed, and virtual reality technologies continue to advance in both capability and usability, for example: 

• Advancing training platforms: The industrial metaverse can serve as an advanced training platform for defense and intelligence personnel and for the Defense Industrial Base (DIB) workforce. Immersive simulations, such as the Squad Immersive Virtual Trainer in development by the United States Army, can replicate realistic combat scenarios, allowing troops to enhance their skills, decision-making, and teamwork without the risks associated with live exercises and leading to a more agile and capable military force. We are also seeing the development of complex virtual environments imbued with computational modeling, which will see a myriad of applications across wargaming and strategic planning. 
• Securing supply chains: We are also witnessing an increasing move towards the adoption of the industrial metaverse in manufacturing, including by DIB partners. In defense organizations, managing and securing supply chains is a complex task, involving numerous stakeholders, nodes, and methods. By leveraging DIB metaverse capabilities for supply chain coordination and management, supply chain managers can monitor and optimize processes, ensuring timely deliveries of crucial resources and equipment, and identifying potential vulnerabilities or bottlenecks before they occur. 
• Bolstering cyber resilience: In an age where cyber threats are ever-evolving, the metaverse can also serve as a training ground for cybersecurity specialists, bolstering cyber resilience for defense. By modeling networks and simulating cyber-attack and response scenarios, cybersecurity professionals can hone their skills, strengthen network defenses, and develop robust countermeasures. We are seeing forward-thinking militaries and defense organizations increasingly deploying cyber ranges for purposes of immersive cyber skilling, and the inclusion of industrial metaverse capabilities has the power to further enhance cyber preparedness at scale.     

Furthermore, the industrial metaverse transcends geographical boundaries, enabling seamless collaboration among defense organizations worldwide—and across public and private partnerships. Experts, strategists, policymakers, and industry members from different countries and organizations can come together virtually to share insights, exchange intelligence, and coordinate efforts, thereby fostering international cooperation and joint missions—and joint success. 

Embrace the metaverse and its capabilities 

Forward-thinking defense forces are already taking the plunge into industrial metaverse capabilities and are recognizing that full benefits can only be realized through a collective adoption of the technologies available. They also see the need for HPC both at hyperscale and extended to the edge. This requires a re-thinking of where on-premises capability is and is not appropriate, and how hybrid environments can assist in exploiting the HPC and AI services available at hyperscale whilst maintaining operational security of the most sensitive data. Recent operational examples have also highlighted the need for greater survivability through dispersed nodal command and control at all echelons, lending toward a greater need for edge capabilities and less reliance on vulnerable on-premises infrastructure. As technology advances at an even more rapid pace, the dilemma for defense organizations wishing to embrace new technologies will grow—the need for digital transformation has never been more apparent and requires foundational action now.    

Furthermore, as the industrial metaverse continues to evolve and mature, it is essential to separate fact from fiction and seek to understand the profound opportunities and implications beyond the gaming and entertainment industries. The defense industry has the opportunity, now, to embrace the metaverse and leverage its capabilities to enhance innovation, collaboration, security, and preparedness. By embracing this concept and the underlying technologies early, the defense sector can step boldly into the future, safeguarding nations and fulfilling its critical mission of ensuring peace and security on a global scale. The journey has only just begun, and the metaverse holds an important key to unlocking a new era of defense modernization. 

Learn more

To learn more about how Microsoft for Defense and Intelligence, and its partners are unlocking the potential for defense across capability development, advancing defense missions, securing supply chains, and bolstering cyber resilience, contact your account representative today.

Microsoft for Defense and Intelligence

Empowering militaries. Improving operations. Protecting national security.

Explore solutions

The post Microsoft Defense and Intelligence: Unleashing the potential of the industrial metaverse appeared first on The Microsoft Cloud Blog.

Now more than ever software-centric technologies, like AI and machine learning, are enabling the processing of a vast array of data across the defense continuum. These technologies are elevating data to insights, and helping to inform decision-making to support mission operations and personnel across the defense landscape—from headquarters (HQ) to the tactical level.  

Let’s explore a few ways defense and intelligence organizations are using cloud technologies to help enhance command and control and gain advantages to make better decisions ahead of their adversaries.

Strategic perspective: HQ applications 

The modern operating environment is complex for commanders and staff at both the operational and strategic levels. The use of AI-enabled technology can significantly enhance strategic decision-making and coordination across all domains—land, air, sea, space, and cyberspace. In doing so, both commanders and staff can gain valuable insights and enable decision advantage at speed and scale.   

AI-enhanced domain awareness 

AI models can help integrate data from various sources—including disparate sensors, open sources, and intelligence reports—to provide a comprehensive situational awareness picture. By rapidly processing, fusing, and analyzing this data, AI can identify relevant information, detect patterns and anomalies, and generate actionable insight for commanders and staff. AI can help staff identify trends, forecast potential outcomes, and assess potential risks. They can then leverage these predictive analytics to anticipate threats, optimize resource allocation, and plan effective courses of action across one or more domains for command consideration.  

Moreover, AI-powered decision support systems can assist in evaluating complex scenarios. They can help assess the impact of different options, recommend optimal courses of action, and consider factors like mission objectives, available assets, and potential risks—helping commanders make more effective and timely decisions.   

AI can also automate coordination and communication processes across jurisdictions and domains by analyzing operational parameters, resource availability, and mission requirements. This can then help optimize the allocation of forces, logistics, and intelligence assets, and facilitate streamlining and facilitating more effective decision-making.  

Finally, natural language processing enables HQ staff to interact with systems using natural, native language (English or otherwise) to access information more intuitively. Voice-activated interfaces and text-based chatbots can facilitate real-time information retrieval, status updates, and command inquiries, allowing for more efficient and seamless communication within the headquarters. 

Automated operations centers 

Operations centers in HQ environments can also be automated in new ways with AI to streamline processes, optimize resource management, and provide insights for decision-making. Using AI, a modern operations center can integrate various systems, sensors, communication networks, databases, and analytical tools into a unified platform. AI algorithms continuously collect, analyze, and process this data, providing real-time situational awareness to staff.  

Through data fusion and advanced analytics, the automated operations center can identify patterns, anomalies, and potential threats, and generate actionable intelligence, alerts, and reports. This empowers staff to provide better recommendations to commanders for their consideration. By employing machine learning algorithms, the operations center can better predict outcomes, assess risks, and optimize resource allocation and readiness.  

Finally, routine tasks—such as data collection, processing, and reporting—can be automated, freeing up personnel to focus on more advanced staff planning and other critical tasks. This transformative approach helps automate the operations center, providing a centralized platform for sharing information, collaborating on planning and operations, and monitoring ongoing activities—in sum, facilitating better command and staff engagement and decision-making. 

Tactical perspective: Frontline applications 

Given the growth in digital capabilities over the last two decades, the modern frontline soldier’s operational environment has changed significantly. This new data and technology-rich environment can bring its own set of challenges for soldiers. Modern military environments require soldiers to analyze disinformation campaigns, triage cyber warfare, and employ integrated tactics to thwart adversaries. Underpinning all of this is the ever-increasing quantity of data the soldier generates, consumes, and utilizes for decision-making.  

A soldier’s ability to achieve and maintain decision advantage comes down to how they can harness vast amounts of data, without negatively impacting their ability to operate. Cognitive assistance technologies like virtual agents have been used for some time for basic tasks, but their impact has been narrow and at times a nuisance. The question has been: how do we provide systems that can do hard computational tasks while providing a convenient, robust, and accessible interface on the battlefield?   

Soldier-centric AI opportunities

Recent advancements in natural language as an interface to systems and data have presented an opportunity to enhance the usability between soldiers and systems. Providing soldiers with a broad context and access to data via natural language prompts can dramatically change the way data is accessed on the battlefield. This enables frontline soldiers to utilize a broad range of assets available to create an operational advantage between themselves and their opposition. This can include interaction with data feeds from disparate assets, human-machine teaming, and automated safety and security in critical scenarios.  

Tactical comms transcription and analysis 

Most decision advantages for a soldier are based on the direct interface with systems and technologies. But the highest impact can be derived from modern technologies that can operate in the background, providing services that don’t require soldier interaction or cognitive load. Clear examples include technologies like passive translation, transcription, classification, and alerting of military radio chatter.  

Operating in the background, a soldier can playback, hear, and read multiple language translations when required. Alerting can provide cognitive focus when critical safety situations emerge, like casualty evacuations or contact reporting on radio chatter. Operating passively with the radio network, these capabilities ensure technology does not impact the soldier unless needed, freeing cognitive load for decision-making.   

Partnering to enhance command and control from HQ to the frontlines  

Modern computing—centered on cloud technologies—provides the ability to build, evolve, and maintain decision advantage. Microsoft enables militaries around the world to employ the vast capabilities of cloud-enabled technology and maximize the use of their data assets. In doing so, military agencies gain distinct advantages in operational environments, from the command center all the way to the front-line soldier. This provides commanders with the ability to not only achieve but maintain decision advantage. 

Optimize with Microsoft

To learn more about how defense organizations can optimize decision advantage using Microsoft tools and technology, check out our “Day in a life” video series, or listen to our recent conversation “Technology Trends and Decision Advantage in Defense” with retired Vice Admiral Ann E. Rondeau, President of the Naval Postgraduate School.  

Microsoft is committed to the advancement of AI driven by ethical principles that put people first. Learn more about our commitment to Responsible AI principles from Microsoft.

Microsoft for Defense and Intelligence

Empowering militaries. Improving operations. Protecting national security.

Discover more

The post Enhance command and control with AI and machine learning appeared first on The Microsoft Cloud Blog.

There’s now a greater understanding that in the face of aggressive and integrated cyber and kinetic actions, the physical dispersal of critical infrastructure, systems, and data is a critical defense strategy. Data security and resiliency are now being enhanced by the distribution of digital operations and data assets across borders and into other countries. It’s underscored the value of, and need for, the migration of defense and intelligence workloads to the cloud—so long as that cloud is built from a foundation of trust, privacy, and security, like Microsoft Azure.

“Before the invasion of Ukraine, governments thought that data needed to stay inside a country in order to be secure. After the invasion, migrating data to the cloud and moving outside territorial borders is now a part of resiliency planning and good governance.“—Cristin Flynn Goodwin, Associate General Counsel, Customer Security and Trust, Microsoft.¹

Microsoft for Defense and Intelligence

Learn how defense and intelligence agencies advance their missions to promote stability and security for residents, nations, and multinational alliances with the help of Microsoft Cloud solutions.

Read more

Digital transformation in defense hinges on partnership and interoperability

Recent geopolitical events have highlighted advances in cyber threat intelligence and end-point protection. They’ve also demonstrated that a coordinated and comprehensive strategy to strengthen defenses against the full range of cyber destructive attacks, espionage, and influence operations is required.

The latter point recognizes the principle at the heart of interoperability—that allies and industry must collaborate and develop a collective response for the most effective defense. When responding to adversaries, allied support and coordination are critical. With today’s adversaries engaging in hybrid warfare methods, cyberattacks, disinformation campaigns, and domestic terrorism, defense agencies are increasingly reliant on data-sharing and collaborating—across organizations, agencies, and national and international borders.  

Furthermore, it’s clear that digital transformation and technology acceleration in defense hinges on partnerships with the defense industrial base and non-traditional technology vendors—including commercial tech companies and the start-up ecosystem.

Nevertheless, the risk appetite for sharing resources remains low due to legacy policies that continue to guide the adoption of on-premises solutions that are vulnerable to modern attacks.

Instead, through the adoption of hyper-scale cloud and edge, with a cybersecurity approach built on a foundation of trust and security, defense and intelligence organizations can achieve their goals as it relates to both security and interoperability. When defense and intelligence organizations migrate workloads into the Microsoft Azure Cloud, they benefit from an unprecedented, ever-deepening, and unwavering commitment to securing data from the ever-increasing number of cyber threats.

The Microsoft Cyber Defense Operations Center (CDOC) is one example of the more than USD20 billion we’ve committed to investing over the next five years in security, data protection, and risk management. The CDOC brings together cybersecurity specialists and data scientists in an every day facility to combat threats in real-time. Microsoft is connected to more than 8,500 security professionals globally across our product development teams, information security groups, and legal teams to protect our cloud infrastructure and services, products and devices, and internal resources.²

So let’s take a look at the threat environment that is shaping the Microsoft cybersecurity approach.

The Current threat environment

National defense and intelligence organizations around the world are facing three types of cyber adversaries that threaten national security:

1. Cybercriminals

Cybercriminals look to monetize compromised data either through ransomware directly from victims or by selling it to Foreign Nation States.

2. Foreign Nation State actors

Foreign Nation State actors aim to engage in intellectual property theft, espionage, surveillance, credential theft, and disruptive and destructive attacks to further their national interests.

3. Hacktivists

Hacktivists conduct cyberattacks to cause disruption in order to further social or political goals.

Given the motivation, scale, organization, and sophistication of adversaries launching cyberattacks, defense and intelligence organizations must modernize their cybersecurity systems and approach. Otherwise, they risk being outmaneuvered by more sophisticated adversaries (or even less sophisticated actors with access to technology) leveraging AI, automation, and the scale of hyper-cloud systems to carry out their attacks.

Three steps to improving cybersecurity capabilities

Below are three key actions defense and intelligence organizations can take to modernize and improve their cybersecurity capabilities:

1. Enhance early-detection systems across the defense digital ecosystem continuum

Leveraging a hyper-scale cloud enables defense and intelligence organizations to detect, respond, and deter attacks early. For example, Microsoft Cloud spans over 200 data centers across 140 countries and analyzes 43 trillion security signals daily. Combined with the intelligence gained by tracking more than 250 unique nation-states, cybercriminals, and other threat actors, we provide defense and intelligence organizations with a unique global perspective. This global threat intelligence perspective enables early detection and response to emerging threats across multi-cloud, hybrid, on-premises, and heterogeneous platforms.

2. Adopt an organization-wide Zero Trust philosophy

Beyond the technical architecture and products necessary to implement a Zero Trust Framework, every individual at every level of the organization must live by, implement, and adhere to the three core principles of Zero Trust:

1. Explicitly verify: Always authenticate and authorize users based on all available data points before allowing access to resources. This includes user identity, location, device health, service or workload, data classification, and anomalies.
2. Use least privilege access: Limit user access with just-in-time (JIT) and just-enough-access (JEA), risk-based adaptive policies, and data protection to help secure both data and productivity.
3. Assume breach: Assume system defenses have been breached and systems might be compromised. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses.

3. Use Automation as a force multiplier to mitigate threats at scale

According to the 2022 (ISC)² Cybersecurity Workforce Study, there’s a global shortage of 3.4 million workers in cybersecurity. With this deficit, modern automated security platforms must be used by all organizations, including the defense and intelligence community, as a force multiplier to fill in the cyber talent gap.

Microsoft offers best-in-class capabilities across all security pillars of the digital estate. According to the Forrester Total Economic Impact Studies, Microsoft Security tools reduce the likelihood of a data breach by 45 percent,³ reduce the time to threat mitigation by 50 percent,⁴ and reduce the amount of labor associated with advanced investigations by 80 percent.⁵ 

A foundation that supports the mission

As mentioned, defense and intelligence organizations seek to simultaneously increase security, while also increasing interoperability. In the face of the threat environment highlighted above, Microsoft is committed to meeting the increasing need for defense and intelligence organizations to interoperate with allies and collaborate with trusted partners. Hyperscale cloud serves as the digital foundation for interoperability and collaboration while offering improved security postures over traditional legacy, on-premises approaches.

That’s not to say that the cloud is appropriate for every single scenario. Certainly, in our industry, we know that’s not the case. For instance, there are currently requirements for mission data to remain air-gapped. Nonetheless, we also recognize that the vast majority of workloads across all industries—defense and intelligence included—can and should be serviced in the public hyper-scale cloud because it is the gold standard for security, resilience, and economics.

So how can we deliver on the unique needs of our defense and intelligence customers who work across the entire classification spectrum, and for which classified mission workloads must be air-gapped? We take an end-to-end view of our customer’s needs—from the enterprise to tactical edge—and include coalition and industry requirements for interoperability and collaboration.

For classified mission workloads, hybrid and on-premises capabilities remain an important part of the overall landscape and Microsoft will deliver on that need. We also recognize the need to leverage contemporary capabilities, such as AI, digital twin, and simulation, and understand how information superiority, through the application of these capabilities, is a force multiplier.

That’s why we support your mission by first leveraging our hyper-scale capabilities, to meet as many customer requirements as we can, across the entire classification spectrum. Where this isn’t possible (like some classified and mission workloads) we leverage our Azure Stack portfolio for air-gapped and disconnected operations, whilst continuing to invest in hybrid infrastructure and provision of control plane technologies that bring all of these environments seamlessly together.

Achieving a secure digital backbone

The task to modernize and increase interoperability while navigating today’s threat environment is achievable with partnership across defense, intelligence, government, non-government organizations and industry, academia, and the science and technology (S&T) community. Cybersecurity threats are increasing and will continue to evolve as threat actors gain access to technology and evolve their techniques to conduct destructive cyber-attacks, espionage, and influence operations. Defense and intelligence organizations can have confidence knowing Microsoft Azure is designed to implement the steps discussed to improve cybersecurity and serve as the organization’s secure digital backbone to achieve the mission.

We recognize, though, that transformational progress can be often tempered by policies that seek to simply reinforce legacy approaches rather than inspire new ones. To move forward, we encourage open discussion between defense and industry and across government alliances, working together to express your interest in sharing a common digital backbone and data fabric. 

Learn more

To discuss how Microsoft can help you deliver a secure digital defense and intelligence backbone, we invite you to connect with us on LinkedIn or reach out to your account team representative.

• Alvaro Vitta | LinkedIn
• Jonathon (Jono) Beesley, DSM, GAICD | LinkedIn
• Lloyd Hewitt | LinkedIn

For more insights, you can also listen to a two-part cybersecurity miniseries on the Microsoft Public Sector Future Podcast, Episode 36: Cyber Resilience in Government and Episode 37: Military Lessons on Cyberdefense, where we discuss how public sector organizations can be better prepared for future attacks, best practices for protecting sensitive data, and why making risk-based decisions are so important.

¹Microsoft Digital Defense Report 2022 | Microsoft Security

² Microsoft Cybersecurity Defense Operations Center—Security | Microsoft Docs

³ The Total Economic Impact™ Of Securing Apps With Microsoft Azure Active Directory

⁴ The Total Economic Impact™ of Defender for Cloud from Forrester Consulting

⁵ The Total Economic Impact™ of Microsoft Sentinel from Forrester Consulting.

The post Microsoft for Defense and Intelligence: Secure the digital defense ecosystem and improve interoperability appeared first on The Microsoft Cloud Blog.

Using GEMS to enhance defense and intelligence capabilities

In 2021, the United States Defense Science Board released a report outlining the six key interdisciplinary areas that transcend the traditional Department of Defense (DoD) organizational silos:

• Wargaming
• Experimentation
• Campaign modeling and analysis
• Simulation technology enablers, like engines and data formats
• Immersive training
• Digital engineering platforms

These interdisciplinary areas resonate at the intersection of Gaming, Exercising, Modeling, and Simulation (GEMS); so much so, that Microsoft created new teams solely focused on GEMS, bringing the best of Microsoft to the forefront of this new wave of digitally enabled capabilities.

Microsoft for Startups supports and enables GEMS innovation

The Microsoft for Startups program, including the new Microsoft for Startups Founders Hub, an innovative platform offering support for all startups at every stage of their journey, from ideation to exit, helps GEMS developers achieve more with our platform. We want to unleash an entire ecosystem of developers and start-ups, including those focused on how gaming technologies like hyperscale cloud, the Internet of Things (IoT), AI, machine learning, augmented reality (AR), mixed reality (MR), virtual reality (VR), extended reality (XR), and many others, constructively converge to build a GEMS foundation that will deliver enhanced capabilities for solving some of the most difficult problems for defense and intelligence organizations.

One such start-up, VRAI, will be co-exhibiting with Microsoft for Defense and Intelligence at the I/ITSEC conference, bringing their data driven VR simulation solutions to our customers. VRAI started working with Microsoft via the Microsoft for Startups program, giving them initial, critical access to the technology and support they needed to turn a product vision into a real and disruptive solution. Since then, VRAI has built their HEAT simulation data platform on Microsoft Azure. VRAI is now part of the Microsoft co-sell program and plans to develop an offering for the Microsoft Azure Marketplace.

VRAI: 2022 Military Simulation & Training Award winner

On November 21, 2022, VRAI was announced the recipient of the prestigious Military Simulation & Training Award for Outstanding XR Application by a small company in 2022 in the MS&T Magazines I/ITSEC edition. The award is for VRAI’s ReACT VR Armour Crew Sim, which increases training opportunities for armor crews using immersive VR environments to replace the need for real world platforms. It leverages cutting edge data exploitation to provide personalized learning insights for trainees and instructors while decreasing the carbon footprint of training. The solution combines virtual reality technology with data capture, analysis, AI, and machine learning in order to measure, evaluate, and predict human performance to improve training outcomes.

VRAI co-founder and former Armored Unit Commander, Pat O’Connor, commented on the collaboration with Microsoft saying: “We built our ReACT VR Armour Crew Sim from the ground up, knowing it solves a critical training problem for military end users. We employed top tech talent and military veterans to work with front line military end users to design and build this product. Collaborating with Microsoft gives us the opportunity to get the solution into more of our customers hands, more quickly, solving our customers’ problems and helping to better prepare troops for service, which is a very fulfilling mission for us.”  

Additionally, Microsoft recently highlighted VRAI as one of various partner solutions at a technology showcase for the United States Army Program Executive Office—Ground Combat Systems (PEO GCS). We supported one of their major programs at our Microsoft Conference Center in Redmond, WA, coordinating the activity within their annual “Light Armored Vehicle User Nations Group” Conference, which included uniformed and civilian personnel from across seven nations.

Meet the Microsoft and VRAI teams at I/ITSEC

The Microsoft Defense and Intelligence team is thrilled to be participating at I/ITSEC with our partners. We’re eager to meet with you to discuss our point of view on GEMS and demonstrate a few of the innovative technologies that can be a positive force for digital transformation. Stop by and visit with Microsoft and our partners booth, #1969, and meet with the team.

Microsoft for Defense and Intelligence

Empowering militaries. Improving operations. Protecting national security.

Learn more

The post Microsoft showcasing approach for Gaming, Exercising, Modeling, and Simulation (GEMS) at I/ITSEC appeared first on The Microsoft Cloud Blog.

Cyber threats play a key role in global conflicts. The speed and relentlessness of worldwide cyber attacks reflect the ubiquitous global routes for their advance. They are unrestricted by borders and unimpeded by the resistance and risks imposed by more traditional terrain that military forces must traverse when conducting operations across sea, land, or air.

The cyber domain is a man-made construct. It is characterized by a combination of public and private-sector ownership, operations, sustainment, and even security. This in turn requires a new form of collective defense. Cyber defense relies on a coalition of countries, private companies, and non-governmental organizations (NGOs). Central to these efforts is protecting civilians from attacks that can impact their lives and access to critical services.

Check out Microsoft for Defense and Intelligence to see how other defense agencies are using new and innovative ways to manage these threats.

Microsoft and securing the cyber domain

Microsoft’s cybersecurity strategies are informed by the visibility we have into the cyber threat landscape. Microsoft serves billions of endpoints globally, allowing us to aggregate security data from a broad and diverse spectrum of sources, including enterprise organizations and consumers. With a view of more than 24 trillion security signals per day, we can build a granular understanding of the current state of cybersecurity. We also can provide indicators that help us predict what the threat will attempt to do next.

While security has always been a priority for Microsoft, we recognize that the digital world requires continuous advances in how we protect, detect, and respond to cybersecurity threats. The Microsoft Cyber Defense Operations Center (CDOC) is one example of the more than USD1 billion we invest each year in security, data protection, and risk management.

Showcasing the future of cyber security

How the cyber domain is shaping the conflicts around the world will no doubt be top of mind for everyone attending the Atlantic Future Forum 2022 (AFF’22). This event takes place in New York City from September 28 to 29, 2022. The AFF will be hosted onboard the Royal Navy aircraft carrier HMS Prince of Wales as part of her maiden visit to the United States. Now in its fifth iteration, this summit brings together military leaders, senior politicians, and policymakers, together with business leaders, innovators, and tech entrepreneurs from both sides of the Atlantic.

AFF ‘22 will address the new threats and security dimensions in the world. This year’s forum will help showcase advances in quantum computing, artificial intelligence, cyber security, and the emerging technologies that are proving to be critical for collective security, economic resilience, and future prosperity.

AFF’22 looks to reinforce and cement the partnership between the North Atlantic allies who seek to reassert Western values while defending democratic institutions and the global rules-based order. Informed by the urgent challenges now facing the west, this year’s forum seeks to reinvigorate collective security discussion across the NATO alliance and will include other partners to broaden these dialogues.

“AFF22 comes at a critical time for the Euro-Atlantic alliance with the Russian invasion of Ukraine. The US/UK relationship has always been at the core of the alliance and the AFF is a unique opportunity to bring together government and the military, together with academia and business, to strengthen not only security and defence but also the trade and economic sinews of the alliance.”—Lord Sedwill, Chairman of Atlantic Future Forum, AFF’22 Press Release.

Learn more

As an active partner, the Microsoft Defense and Intelligence team will be at the Atlantic Future Forum 2022 to discuss ways in which we are working with militaries and other security forces; helping them reimagine what digital operations can do to protect national security. We’re seeing tremendous instability in the global environment, not just in eastern Europe. As a result, we’re watching new alliances form and, as with NATO, old ones reinvigorated. These new alliances drive a need for improved interoperability and cybersecurity so that alliance members can respond quickly and effectively to traditional warfare, cyberwarfare, or warfare in space. The Atlantic Future Forum 2022 could not be more relevant or important. We’re looking forward to connecting with existing partners—and making new ones—at this significant event.

The post Secure the cyber domain with Microsoft Defense and Intelligence appeared first on The Microsoft Cloud Blog.