Based greater than 125 years in the past, Dow has demonstrated a dedication to leveraging science to make the world a greater place. In the present day, Dow’s ambition to be essentially the most revolutionary, inclusive, and sustainable supplies science firm is supported by a worldwide safety crew devoted to protecting workers, prospects, and huge volumes of knowledge protected and safe.
Dow’s safety crew, led by Chief Info Safety Officer Mario Ferket, proactively covers the whole lot from governance, danger, compliance, identification and entry administration, and knowledge safety to information privateness whereas their crew continues to mature and develop. With this comes a partnership with Microsoft Safety utilizing instruments together with Microsoft Safety Copilot.
Microsoft just lately spoke with Ferket on Dow’s method to AI in safety, establishing a accountable AI crew, and the way Safety Copilot is appearing as a mentor inside their apprentice program.
MICROSOFT: How has your safety crew developed up to now few years to include AI into your small business?
FERKET: AI at Dow is being seen as a big enterprise enabler to raised serve our prospects with revolutionary and sustainable merchandise. To make use of AI in a accountable method, we partnered with our Enterprise Information and Analytics crew, Authorized, and different departments to ascertain a accountable AI crew.
This crew was tasked with defining a set of rules in addition to creating a suitable use coverage for generative AI as we rolled out Microsoft Copilot within the firm. Past that, the brand new cross-functional crew has been wanting on the new dangers related to the usage of AI and learn how to shield ourselves, our information, and our prospects. The crew can also be exploring how AI might be leveraged to boost our safety operations and use “AI to combat AI” in situations through which AI is doubtlessly used with malicious intentions.
MICROSOFT: How is AI being built-in into Dow’s safety efforts, and what particular capabilities are you leveraging?
FERKET: Our crew is leveraging a number of AI- and machine learning-enabled capabilities to raised detect and take away phishing emails, potential enterprise e mail compromise (BEC) situations, and different malicious content material despatched to Dow via e mail.
For properly over a yr, we have now been working with Microsoft in a design partnership to leverage Safety Copilot as a key instrument within the Dow Cyber Safety Operations Heart (CSOC). Given the sophistication and velocity of cyberattacks, our unique want was to get rid of repetitive handbook duties via automation and transfer to extra automated interventions. This enables the crew to spend extra time on proactive actions. We’re additionally utilizing Safety Copilot for risk searching augmentation, automated incident summarization, and ticket enrichment by pulling indicators from intelligence providers to supply context to the tickets being investigated, and producing queries to help risk searching actions. We’ve discovered that this helps get rid of labor-intensive actions.
MICROSOFT: What affect has AI had in your crew, and do you might have any classes discovered from integrating AI into your safety operations?
FERKET: As soon as the preliminary studying curve of Safety Copilot was handed, the Dow CSOC shortly recognized fast wins for leveraging the instrument. It’s now frequent in any investigation to listen to the phrase “Have you ever requested Copilot?” for all kinds of conditions.
Previously, our Dow CSOC relied on intensive institutional data inside the crew to know what “good” and “unhealthy” regarded like. Having the ability to question Safety Copilot in pure language helps the crew to shortly determine related info and act on it. The power to leverage Safety Copilot helps analysts to focus extra on investigations and fewer on sifting via information. Earlier than this degree of automation, a member of my safety crew must manually supply information from a number of sources to attract correlations and conclusions throughout an investigation. Now, when an alert journeys, Safety Copilot enriches alerts with contextualized information to help investigations. By utilizing Safety Copilot for incident summarization and enrichment, pure language search, and automation, the CSOC can lower the time between when an alert fires and when motion is taken.
Each Microsoft 365 Copilot and Safety Copilot have change into integral to the day-to-day operations of the CSOC, with analysts querying the instrument a number of instances a day for a lot of causes, starting from information interpretation to ticket enrichment. Safety Copilot enriches tickets with related information, chopping down the period of time spent collating information. It has helped the Dow CSOC to automate the menial duties of safety investigations, permitting our extra senior analysts to give attention to proactive defensive measures. Our crew has been shocked by how shortly we adopted the brand new capabilities and built-in them into our normal processes.
Inside Dow, we even have an apprentice program with people from numerous backgrounds who’re fairly often non-IT educated. Historically, it will take upwards of up a yr of on-the-job coaching and job-shadowing of senior analysts for one in all these apprentices to change into “full” members of the crew. Now, these apprentices can use Safety Copilot as a “digital mentor” for subjects corresponding to question constructing or studying the cyberthreat panorama, drastically reducing the ramp time required for the apprentice to be productive and making certain that senior analysts are capable of give attention to proactive protection.
MICROSOFT: What are the longer term instructions and improvements you’re contemplating within the subject of AI and safety, and the way do you intend to implement them?
FERKET: Wanting forward, we’re exploring the usage of superior AI-powered capabilities to boost detection of anomalies and patterns throughout large-scale telemetry. We’re additionally evaluating methods to streamline rule administration via clever automation, aiming to cut back the handbook overhead for our analysts. One other space of curiosity is dynamic prioritization of alerts, the place contextual indicators and risk intelligence can assist refine response urgency. As all the time, we stay vigilant in regards to the evolving use of AI by malicious actors and proceed to evaluate its broader implications on the risk panorama.
MICROSOFT: What recommendation would you give to different safety groups beginning their AI journey?
FERKET: Be agile, however centered. AI is undoubtedly altering the cyber protection panorama, with many emergent instruments being launched usually. It’s straightforward to get misplaced within the “artwork of the potential” in the case of AI tooling. Organizations beginning their AI journey must be conscious of their core enterprise aims, the constraints of present AI capabilities, and be able to pivot as issues change quickly. For the Dow CSOC, AI is seen as an excellent augmentation to assist analysts be more practical and spend time on what actually issues.
To be taught extra about Microsoft Safety options, go to our web site. Bookmark the Safety weblog to maintain up with our knowledgeable protection on safety issues. Additionally, comply with us on LinkedIn (Microsoft Safety) and X (@MSFTSecurity) for the most recent information and updates on cybersecurity.
