Each year, Microsoft releases the Microsoft Digital Defense Report\u2014a comprehensive examination of the global threat landscape and the biggest trends in cybersecurity. Cyberthreats continue to grow in sophistication, speed, and scale, compromising an ever-growing pool of services, devices, and users. We believe that AI can help level the playing field, but security teams must have all of the insights and resources necessary to utilize the full promise of this technology.\n\nThe Microsoft Digital Defense Report 2023 is based on insights from 65 trillion daily signals synthesized by more than 10,000 security and threat intelligence experts across 135 million managed devices and over 15,000 security partners. Using this data, Microsoft tracked over 300 threat actors in 2023 and blocked over 4,000 identity attacks per second.\n\nHere are 10 key learnings:\n\n Security teams can leverage a hyper-scale cloud for easier implementation by either enabling these measures by default or abstracting the need for customers to implement them.\n\nThere are five foundational principles that every organization should implement to defend against ransomware across identity, data, and endpoints. These include leveraging modern authentication with phish-resistant credentials; applying Least Privileged Access to the entire technology stack; creating threat- and risk-free environments; implementing posture management for compliance and the health of devices, services, and assets; and using automatic cloud backup and file-syncing for user and business-critical data.\n\nWe believe that increased intelligence sharing between the private and public sectors could help counter this trend by enabling a faster and more impactful collective response. The Microsoft Digital Crimes Unit has taken a proactive stance by actively tracking and monitoring 14 DDoS-for-hire sites, including one situated in the dark web, as part of its commitment to identifying potential cyber threats and remaining ahead of cybercriminals.\n\nAs part of our effort to better track nation-state groups, Microsoft has launched a new threat actor naming taxonomy. This taxonomy will bring better clarity to customers and security researchers with a more organized and easy-to-use reference system for threat actors.\n\nAdditionally, while AI-generated profile pictures have long been a feature of state-sponsored influence operations, we expect to see increased use of more sophisticated AI tools to create striking multimedia content.\n\nAdditionally, of the 78% of IoT devices with known vulnerabilities on customer networks, 46% cannot be patched. Security teams must implement robust OT patch management systems if they hope to secure this critical vulnerability. Network monitoring in OT environments is also an effective strategy to help detect malicious activity.\n\nFor example, LLMs can be used to inform threat intelligence; incident response and recovery; monitoring and detection; testing and validation; education; and security, governance, risk, and compliance. Microsoft has explored using LLMs for developing intelligent reports, informing chatbots for developer support, standing up a natural language interface with security data, and augmenting cloud data center security.\n\nMicrosoft\u2019s AI Red Team of interdisciplinary experts is helping build a future of safer AI by emulating the tactics, techniques, and procedures (TTP) of real-world adversaries. This allows us to identify risks, uncover blind spots, validate assumptions, and improve the overall security posture of AI systems.\n\nAnother real-life collaboration example is the global Cybercrime Atlas\u2014 a diverse community of more than 40 private and public sector members that works to centralize knowledge sharing, collaboration, and research on cybercrime. Their goal is to disrupt cybercriminals by providing intelligence that facilitates actions by law enforcement and the private sector, leading to arrests and the dismantling of criminal infrastructures.\n\nThe Microsoft AI Skills Initiative includes new, free coursework developed in collaboration with LinkedIn. That enables workers to learn introductory AI concepts, including responsible AI frameworks, and receive a Career Essentials certificate upon completion.\n\nWant to learn more about the latest global cyberthreat trends and advancements in cybersecurity? Download the Microsoft Digital Defense Report 2023 and check out Microsoft Security Insider.