Microsoft President Brad Smith is living up to his political-sounding job title. After a series of appearances in Brussels, he visited Berlin this week to launch Microsoft’s free European Security Program (ESP). What is it and what does this step mean?
The ESP is a continuation of the existing Microsoft Government Security Program (GSP). This already consisted of threat intelligence insights, cybercrime reports, updates on state actors, and the identification of vulnerabilities and other security risks. All of this originates from various Microsoft units, such as the Digital Crimes Unit (DCU) and the Microsoft Threat Analysis Center (MTAC).
Free of charge
An important feature of the ESP is that it comes with no price tag. EU member states, candidate member countries, EFTA countries, the United Kingdom, Monaco, and Vatican City can use the new capabilities free of charge. These include AI-driven threat intelligence, with information shared with European governments, additional investments, and new partnerships. It is therefore a fairly diffuse concept, with the emphasis on a general improvement in Europe’s security level rather than a single service or product.
For those who find this European focus surprising, it is worth noting that the presenter of the new plans, Brad Smith, is well known to European politicians. He represents the strong EU focus that Microsoft has had in recent months, with promises of EU data center growth, sovereign cloud options, and reassurances about the alleged termination of Microsoft services at the International Criminal Court (ICC).
The timing of the ESP is also no coincidence. It is important for Microsoft to continue this image of European focus at a time when governments across the continent are questioning their commitment to American hyperscalers. However, there are also plenty of external incentives for such a program. Consider the ever-growing threat from countries such as Russia, China, Iran, and North Korea, with the continuous stream of Ransomware-as-a-Service to further increase the threat landscape.
It is no surprise that AI plays a prominent role in the program. Microsoft sees how attackers are also using AI for reconnaissance, social engineering, and brute force attacks. The company therefore monitors any misuse of new AI models and proactively blocks known threat actors.
Three pillars of cybersecurity
As mentioned, the program is based on three pillars. The AI-driven threat intelligence is primarily intended to improve the speed and depth of insights into cyber threats to governments. Microsoft tracks advanced groups and provides real-time insights into their tactics and procedures.
Secondly, Microsoft is investing extra in cybersecurity capacity. The company has launched a pilot with the European Cybercrime Centre at Europol. Microsoft Digital Crimes Unit investigators now work directly from the EC3 headquarters in The Hague. There is therefore a close link between the public and private sectors to guarantee cybersecurity.
Thirdly, partnerships are being expanded to actively disrupt cyberattacks. Think not so much of CrowdStrike or SentinelOne, but rather the CyberPeace Institute and the Western Balkans Cyber Capacity Center (WB3C).
For innovation, Microsoft is investing in research through the Laboratory for AI Security Research in the United Kingdom. This public-private partnership focuses on security challenges for critical infrastructure. European open-source projects such as Log4J and Scancode are also supported through the GitHub Secure Open Source Fund.
“Cybersecurity is a collective effort,” Smith sums up. Europe’s digital resilience must be built from the bottom up, he says. It is the latest addition to Microsoft’s renewed European strategy, in which the company positions itself as the “voice of reason” between the US and the EU. Perhaps all the close partnerships and free services will help achieve that position. It already chose not to join former ally OpenAI in the US Stargate project for a national AI infrastructure. There is a need for this in Europe too, and Microsoft feels called upon to act. However, it is taking a broader view than just AI, with security (finally) back as a priority.