Microsoft Ignite 2024: Redefining AI, accountability, and data security

As the dust settles on Microsoft Ignite 2024, it’s a good time to highlight some of the major announcements that caught our attention. And the impact they could have on the future of secure IT strategies.

TL;DR:

• Microsoft Ignite 2024 showcased AI’s role in transforming productivity with Microsoft 365 Copilot.
• Security remains central, with AI-driven tools in Microsoft Purview, Intune, and Entra addressing key areas like data security, endpoint management, and identity protection.
• New innovations like Security Exposure Management provide proactive vulnerability identification and enhanced defences.
• AI is reshaping IT, but security and compliance must evolve alongside to ensure a safe, efficient future.
• Microsoft’s updates signal the continuing shift towards AI-augmented, proactive security strategies.

It will surprise nobody that Artificial Intelligence (AI) was the star of the show at Microsoft Ignite 2024, with Microsoft 365 Copilot’s expansion across the ecosystem promising a productivity revolution.

We’ve already seen how Generative AI’s ability to transform workflows is driving a surge in uptake across organisations worldwide.

But we need to channel the mindset of Spiderman’s uncle for a moment and ask: Is the great power of Copilot accompanied by great responsibility?

Simply put, productivity needs a secure, compliant foundation.

Which is why we’ve zeroed in on a few key announcements that caught our eye around identity, endpoint, and data security.

Here’s what we took away.

Microsoft Purview and Copilot: AI-driven data security gets smarter

In our recent Cyber Threat Report 2025, IT leaders expressed excitement about AI’s potential. On the flip side, they also expressed some apprehension around the potential for new security and compliance risks.

And top of the concern pops for this was data security.

Enter Microsoft Purview and its deepening integration with Copilot.

In particular:

• Data Security Posture Management (DSPM) for AI (GA): Spot and fix vulnerabilities before they become problems. DSPM helps secure sensitive data in by catching oversharing and misclassification early.
• Data Loss Prevention (DLP) for Microsoft 365 Copilot (Preview): A new way to keep AI in check by applying DLP policies to Copilot’s interactions. This ensures sensitive information stays safe as AI integrates into daily workflows.
• Insider Risk Management enhancements (Preview): Mitigate insider threats by detecting risky AI behaviours like unauthorised prompts or misuse of models.

The enhancements seem to be aimed at addressing the legitimate concerns organisations have when it comes to safely deploying Microsoft 365 Copilot.

By identifying vulnerabilities early, ensuring sensitive data is protected in AI-driven workflows, and monitoring for risky or unauthorised behaviours, they address key concerns around data security.

Which should help organisations integrate AI with greater confidence, knowing they can maintain control over compliance and reduce potential risks.

AI has incredible transformative potential for workplaces, but as Satya Nadella mentioned in his keynote, it's not about tech for tech’s sake. It's about integrating AI intelligently and responsibly. Enabling new levels of efficiency, connectivity, and insight. And strengthening security, rather than increasing risk.

Matt Berry, Microsoft Partner Program Manager, Kocho

Microsoft Intune: Reinventing endpoint management with Copilot

The same could be said of the announced updates to Microsoft Intune. AI again being the driving force in reshaping endpoint management.

Here’s a quick look at the new tools:

• Advanced Analytics with Copilot Assistance: This feature helps IT admins compose Kusto Query Language (KQL) queries using AI assistance, making data analysis more accessible. It’s important because it allows IT teams to quickly identify trends and troubleshoot issues, ultimately improving device security and compliance without requiring deep technical skills.
• Streamlined Policy Management: Copilot uses AI to recommend configurations for creating effective security policies across devices. This helps reduce the likelihood of misconfigurations and ensures consistency, meaning IT teams can spend less time drafting policies and more time focusing on improving security.

In hybrid work cultures, where device variety and location add complexity, we know workloads can be high and security can become fragmented.

We know that there's a general concern about growing complexities, risks, and workloads in endpoint management. Layering AI deeper into Microsoft technologies was an inevitable next step to keep pace with the challenges. It certainly offers some exciting new potential for streamlining operations and adding more consistency to security protocols. Which can only be a positive for increasingly overburdened staff.

Mathew Richards, Head of Secure Digital Transformation, Kocho

Microsoft Security Copilot comes to Microsoft Entra

Not to miss out on the AI initiatives, Microsoft also revealed that its flagship family of identity products, Microsoft Entra, will be integrating with Microsoft Security Copilot. ?

Mainly this is thanks to:

• User Risk Investigation (Public Preview): This feature allows security teams to quickly identify and assess risky user behaviours, such as unusual login attempts or unauthorised access requests. By using AI to generate insights, teams can act proactively rather than spending hours analysing logs. This makes identity management both accessible and effective, even for those without deep technical expertise.

This is a significant step forward in the ongoing mission to tackle identity threats, the number one security issue for organisations today.

With identity being the gateway to nearly all systems and data, risky behaviours like unauthorised access attempts or compromised credentials pose a huge risk. By enabling proactive, AI-driven insights through features like User Risk Investigation, Microsoft will be equipping security teams to respond faster and more effectively.

Not only reducing the likelihood of breaches but also supporting organisations to navigate the growing complexity of hybrid identity management.

Download the Complete Guide to Microsoft Entra here.

Microsoft Security Exposure Management: Proactive defence against evolving threats

Microsoft's new Security Exposure Management is another innovation within Microsoft’s vision for unified threat management.

It offers a more holistic approach to managing an organisation's security vulnerabilities, providing greater visibility across the digital estate.

Here's a breakdown of the key features and their relevance for end users:

• Attack Surface Management: This tool helps security teams maintain a comprehensive view of all assets. Which is essential for identifying potential vulnerabilities early. By understanding interdependencies and monitoring exposure, organisations can prioritise their most critical assets, reducing the risk of breaches.
• Attack Path Analysis: This feature helps security teams visualise attack paths and identify the most vulnerable areas in their infrastructure. Focusing on high-risk attack routes allows for more effective remediation and better protection of critical assets before they can be exploited.
• Unified Exposure Insights: For decision-makers, this provides a clearer understanding of the organisation's overall security posture, offering insights into areas of concern. It helps security teams align their response efforts with broader business objectives, ensuring a more strategic approach to risk management.

Now generally available, Microsoft Security Exposure Management again shifts the dial away from reactive and towards proactive security.

As threats evolve, being able to anticipate potential risks and address them before they become critical is key to strengthening an organisation’s defences.

What it all means for the future

There was a lot of justifiable fanfare about the business transformation possibilities of AI and Microsoft 365 Copilot at Ignite 2024.

But of equal importance is the recognition that these possibilities need to be underscored by diligent efforts around security and compliance. One simply cannot coexist without the other.

The updates to Purview, Intune, Entra, and Microsoft’s broader security tools represent more than just incremental improvements.

They signal a shift towards a proactive, AI-augmented approach to safeguarding organisations in an increasingly complex, uncertain, and cyber imperilled future.

Get deeper into Ignite 2024 innovations ??

Join us on Tuesday 26 November 2024 for our exclusive Microsoft Ignite 2024 Tech Update webinar. Our industry experts will be taking a deep dive into the key innovations and why they matter to your organisation. ?

Book your space here.

Further resources

• Download the full 2025 Cyber Threats Report
• Check out every innovation announced at Microsoft Ignite 2024
• Read the latest cloud tech and security insights, updates, and guides
• Watch Kocho’s Microsoft 365 Copilot Demo