Azure Skill Sprint: AI Security & Defender For Cloud

Learn the essentials of AI security and see how unified security platforms like Defender For Cloud are changing the game - take the AI CTF hands on challenge!

Jan 31, 2025

In the past year or two GEN-AI has seen explosive growth, from end users to businesses of all shapes and sizes, while traditional AI and Machine learning has been around for decades GEN-AI has become a house hold name. Its a fast evolving technology landscape and it appears to have become (at least in my opinion) many things: a spark of innovation for some and an area of concern for others ( like us security folks).

A rapid adoption of technology without the proper guardrails, business processes and mitigations in place is rarely ever a good idea. Gen-AI is extremely compute intensive and therefore scales best in the cloud where cloud providers are more than happy to rent their infrastructure and have even developed their own models. In this blog, you’re stepping into the shoes of a Head of Security Architecture at a fast-paced healthcare company.

Here’s what’s waiting for you:

Real-world AI challenges the kind that keep you up at night (or could soon).
A Custom Microsoft Learn training plan I designed just for you to learn all about AI security as well as related Microsoft solutions that can help with developing and deploying AI safely.
Must-read resources I’ll point you to my favourite blogs and case studies to give you more perspective on AI security and associated cloud risks.
Related podcast episodes I’ll share podcasts to spark ideas while you’re on the go.
And two hands on exercises including an AI chatbot CTF because the best way to learn? Do the thing

Oh, and a quick heads-up—this isn’t just another blog. It’s part of the Azure Skill Sprint, community learning initiative where Jake Walsh and I put together specially selected learning resources to help you level up. We’re sharing tips, tools, and resources straight to LinkedIn and your inbox throughout January and February. Check out the links at the bottom for anything you missed so far. 👇🏼

Your Mission As Security Architect:

Imagine this: you’re leading the security architecture team at QuantumMed AI , a major player in the healthcare industry. They’re rolling out a shiny new AI chatbot, and everyone’s hyped about the ROI and customer engagement it’ll bring.

But you know how this goes security wasn’t exactly at the top of the priority list during planning 🚩. Now, you’re staring at a fast-tracked project with a laundry list of concerns, from privacy compliance to AI-specific vulnerabilities and visibility gaps.

No pressure, right?

Well have a look at the cloud security landscape based on threat intelligence

The Business Context

QuantumMed AI helps hospitals, pharmacies, and healthcare providers streamline their operations. From prescription management to supply chain logistics, it’s all about making sure patients get what they need when they need it. Security, of course, is non-negotiable in this space.

The AI Security Dilemma

Here’s what’s keeping you up at night:

Visibility Gaps: Your current tools aren’t cutting it for for your multi cloud environment never mind AI! Blind spots and misconfigurations are everywhere.
Data Privacy: Your organisation is still shaping its immature data governance processes, data classification and DLP policies.
Adversarial Attacks: AI models can be manipulated, and in healthcare, that’s a disaster waiting to happen, you must secure against AI based attacks.

Sound familiar? Let’s tackle these challenges, starting with the biggest one: visibility.

Challenge 1: Stop Flying Blind

You can’t secure what you can’t see or don’t know exists simple as that its. basic principle in security “take an inventory of your assets“. Yet, so many organisations still rely on fragmented tools without end to end visibility of their cloud environments and contextualised risk from development to runtime. We have shifted to a new agile “fail fast fail forward approach” This is great for innovation and adopting new technologies like AI but creates some issues for security ( covered in detail in the blogs below) and we need to deploy cloud native security tools that provide constant visibility and protection in the dynamic, ephemeral modern cloud environments of all types and sizes.

By failing to adopt a unified visibility approach your creating blind spots, a security blind spot is any type of configuration, tool, or process that appears to be secure but is subject to potential vulnerabilities that lurk beneath the surface and are easy to miss. To achieve strong AI security, start by cutting out any unauthorised AI use in your organisation and getting a level of visibility and the ability to enforce security policies via cloud access security brokers (CASBs) like Microsoft defender for cloud apps.

You’ll also want to make sure everybody knows what they can and cannot do with GenAI. Make sure to add simple-to-follow security practices and training embedded this into existing processes and help your teams adopt a security first mindset. Visibility doesn't stop there, especially if your developing your own AI tools ( like a chatbot in this scenario) you’ll need a holistic view of:

Identity: who and what has access to your resources?
Workloads: What’s running on your workloads, what types of workloads do you have? How are workloads isolated?
DevOps Pipelines: Are your configuration builds secure?
Data: Where is your data, what protections are applied?
Shadow IT: Who’s accessing and sharing what?

📚 Must reads:

Microsoft White Paper Accelerate AI transformation with strong security

Microsoft AI Impact Assessment Guide

5 ways a CNAPP can help with visibility

The value of CNAPP series by me ← read the whole series!

View Common Misconfigurations that could impact your AI development

What is Shadow AI? Why It's a Threat and How to Embrace and Manage It

[VIDEO Defender For Cloud In the Field: AI Runtime security]

Microsoft Training Path

Challenge 2: Keeping Data Private and Compliant

Data is the lifeblood of AI, especially in healthcare, where patient confidentiality is paramount. For QuantumMed AI, safeguarding patient records isn’t just a regulatory necessity it’s a matter of trust.

Microsoft Purview offers powerful capabilities to classify sensitive data, enforce access controls, and ensure compliance with healthcare regulations such as HIPAA. By combining this with Azure AI Safety Center, Defender for Cloud you can assess data flows across your systems and help mitigate against data exposure caused by AI applications. Defender for Cloud DSPM capabilities further enhance this by providing unified data visibility and monitoring in multi-cloud environments.

📚 Must reads:

AI Data Security: Key Principles and Best Practices

Data Leakage: Risks, Causes, & Prevention

How to leverage generative AI in cloud apps without putting user data at risk

The EU Artificial Intelligence Act: A tl;dr

AI Risk Management Frameworks: Everything You Need to Know

Learn about AI Governance

AI-DSPM with Purview <— by me!

Microsoft Training Path

Challenge 3: Defend Against AI Adversarial Attacks

AI systems are vulnerable to adversarial attacks ( many of which are now mapped by the MITRE ATLAS framework see below) Adversarial AI has recently gained increasing attention and concern due to its potential to cause significant harm. Attackers can use adversarial AI to manipulate autonomous vehicles, medical diagnosis systems, facial recognition systems, and other AI-powered applications, leading to disastrous outcomes.

Solution : there is no clear cut solution 😮 we must apply a layered security approach, best practice and guardrails. The goal is to create a solid, resilient framework capable of detecting and preventing attacks and enabling teams to respond swiftly and effectively when they occur.

📚 Must reads: