"AI is creating new attack surfaces that did not exist before. We have to stop things we never even imagined in the past. Existing security models cannot respond to this."

With AI spreading inside companies and security risks rising, Microsoft has put forward ambient and autonomous as keywords for a solution.

It said security risks in the AI era can be prevented only when ambient security, always embedded across the entire system, is combined with autonomous security that judges and moves on its own.

Mick Doone (믹 듄), senior security adviser manager for Microsoft in the Asia Pacific (APAC) region, presented ambient and autonomous as solutions to AI-driven risks in a speech at Microsoft's AI Tour Seoul 2026 event on March 26. He stressed that Microsoft is also strengthening security with a focus on those areas.

On ambient security, Doone said, "Security should not be added later. It must be built into every system from the design stage. Microsoft aims for a structure in which security operates constantly and responds automatically across identity, endpoints, cloud, data and AI agents."

He added, "Prompts and responses can be manipulated, and plugins and integrated tools connected to agents become attack paths. Existing security models did not consider this structure." He also said, "Autonomously operating agents can make sensitive decisions and execute workflows at high speed."

As AI agents rapidly penetrate across corporate work, security threats are also growing. Microsoft’s annual Digital Defense Report showed that automated phishing attacks using AI were 4.5 times more effective than before. It also found 80 percent of corporate leaders were most concerned about sensitive data leaks related to generative AI.

At the AI Tour Seoul event, Microsoft presented frontier transformation as a key topic for companies, describing it as embedding AI as a growth engine beyond productivity gains.

It stressed intelligence and trust as two elements supporting frontier transformation, and also stressed that trust is difficult to secure without guaranteed security. It said companies need to respond to security risks from AI expansion to become frontier firms.

Doone said, "The security environment is serious. Many organisations operate 40 to 80 security tools at the same time. Unconnected systems create blind spots and slow response." He added, "When AI-based workloads and automation are added, the risk grows. Existing security models cannot stop it."

Microsoft's security portfolio supporting ambient and autonomous consists of five product groups: Defender, Purview, Intune, Entra and Sentinel. Defender is an antivirus and security solution built into Windows OS, and Purview supports data security. Entra provides cloud-based ID and access management, and Intune provides endpoint security. Sentinel is a SIEM and SOAR solution.

Doone stressed, "Each product shares signals and context to build an integrated defence system. We process more than 100 trillion signals a day, and more than 10,000 security experts within Microsoft support threat intelligence operations."

Microsoft recently updated major security product groups targeting AI agents and also introduced a dedicated platform for managing AI agents called Agent 365.

Doone said, "Agent 365 is a control platform that centrally manages AI agents within an organisation. In one place, you can identify what agents exist, what permissions they have and what data they handle. Internal checks found that about 150,000 agents are operating inside Microsoft alone." He added, "Agent 365 is designed as an open platform so it can manage not only Microsoft's own agents but also third-party and custom agents within the same security and governance framework."

Predictive defence was another point Doone stressed. He said, "Predictive defence is a method of predicting in advance the paths attackers can use and blocking them beforehand. The goal is to reduce tens of thousands of potential attack paths to one."

Microsoft also strengthened Security Copilot in the update to automate security operations. Security Copilot automates security tasks including alert triage, threat investigation and incident summaries.

Doone said, "We have decided to integrate Security Copilot into Microsoft 365 E5 and E7 and provide it by default. Previously, you had to pay an additional cost. We will lower the barrier to access AI-based security tools so more organisations can build advanced defence systems."