Today, data usage has moved beyond the traditional borders of business and is now stored on-premises, in multiple clouds, on devices; and accessed from within and outside of your corporate networks. Data has become the lifeblood of every business, driving insights that enable effective operations, competitive advantage, and productive collaboration among employees.
IDC predicts that the datasphere will double by 2026, meaning data everywhere, and exponentially growing. With this growth in data and with organizations adopting multiple cloud infrastructures and platforms, data security incidents are widespread and increasing in severity. In 2024, 27% of data security incidents were severe compared to 20% in 2023[1], costing millions of dollars every year to resolve. Additionally, organizations faced 66 alerts per day, up from 52 in 2023[2].
Fortify data security with an integrated approach
Data security is a cornerstone of effective cybersecurity programs – as data is at the center of cyberattacks. Safeguarding sensitive information, spanning from employee and customer data to intellectual property, financial projections, and operational records, against an array of cyberthreats, data breaches, and insider risks, is a top priority for these organizations.
Although essential, for many customers, securing all their data is a complex and multi-faceted undertaking. Organizations typically deploy multiple non-integrated data security solutions, increasing complexity, cost, and security gaps due to fragmented data handling, inconsistent classification, redundant alerts, and limited investigative insights. A vast majority (82%) of decision makers we spoke to agree that an integrated platform is superior to managing multiple isolated tools.
To effectively address this complexity, organizations need a unified approach to data security. Microsoft Purview provides a comprehensive integrated set of tools in Information Protection, Insider Risk Management, and Data Loss Prevention that can together help you:
- Discover hidden risks to your data
- Create effective protection and prevention policies
- Quickly respond and remediate data security incidents.
These solutions have been built to work better together with reinforced synergy across the platform.
New AI-powered data security investigations and analysis
Today, we are announcing Microsoft Purview Data Security Investigations (DSI), a new generative AI-powered solution that helps data security teams quickly understand and mitigate risks associated with sensitive data exposure. DSI further expands Microsoft Purview data security offerings, introducing AI-powered deep content analysis to uncover key sensitive data and security risks within incident-related data across multiple languages.
DSI can uniquely draw correlations among incident-related data, users, and user activities. Incident investigators can use DSI to collaborate securely with partner teams to enhance mitigation, simplifying previously complex and time-consuming tasks. The solution is also integrated with our Microsoft Security solutions; you can launch a data security investigation via a Defender XDR incident or a Purview Insider Risk Management case. DSI is available for preview starting April 9. Learn more in our blog.
Agents designed to unlock new levels of productivity and security efficacy
To help customers further increase efficacy of their data security programs and focus on the most critical risks, today we are announcing Alert Triage Agents in Microsoft Purview Data Loss Prevention (DLP) and Insider Risk Management (IRM).
These autonomous Security Copilot capabilities integrated into Microsoft Purview offer an agent-managed alert queue that identifies the DLP and IRM alerts that pose the greatest risk to your organization and should be prioritized first.
Today, most teams still rely on manual triage, static rule-based filtering, and siloed security tools [3], which are often ineffective, create blind spots, and can slow down risk mitigation. Our new agents empower data security teams to focus on the most important alerts and concentrate on the critical threats, with a dynamic process that takes inputs from data security admins and calibrates the triage results to better match the organizations’ priorities. Learn more in our blog.
Expanding data discovery and protection to the network and browser
At Microsoft Purview, we are committed to helping our customers protect their data wherever it lives or travels - even as the modern data estate grows more complex. Given the nature of modern work is continuously evolving: Generative AI tools are increasingly ubiquitous in the digital workplace and information workers are spending more time working in the browser than ever before [4]. As such, we are extending Purview data security capabilities to the network layer and enhancing our browser-based capabilities for Microsoft Edge for Business. These capabilities include:
- Inline discovery of sensitive data across the network. Delivered in partnership with Netskope One and iboss Zero Trust SASE through secure access service edge (SASE) integration
- Inline discovery & protection of sensitive data in Edge for Business
- Data access restrictions in Edge for Business for unmanaged Windows and macOS devices
Learn more in our blog
Securing data across various devices, platforms, and data sources
Organizations today grapple with securing data across the various devices, platforms, and data sources that comprise their modern ecosystem. This challenge has become even more daunting as unsanctioned and unsupervised generative AI becomes more ubiquitous in the workplace, presenting a new frontier for sensitive data loss.
Microsoft Purview Data Loss Prevention (DLP) offers today’s organizations a unified approach to securing data across their ever-evolving data estates. Purview DLP not only is built into the Microsoft 365 apps and desktop devices that you rely on every day but also extends to the expanding range of data types and locations found across your environment.
Today we are announcing a number of enhancements to our existing rich set of DLP capabilities
- Expanded visibility & protection beyond Microsoft 365 with inline discovery of sensitive data across the network, inline protection of sensitive data accessed in Microsoft Edge for Business, and new label-based protections for non-Microsoft file types.
- Simplified day-to-day admin experiences with policy sync dashboards and a new collection policy workflow to help organizations scale their DLP operations across an expanding data estate.
- Enhance existing protections with expanded advanced classification support and DLP coverage for previously unscanned files in SharePoint and OneDrive.
Learn more in our blog.
Expanding visibility into risky AI usage across more AI workloads
A growing area of concern is the rise in data security incidents from the use of AI applications, which nearly doubled from 27% in 2023 to 40% in 2024[5], while the rise of shadow AI adds to the complexity, with 78% of users bringing their own AI tools like ChatGPT. Emerging threats such as indirect prompt injection attacks are also on the radar, with 11% identifying them as critical risks. Therefore, it is crucial for organizations to understand how their employees interact with generative AI tools.
To continue addressing the expansion of GenAI tools and scenarios, today we’re excited to announce new risky GenAI usage detections in Insider Risk Management for Copilot for Power BI and Security Copilot, as well as for 3rd party apps such as Gemini, ChatGPT consumer, Bing and DeepSeek.
The detections will cover a wide range of activities, including risky prompts that contain sensitive information or exhibit risky intent, as well as sensitive responses that either contain sensitive information or are generated from sensitive files or sites, enabling admins to identify and mitigate risky AI usage. Learn more in our blog.
And finally, we are also bringing several new capabilities in Information Protection. Learn more in our blog.
Getting started with Microsoft Purview
You can try these and other Microsoft Purview solutions directly in the Microsoft Purview compliance portal with a free trial.
Learn more about the innovations designed to help your organization protect data, defend against cyber threats, and stay compliant. Join Microsoft leaders online at Microsoft Secure on April 9.
[1] [2] [5] Data Security Index Report, Microsoft Dec 2024
[3] What is AI-Powered Alert Triage? | Intezer
[4] Windows telemetry
Microsoft