The future of AI at Work

Welcome back to Heart of Security! Between the RSA Conference and Microsoft Build, we’ve shared important news recently about securing and governing AI including how we are securing every Copilot, and how Microsoft is laying the foundation for safeguarding the agentic workforce. As we speak, I’m thrilled to be making stops in Madrid and Istanbul on the Microsoft AI Tour where I’m discussing how AI can drive growth and create lasting value, its importance to the future of cybersecurity, and how we’re protecting customers across their AI transformation.

One of the consistent throughlines between my conversations at all these events is the impact of AI in the workplace. And it’s understandable. AI will represent an incredible change in the way we live and work—as the internet did, and as personal computing did before that. Microsoft’s newly released 2025 Work Trend Index Annual Report found that 78% of leaders are considering hiring for AI-specific roles to prepare for the future—and that jumps to 95% for Frontier Firms – agile, scalable, and value-driven entities powered by human-agent collaboration. Security specialists and AI agent specialists are among the top roles being considered – a clear sign that AI is likely to mean the reinvention of security roles and that developing your skills as an AI leader will position you strongly in the era of AI.  Because of this, I asked my friend and colleague Jared Spataro to join me for my spotlight below to help provide some context about the index and what the AI wave means for the future of work.

But before we get to that, I wanted to share some of the security themes that surfaced through discussions with customers, partners, and other industry leaders at these major events.

1.  Simplifying Data Security

One theme that continues to come up consistently is the critical importance of data security – and how, with the right approach, it doesn’t need to be overly complicated. Every organization faces unique data security challenges. Understanding your risk tolerance as well as your data security non-negotiables can help you land on the right mix of security policies and coverage for your organization. In fact, we recently shared a practical handbook on best practices to secure your data and determining your risk tolerance. The bottom line is that every AI transformation needs to start with security first and ensuring you have the right data security and governance practices in place.

2. Securing AI comprehensively

Securing AI is not merely a technical goal but a foundational necessity as AI becomes increasingly integrated into critical aspects of our lives. Each and every conversation I had around AI emphasized security’s role in preserving trust while enabling innovation. To help organizations navigate these challenges, Microsoft recently released a guide for securing the AI-powered enterprise—the first in a series of deep dives into AI security, identity, compliance, and governance.

It is so important to build a foundation for AI success. Our industry needs to focus on creating infrastructures that address vulnerabilities while harnessing AI's potential to revolutionize areas like threat detection, identity management, and operational efficiency. It’s up to us to ensure security evolves alongside AI advancements to protect our data, systems, and users effectively.

3. Using Agentic AI in cybersecurity

Of course, one of the main conversations at these events was about the future of security and agentic AI. Agentic AI will redefine and enhance every aspect of our connected lives, with agentic workflows dramatically reshaping what is possible in security. We are at the very dawn of agentic security and yet we’re already seeing AI agents capable of delivering powerful automation across areas like threat protection, identity management, data security, and IT operations – empowering security teams to accelerate responses, prioritize risks, and drive efficiency at scale. And with their ability to reduce manual workloads, agents can help enhance operational effectiveness and strengthen an organization’s security posture. In the future, AI agents will help us achieve rapid competency across all domains in security defenses, predict novel attacks, and even stop attacks before they occur.

It’s really incredible! But behind this game-changing innovation are intricate security considerations that organizations must prepare for today. As AI agents become more prevalent, it is critical that security be able to scale and protect at AI speed.

If you’d like to know more about the future of security with AI agents, you can watch my full keynote from RSAC below.

Intelligence on tap is already rewriting the rules of business and transforming knowledge work as we know it. Our annual Work Trend Index outlines the transformative impact of AI on the workforce and highlights the urgency for leaders to rethink strategies as AI adoption reshapes organizational structures. Microsoft CMO of AI at Work Jared Spataro started at the company almost two decades ago working on the apps and platforms organizations rely on to get work done—SharePoint, Office, Microsoft 365, Dynamics 365, Power Platform, and now Microsoft 365 Copilot. He says, “One of the things I love most about my role is that I truly believe the work my team and I do every day is making the world a better place—enabling everyone on the planet to do work that’s energizing, impactful, and personally meaningful. The introduction of AI opens up a new frontier, putting new solutions to tough problems within our reach.”

The latest Work Trend Index report shows that AI-driven intelligence allows organizations to scale productivity quickly, bridging the gap between employee capacity and business demands. By realigning human work with creativity, empathy, and strategic thinking, businesses can achieve better outcomes while reshaping into Frontier Firms. So how can companies prepare their workforce for the shift towards AI-driven roles and responsibilities?

Jared’s answer is simple: “Just get started. When AI first burst onto the scene two years ago, many organizations focused on small-scale AI tests and pilots. But we’ve now come to an inflection point, and the time for pilots alone has passed. Real change requires broad adoption and activation at every level of the organization—from the C-suite to the frontline.”

He explains that the best way to understand and benefit from AI is to use it. While AI literacy is important, hands-on experimentation is essential for developing real-world expertise. Interestingly, the report notes that leaders are significantly ahead of employees on multiple measures of AI usage at work—a complete flip from last year’s report, when employees were leading the way. Jared says, “Leaders need to encourage employees to catch back up: giving them access to approved, secure AI solutions designed for work, and pairing that with the space and support for experimentation.”

When it comes to cybersecurity, he agrees that any AI-driven business must be built on a robust cyber foundation. Jared says, “We all know that the threat landscape has evolved. It's easier than ever for bad actors to exploit vulnerabilities. And with the constant introduction of new AI regulations, simply keeping up is a full-time job. Microsoft Security has been addressing these challenges, integrating comprehensive threat protection, identity management, device management, and data security into a unified end-to-end solution for securing and governing AI. And this is one of those cases where legacy is an advantage, even as Microsoft itself works to become a Frontier Firm.” By building a zero-trust environment with appropriate endpoint protection, identity management, and incident response capabilities, we can help ensure that our customers’ AI solutions are secure.

As AI continues to revolutionize industries, it is crucial to embrace its transformative potential and adapt swiftly to the changes it brings. I’ll leave you with one of my favorite quotes from the Work Trend Index:

-          For more about our Microsoft Build news, make sure you check out the Microsoft Entra Agent ID announcement about how Microsoft is securing and managing your AI agents, plus our exciting news about how enterprise-grade controls for AI apps and agents were built with Azure AI Foundry and Copilot Studio.

-          I love this story about the Microsoft’s Digital Crime Unit’s efforts to prevent abusive AI-generated content and how Microsoft is using our technology to take down AI hackers who create harmful images of celebrities and others.

-          Being the victim of a scam can be devastating. That’s why I’m so glad Microsoft partnered with Global Anti-Scam Alliance to fight cybercrime. Learn more from C. Kelly Bissell.

-          Something that recently inspired me is the “Start with Why” Ted Talk from Simon Sinek which explains how great leaders and organizations inspire action by clearly communicating their purpose—starting with why they do what they do, before explaining how and what they do.  

-          A quote I love:

“Working hard for something we don’t care about is called stress; working hard for something we love is called passion. – Simon Sinek”