Microsoft’s New AI Risk Assessment Framework – A Step Forward
None
<p> </p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUhWRi_X4xgp9R2Cu-2qWA0DcJp6b6gps601s9z9r_VIur3OAz8w6PNy_q9cQYTrf18r6_7RejA6VPHT-8hbN2Xlkn1WsdFVF6SMHbge46-S1W6J4-6dKKKucBkvbnRXPHfhTmdNb01rkAHyA6GYKA1ih2SlSrJdRbY7aHEYxSkezIEph-QqOYJxqCQJrZ/s707/Microsoft%20AI%20Security%20Risk%20Assessment.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img fetchpriority="high" decoding="async" border="0" data-original-height="613" data-original-width="707" height="277" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUhWRi_X4xgp9R2Cu-2qWA0DcJp6b6gps601s9z9r_VIur3OAz8w6PNy_q9cQYTrf18r6_7RejA6VPHT-8hbN2Xlkn1WsdFVF6SMHbge46-S1W6J4-6dKKKucBkvbnRXPHfhTmdNb01rkAHyA6GYKA1ih2SlSrJdRbY7aHEYxSkezIEph-QqOYJxqCQJrZ/s320/Microsoft%20AI%20Security%20Risk%20Assessment.png" width="320"></a></div><p class="graf graf--p" name="315f">Microsoft recently introduced a new framework designed to assess the security of AI models. It’s always encouraging to see developers weaving cybersecurity considerations into the design and deployment of emerging, disruptive technologies. Stronger security reduces the potential for harmful outcomes — and that’s a win for everyone.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwxXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p class="graf graf--p" name="594c">It is wonderful to see that Microsoft leveraged its expertise to publish a clear framework for anyone to use.</p><p class="graf graf--p" name="81d7">While this framework provides a reasonable foundation for securing Large Language Model (LLM) AI deployments, it falls short when applied to more advanced AI systems — especially those with agentic capabilities. This limitation in applicability highlights a persistent problem in cybersecurity: tools and practices are often outdated or under-scaled, even before the industry has a chance to implement them.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="138c114459a2cf8560b1b27f-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="138c114459a2cf8560b1b27f-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p class="graf graf--p" name="0ea1">AI is evolving at a breathtaking pace, and security adaptation consistently lags several steps behind. The release of this framework is a valuable step forward, but it’s critical to recognize that it’s just a step on a very long journey. The ongoing challenge is not to declare “mission accomplished,” but to treat security as a continuously adaptive process — always be looking to embrace the next best practices.</p><p class="graf graf--p" name="0087">Risk governance for AI requires ongoing investment, flexibility, and willingness to evolve. Even then, the best we may achieve is keeping pace with evolving risks, maintaining as few steps behind as possible.</p><p class="graf graf--p" name="5afc">Paper Download: <a class="markup--anchor markup--p-anchor" data-href="https://github.com/Azure/AI-Security-Risk-Assessment/blob/main/AI_Risk_Assessment_v4.1.4.pdf" href="https://github.com/Azure/AI-Security-Risk-Assessment/blob/main/AI_Risk_Assessment_v4.1.4.pdf" rel="noopener">https://github.com/Azure/AI-Security-Risk-Assessment/blob/main/AI_Risk_Assessment_v4.1.4.pdf</a></p><p class="graf graf--p" name="5afc"></p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/08/microsofts-new-ai-risk-assessment-framework-a-step-forward/" data-a2a-title="Microsoft’s New AI Risk Assessment Framework – A Step Forward"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fmicrosofts-new-ai-risk-assessment-framework-a-step-forward%2F&linkname=Microsoft%E2%80%99s%20New%20AI%20Risk%20Assessment%20Framework%20%E2%80%93%20A%20Step%20Forward" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fmicrosofts-new-ai-risk-assessment-framework-a-step-forward%2F&linkname=Microsoft%E2%80%99s%20New%20AI%20Risk%20Assessment%20Framework%20%E2%80%93%20A%20Step%20Forward" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fmicrosofts-new-ai-risk-assessment-framework-a-step-forward%2F&linkname=Microsoft%E2%80%99s%20New%20AI%20Risk%20Assessment%20Framework%20%E2%80%93%20A%20Step%20Forward" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fmicrosofts-new-ai-risk-assessment-framework-a-step-forward%2F&linkname=Microsoft%E2%80%99s%20New%20AI%20Risk%20Assessment%20Framework%20%E2%80%93%20A%20Step%20Forward" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fmicrosofts-new-ai-risk-assessment-framework-a-step-forward%2F&linkname=Microsoft%E2%80%99s%20New%20AI%20Risk%20Assessment%20Framework%20%E2%80%93%20A%20Step%20Forward" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://infosecstrategy.blogspot.com/">Information Security Strategy</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Matthew Rosenquist">Matthew Rosenquist</a>. Read the original post at: <a href="https://infosecstrategy.blogspot.com/2025/08/microsofts-new-ai-risk-assessment.html">https://infosecstrategy.blogspot.com/2025/08/microsofts-new-ai-risk-assessment.html</a> </p>