Welcome to the AI Agent & Copilot Podcast, analyzing the latest AI Copilot and agent developments from Microsoft and its partners, delving into customer use cases, and exploring how AI plus the Cloud helps customers reimagine their business. In this episode, Tom Smith speaks with Krista Arndt, Associate CISO at St. Luke’s University Health Network.
Highlights
Overview of Security Challenges (02:42)
The biggest challenge in a health network the size of St. Luke’s is the complexity of operations and the need to keep up with the speed of business, Arndt explains. The network has expanded significantly, including acquisitions, and now operates 15 campuses with about 25,000 employees, anticipating growth by another couple of thousand employees within the next six months. The network also includes 300 more facilities under the practice groups, making it challenging to ensure all campuses receive the necessary security attention.
Software Stack and Key Cybersecurity Applications (04:49)
The network’s software stack includes firewalls, Microsoft Defender, and Microsoft Sentinel for event monitoring and response. Vulnerability management tools are critical, and while not yet a Microsoft shop for vulnerability management, St. Luke’s is helping Microsoft develop this capability.
AI Agent & Copilot Summit is an AI-first event to define opportunities, impact, and outcomes with Microsoft Copilot and agents. Building on its 2025 success, the 2026 event takes place March 17-19 in San Diego. Get more details.
Copilot Role in Addressing Security Challenges (08:40)
Microsoft Copilot gathers telemetry and identifies threat levels, helping to respond more quickly to phishing campaigns and other security incidents. Copilot automates playbooks and remedial actions, reducing the time needed to respond to security incidents. The tool helps in decision-making by presenting metrics and telemetry, allowing for quicker and more informed decisions.
Copilot Benefits: Cybersecurity Strategy and Talent Management (11:35)
Copilot helps in training new cybersecurity professionals by providing recommendations and explanations for its actions. The tool allows the network to hire less experienced professionals and mentor them effectively, as it frees up analysts’ time. The network has a strong internship program, and Copilot helps in providing on-the-job training and recommendations for response methods.
Additional Use Cases (14:21)
The network is exploring how Copilot can help healthcare providers make quicker and more accurate decisions in clinical settings. Copilot helps in coding accuracy, ensuring accurate funding and investment in innovation. The network also uses Copilot for dictation, capturing critical elements of incident responses.
Exploring Microsoft Security Agents (17:32)
New Microsoft security agents, including the conditional access control agent and the threat intelligence agent, are discussed. The conditional access control agent helps in onboarding new employees more securely and quickly, minimizing role sprawl and permissions. The threat intelligence agent looks for external threats and has a compliance component, providing continuous audit capabilities. The network is interested in developing these agents further for insider threat detection and risk scoring of employees.
Commitment to Microsoft Copilot and Future Development (21:02)
Arndt mentions that the network does not currently develop its own agents but prefers to partner with Microsoft for better expertise and product development. The network has dedicated AI resources internally but values the partnership with Microsoft for expanding their capabilities.
Ask Cloud Wars AI Agent about this analysis
