Secure-by-Design AI: Protecting MLOps in the Microsoft Cloud with Martin Dimovski [MVP-MCT]

In this episode of the m365.fm podcast, Mirko Peters sits down with Microsoft MVP, MCT, cloud security expert, and community leader Martin Dimovski to explore one of the most important topics in modern enterprise IT: securing AI workloads and MLOps environments inside the Microsoft Cloud. Together, they dive deep into secure-by-design architecture, AI security risks, DevSecOps, Prompt Injection attacks, identity protection, Microsoft Defender, GitHub Advanced Security, and the future of AI-driven cyber threats. Martin shares his personal journey from IT support engineer into cloud security and AI security architecture, explaining how years of experience in infrastructure, Azure, DevOps, and Microsoft technologies ultimately pushed him toward cybersecurity and AI governance. The discussion highlights why AI security is no longer optional and why organizations that move too fast without proper security foundations could face major problems in the coming years.WHY AI SECURITY MATTERS NOW MORE THAN EVER One of the strongest themes throughout this episode is the speed at which organizations are deploying AI systems without fully understanding the security implications behind them. Martin explains that many companies are currently:Deploying AI solutions rapidlyExperimenting with LLM integrationsBuilding AI agentsCreating cloud-native AI workloadsUsing open-source AI modelsIntegrating APIs into production environmentsBut at the same time, organizations often forget the security fundamentals that should protect these environments. The conversation explores how AI introduces completely new attack surfaces while simultaneously amplifying existing security problems.WHAT “SECURE-BY-DESIGN” REALLY MEANS A major focus of the episode is understanding the concept of secure-by-design architecture. Martin explains that security should never be added after development is complete. Instead, security conversations must begin at the very first design phase of any application or AI project. The discussion covers:Threat modelingArchitectural reviewsIdentity securityAuthentication planningSecure pipelinesInfrastructure protectionSecure APIsData governanceMartin shares why collaboration between developers, architects, DevOps engineers, and security teams is absolutely essential for building resilient AI systems. One of the key takeaways:Security teams should not become blockers for innovation — they should become partners in building secure systems.UNDERSTANDING MLOPS & DEVSECOPS For listeners newer to AI infrastructure topics, Martin breaks down the differences between:DevOpsDevSecOpsMLOpsSecure AI pipelinesThe episode explains how machine learning operations combine infrastructure, automation, data engineering, model deployment, and monitoring into one continuous operational process. Martin also highlights why traditional security approaches are no longer enough once organizations start integrating:Large Language ModelsAI agentsCloud AI servicesAI APIsAI orchestration pipelinesThe discussion shows how modern security must now cover not only infrastructure and applications, but also models, prompts, training data, inference pipelines, and AI-generated outputs.THE REAL DANGER OF PROMPT INJECTION One of the most fascinating parts of the episode is Martin’s explanation of Prompt Injection attacks. Using simple real-world analogies, Martin explains how attackers manipulate Large Language Models by overriding or bypassing original system instructions. The conversation explores:Direct Prompt InjectionIndirect Prompt InjectionAI manipulationLLM instruction abuseMalicious promptsUnsafe AI agentsContext hijackingData extraction risksMartin explains why prompt injection is becoming one of the most discussed attack vectors in AI security today and why organizations need to start thinking about AI trust boundaries immediately.THE HIDDEN RISK OF OPEN-SOURCE MODELSAnother major topic is the increasing use of publicly available AI models. Martin shares concerns around:Downloading unverified modelsCompromised Hugging Face repositoriesMalicious AI packagesUnsafe dependenciesSupply-chain attacksAPI key exposureSecret leakagePublic model poisoningThe discussion highlights how organizations may unknowingly introduce compromised models directly into production environments. This section serves as a major warning for companies rushing into AI adoption without proper governance and validation processes.WHY IDENTITY SECURITY IS EVERYTHING Identity and access management become another core theme throughout the episode. Martin strongly emphasizes the importance of:Microsoft Entra IDPrivileged Identity ManagementJust-In-Time accessLeast privilegeIdentity governanceAccess reviewsRole separationConditional AccessOne of the strongest lessons from the conversation is that attackers often do not need to break systems — they simply abuse existing permissions and weak access configurations. Martin explains why organizations should avoid giving permanent privileged access and instead embrace short-lived administrative permissions wherever possible.MICROSOFT DEFENDER & AI SECURITY The episode also dives deeply into the Microsoft security ecosystem and how Microsoft Defender is evolving to protect AI workloads. Martin discusses:Microsoft Defender for CloudDefender XDRAI workload monitoringReal-time scanningAzure AI Foundry protectionThreat visibilitySecurity telemetryCloud-native protectionAccording to Martin, Microsoft Defender is becoming one of the most powerful unified security platforms for organizations heavily invested in Microsoft technologies. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.