Gartner analyst Dennis Xu outlined the top 5 security risks of Microsoft 365 Copilot at the firm's Security & Risk Management Summit in Sydney. The risks include: over-shared documents becoming more accessible via Copilot, remote code execution through malicious prompts, unauthorized access to sensitive data via third-party SaaS integrations, prompt injection attacks, and toxic or culturally unacceptable AI output. Mitigations include enabling Microsoft's content filters, restricting Copilot's access to email and third-party apps, monitoring user access, and training users to always validate AI output. Xu half-jokingly suggested banning Copilot on Friday afternoons, when fatigued workers are least likely to review the tool's output carefully.
Sort: