Microsoft Copilot (Microsoft 365): Add topic(s) through Copilot to your existing presentation

🚨 The Signal: Copilot in Microsoft 365 can now add new topics and slides to existing presentations, maintaining consistent formatting. This increases the potential for sensitive data exposure if not properly governed.

The Impact

All users leveraging Copilot for presentations are affected, increasing the risk of inadvertent sensitive information disclosure.

• End users face increased risk of accidentally including sensitive data in AI-generated content.
• Security teams must monitor for new data exfiltration vectors via Copilot-generated content.
• Data owners need to be aware of expanded content generation capabilities and associated risks.

The Action

1. Review and reinforce existing Microsoft Purview Data Loss Prevention (DLP) policies for PowerPoint content.
2. Educate users on responsible AI use, emphasizing data sensitivity when using Copilot for content generation.
3. Monitor Microsoft 365 audit logs for unusual Copilot activity related to presentation content creation.
4. Assess and update sensitivity labels for presentation files to ensure proper data classification.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps