Microsoft Copilot (Microsoft 365): Replace stock video footage with AI-Generated Images in Microsoft 365 Copilot

🚨 The Signal: Microsoft 365 Copilot can now generate AI images for videos, replacing stock footage. This introduces new risks related to content provenance, data leakage via prompts, and the potential for generating inappropriate or misleading visuals within the enterprise.

The Impact

All Copilot users are affected, with a high security risk from potential misuse, data leakage, and generation of inappropriate content.

• End Users: Risk of generating and disseminating inappropriate or misleading content.
• Security Teams: Risk of data leakage through prompts and managing AI-generated content provenance.
• Compliance Teams: Risk of non-compliance with content policies and regulatory requirements.
• Organisations: Risk to brand reputation and legal exposure from AI-generated outputs.

The Action

1. Review and update Acceptable Use Policies to specifically address AI-generated content.
2. Implement data loss prevention (DLP) policies to monitor and restrict sensitive data in Copilot prompts.
3. Educate users on responsible AI use, prompt engineering best practices, and content verification.
4. Establish a review process for AI-generated content before external publication.
5. Monitor Copilot usage logs for unusual activity or policy violations related to image generation.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps