As Microsoft Copilot becomes part of everyday work, most conversations focus on productivity.
We wanted to explore something different.
What happens when a trusted employee decides to misuse it?
To answer that question, I partnered with Bob Miller with IRGame to run a live tabletop exercise that simulated a real insider threat. The scenario followed a departing employee who used Microsoft 365 Copilot to rapidly locate and aggregate sensitive business information before leaving for a competitor.
The exercise was not designed to show how Copilot is insecure.
It was designed to demonstrate how AI changes the speed, scale, and impact of existing permission problems.
The biggest takeaway?
Copilot never broke the rules. It simply used the access the employee already had.
The Real Business Risk
One of the biggest misconceptions surrounding Copilot security is that organizations worry about AI “hacking” their environment.
That is not the problem.
The real risk is giving AI access to years of overshared information.
During the simulation, the employee never bypassed MFA.
They never elevated privileges.
They never exploited a vulnerability.
Instead, they simply asked Copilot questions that connected information across SharePoint, Teams, OneDrive, and Exchange using permissions they already possessed.
This dramatically reduced the time required to locate valuable information.
What once might have taken hours of manual searching could now happen in minutes.
That is what changes the insider threat landscape.
Key Findings From the Simulation
Lesson 1: Copilot Wasn’t the Problem. Permissions Were.
What happened
Throughout the simulation, Copilot never exceeded the employee’s permissions. Every document it surfaced was already accessible to the user. Copilot simply made years of accumulated data searchable through natural language instead of manual browsing.
Why it mattered
The real issue was not AI. It was excessive access that had existed long before AI arrived.
Copilot became a force multiplier for permissions that should have been reviewed years ago.
Questions to ask
- What sensitive information can employees already access today?
- Are SharePoint permissions aligned to job responsibilities?
- Could someone outside Finance locate financial forecasts?
Lesson 2: Technology Was Only Half the Problem
What happened
The simulation began as a technical investigation.
Within minutes it became a business discussion.
IT wanted to disable the account.
HR revealed the employee had resigned.
Legal wanted to preserve evidence.
Leadership wanted to call customers.
Compliance started documenting regulatory obligations.
Suddenly, no one was talking about Microsoft anymore.
They were debating business risk.
Why it mattered
Most organizations spend years building technical controls.
Very few spend time deciding how executives will make decisions during an insider threat.
Technology identifies the incident.
People determine the outcome.
Questions to ask
- Who owns the incident?
- Who has authority to disable an employee’s access?
- Who approves external communications?
- Who coordinates HR, Legal, IT, and executive leadership?
- Does everyone know their role before an incident occurs?
Lesson 3: Every Hour Changed the Business Risk
What happened
As new information emerged, the severity of the incident changed dramatically.
Initially, it appeared to be unusual file access.
Then HR disclosed the employee had resigned.
Later, the organization learned the employee was joining a direct competitor.
What started as a technical investigation quickly became a potential intellectual property and client trust issue.
Why it mattered
Insider threats evolve.
Business context often matters more than technical indicators.
Questions to ask
- What business events should automatically increase monitoring?
- Should resignations trigger additional access reviews?
- What changes when an employee joins a competitor?
- How quickly can IT be informed of high-risk departures?
Lesson 4: Escalation Decisions Cannot Be Made in the Moment
What happened
Several of the hardest questions during the simulation had nothing to do with technology.
The team debated when to involve Legal, when to notify leadership, whether customers should be contacted, and whether cyber insurance should be notified.
None of those decisions had predefined criteria.
Why it mattered
Every minute spent debating responsibilities is another minute an incident continues without coordinated response.
Organizations should determine escalation paths before an incident occurs.
Executive Readiness Questions
Legal
- When should Legal be engaged?
- Who determines regulatory reporting obligations?
- Who decides if evidence collection needs to begin?
HR
- When should HR notify Security about resignations?
- What additional monitoring occurs during a competitive departure?
- Who approves immediate account suspension?
Executive Leadership
- Who decides whether clients need to be notified?
- Who owns public communications?
- Who balances business continuity with incident containment?
Cyber Insurance
- Does the policy require immediate notification?
- Who is authorized to contact the carrier?
- What evidence should be preserved before notification?
Lesson 5: You Cannot Investigate What You Didn’t Prepare to Capture
What happened
The investigation quickly shifted from “what happened” to “can we prove what happened?”
Questions included:
- What prompts were entered into Copilot?
- Which documents were referenced?
- What information was summarized?
- Was client data copied?
- Was intellectual property exposed?
The answers depended entirely on what telemetry had been enabled before the incident.
Why it mattered
Organizations often think about logging after deploying AI.
It needs to be part of the deployment strategy from day one.
Questions to ask
- Can we reconstruct Copilot activity?
- Do we know which files were accessed?
- Can we distinguish between viewed and downloaded content?
- How long is audit data retained?
Lesson 6: The Incident Response Plan Needs an AI Chapter
What happened
The existing incident response process assumed malware, phishing, ransomware, or account compromise.
None of those occurred.
This was a trusted employee using approved software with legitimate credentials.
The playbook did not fit the scenario.
Why it mattered
AI-assisted insider threats introduce different questions than traditional cyber attacks.
Organizations should update their incident response plans to include AI-specific scenarios.
Questions to ask
- Does our incident response plan address insider threats involving AI?
- Have we conducted an AI-focused tabletop exercise?
- Does Legal understand Copilot’s role in an investigation?
- Does HR know when to involve Security?
- Does executive leadership understand how AI changes data exposure?
What Organizations Should Do Next
Rather than turning Copilot off, focus on strengthening the environment around it.
Start by:
- Reviewing SharePoint permissions
- Reducing oversharing
- Requiring managed devices
- Implementing sensitivity labels
- Monitoring unusual file activity
- Creating an insider threat response plan
- Running tabletop exercises before an incident occurs
Copilot is a force multiplier.
Whether it multiplies productivity or risk depends on the environment it inherits.
