Microsoft Purview | Insider Risk Management: Microsoft Copilot for Security Alert summary
Microsoft Purview Insider Risk Management will soon include Microsoft Copilot for Security to summarize alerts and expedite data security investigations. Public preview begins in April 2024, with general availability in May. Users need Copilot for Security licenses and specific permissions to use this feature.
Coming soon to public preview, Microsoft Copilot for Security is embedded in Microsoft Purview Insider Risk Management to summarize alerts and help accelerate data security investigations.
This message is associated with Microsoft 365 Roadmap ID 389147.
When this will happen:
Public Preview: We will begin rolling out early April 2024 and expect to complete by late April 2024.
General Availability: We will begin rolling out early May 2024 and expect to complete by late May 2024.
How this will affect your organization:
Copilot in Insider Risk Management summaries help investigators quickly gain context into key details, like user intent and timing of risky activities that may lead to a data security incident, enabling you to tailor your investigation with those specific dates in mind and quickly pinpoint key risks.
Example of an Alert summary:
What you need to do to prepare:
- You must have a Copilot for Security license configured for your tenant and proper permissions given to users who will leverage the alert summary feature. Permissions to access Copilot for Security:
- You can access the Insider Risk Management solution in the Microsoft Purview compliance portal.
- You have one of the Copilot for Security access permissions.
This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation as appropriate.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Message ID: MC767476