#230 - How To Make Your AI Less Chatty (with Sounil Yu)

In this episode of CISO Tradecraft, host G Mark Hardy and guest Sounil Yu delve into the dual-edged sword of implementing Microsoft 365 Copilot in enterprises. While this productivity tool has transformative potential, it introduces significant oversharing risks that can be mitigated with the right strategies. Discover how Sounil and his team at Knostic have been tackling these challenges for over a year, presenting innovative solutions to ensure both productivity and security. They discuss the importance of 'need to know' principles and knowledge segmentation, providing insight into how organizations can harness the power of Microsoft 365 Copilot safely and effectively. Tune in to learn how to avoid becoming the 'department of no' and start being the 'department of know.'

Transcripts https://docs.google.com/document/d/1CT9HXdDmKojuXzWTbNYUE4Kgp_D64GyB

Knostic's Website - https://www.knostic.ai/solution-brief-request 

Chapters

• 00:00 Introduction to Microsoft Copilot Risks
• 00:32 Meet the Guest: Sounil Yu
• 02:51 Understanding Microsoft 365 Copilot
• 06:09 The DIKW Pyramid and Knowledge Management
• 08:34 Challenges of Data Permissions and Oversharing
• 19:01 Need to Know: A New Approach to Access Control
• 35:10 Measuring and Mitigating Risks with Copilot
• 39:46 Conclusion and Next Steps