We’ve all been quietly ignoring the messy permissions and data sprawl hiding inside our SharePoint and OneDrive environments for years, but the era of AI is finally bringing those bad habits home to roost. Andy Syrewicze, Technical Evangelist for Hornetsecurity, warns that Microsoft Copilot is inadvertently surfacing sensitive documents—like salary spreadsheets—to users who never should have had access to them in the first place, turning the “SharePoint iceberg” into an immediate insider threat. To survive this collision between legacy oversharing and voracious AI agents, IT and business leaders must collaborate to enforce a strict zero-trust model of least privilege before threat actors use those same compromised accounts to do their own internal reconnaissance.