Cybersecurity Prompts — Free AI Prompts for M365 Copilot

Create a cybersecurity risk register for [ORGANISATION/PROJECT]. Include columns: (1) Risk ID, (2) Risk description, (3) Category (technical, human, process), (4) Likelihood (1-5), (5) Impact (1-5), (6) Risk score, (7) Current controls, (8) Residual risk, (9) Treatment plan, (10) Owner, (11) Review date. Pre-populate with the top 10 common risks for [INDUSTRY].

Draft breach notification communications for a [BREACH TYPE — data leak / unauthorized access / ransomware] affecting [NUMBER] records. Create: (1) Internal notification to leadership (immediate), (2) Employee communication (within 24 hours), (3) Customer notification (compliant with [REGULATION — GDPR / Privacy Act / state law]), (4) Media statement (if needed). Each communication should be factual, empathetic, and include next steps.

Draft an incident response plan for [INCIDENT TYPE — ransomware / data breach / phishing compromise / account takeover]. Include: (1) Detection indicators, (2) Immediate containment steps, (3) Eradication procedures, (4) Recovery timeline, (5) Communication plan (internal and external), (6) Post-incident review process, (7) Roles and responsibilities matrix.

Create a communication plan for rolling out MFA to [NUMBER] users over [TIMEFRAME]. Include: (1) Executive announcement email, (2) Step-by-step setup guide for users, (3) FAQ addressing common concerns, (4) Support escalation path, (5) Timeline with pilot group and full rollout dates, (6) Follow-up email for non-compliant users. Tone: supportive, not threatening.

Create phishing awareness training content for [AUDIENCE — all staff / IT team / executives]. Include: (1) What phishing is and why it matters (with stats), (2) 5 real-world phishing examples with red flags highlighted, (3) How to identify suspicious emails (checklist), (4) What to do if you click a link, (5) Quiz questions to test understanding. Tone: engaging, not condescending.

Create a [NUMBER — 10 / 15 / 20]-question security awareness quiz for [AUDIENCE — all employees / IT staff / managers]. Mix: (1) Multiple choice, (2) True/false, (3) Scenario-based questions. Cover: phishing, password hygiene, social engineering, data handling, physical security, and reporting procedures. Include answer key with explanations.

Design a security metrics dashboard. Include: Secure Score trend, incident count, vulnerability remediation, phishing results, compliance status, top risks, investment ROI.

Create security onboarding content. Cover: policies summary, password and MFA setup, spotting phishing, data classification, acceptable use, reporting incidents, quiz.

Draft an information security policy for [POLICY AREA — acceptable use / remote work / BYOD / data classification / password / incident reporting]. Include: (1) Purpose and scope, (2) Policy statements with clear rules, (3) User responsibilities, (4) Monitoring and enforcement, (5) Exceptions process, (6) Compliance requirements referenced. Write for a non-technical audience.

Design a tabletop exercise for [SCENARIO]. Include: narrative with escalating phases, inject cards, discussion questions, roles to test, evaluation criteria, facilitation guide, post-exercise report template. Duration: [HOURS].

Create a threat assessment for [ORGANISATION TYPE — SMB / enterprise / government]. Cover: (1) Top 5 threats for our industry in [YEAR], (2) Likelihood and impact rating for each, (3) Current controls we likely have, (4) Gaps and recommended mitigations, (5) Priority actions ranked by risk reduction per effort. Present as an executive summary with a risk matrix.

Create a user access review template for [SYSTEM/APPLICATION]. Include: (1) All user accounts with their roles and permissions, (2) Last login date, (3) Business justification for access, (4) Manager approval column, (5) Actions needed (keep, reduce, remove), (6) Compliance evidence trail. Flag accounts with: no login in 90 days, excessive permissions, or no manager assigned.

Summarise this vulnerability scan report for [AUDIENCE — CISO / IT leadership / board]. Include: (1) Total vulnerabilities by severity (critical, high, medium, low), (2) Top 5 critical findings with business impact, (3) Trend vs previous scan, (4) Remediation priority list with effort estimates, (5) Overall security posture rating. Remove technical jargon — focus on risk and business impact.