MC1191257 – New Microsoft Purview data security posture management experience

Product:

Copilot, Fabric, Purview, Purview Communication Compliance, Purview compliance portal, SharePoint

Platform:

Online, Web, World tenant

Status:

In development

Change type:

New feature, Admin impact

Links:

532728

Details:

Summary:
Microsoft is launching a new Purview Data Security Posture Management (DSPM) experience by early 2026, enhancing AI observability, posture reporting, and automation with Security Copilot. It integrates third-party data signals, extends risk assessments, and maintains existing policies without requiring admin action.

Details:
[Introduction]
Microsoft is introducing a major evolution of Purview Data Security Posture Management (DSPM) to help organizations strengthen data security and confidently embrace AI. The new DSPM experience unifies visibility and control across traditional data and AI-driven environments, delivering outcome-based guided workflows that turn insights into actionable steps-so teams can prioritize risks and remediate faster. It brings AI observability, enhanced posture reporting, and intelligent Security Copilot agents to automate tasks like triage and policy management.
Purview now also extends coverage beyond Microsoft data with third-party signals from partners like BigID, Cyera, OneTrust, and Varonis, giving security teams a single, streamlined view of sensitive data across clouds and platforms. Additionally, Data Risk Assessments are extended to Fabric and item-level analysis with new remediation actions like bulk disabling of overshared SharePoint links.
This message is associated with Microsoft 365 Roadmap ID 532728.
When this will happen:
Public Preview (Worldwide): Rollout begins early December 2025 and completes by early April 2026.
General Availability (Worldwide): Rollout begins early April 2026 and completes by early May 2026.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
General Availability, Preview

Created:
2025-12-02

updated:
2025-12-02

Public Preview Start Date

XXXXXXX ... free basic plan only

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

linked item details

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Increased Complexity in Data Management
The introduction of new features and third-party integrations may complicate existing data management processes, leading to potential confusion and mismanagement of sensitive data.
   - roles: Data Administrators, Compliance Officers
   - references: https://learn.microsoft.com/purview/data-security-posture-management" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/data-security-posture-management, https://learn.microsoft.com/purview/dspm-for-ai?tabs=m365 " target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/dspm-for-ai?tabs=m365

User Experience Disruption
Users may experience disruptions in their workflows due to the introduction of new features and changes in data visibility and control, potentially leading to decreased productivity.
   - roles: End Users, Data Analysts
   - references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=532728, https://learn.microsoft.com/purview/data-security-posture-management" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/data-security-posture-management

Risk of Data Misconfiguration
With new automation features, there is a risk that misconfigurations could occur if users are not adequately trained on the new system, leading to potential data exposure.
   - roles: IT Security Managers, Data Governance Officers
   - references: https://learn.microsoft.com/purview/dspm-for-ai?tabs=m365, https://learn.microsoft.com/purview/data-security-posture-management" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/data-security-posture-management

Compliance Challenges
The integration of third-party data signals may introduce compliance challenges if not properly managed, potentially leading to violations of data protection regulations.
   - roles: Compliance Officers, Legal Advisors
   - references: https://learn.microsoft.com/purview/data-security-posture-management" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/data-security-posture-management, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=532728 " target="_blank" rel="nofollow noopener noreferrer">https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=532728

Training and Adoption Issues
The new features may require additional training for users, and without proper preparation, there could be a lag in adoption, affecting overall data security posture.
   - roles: Training Coordinators, IT Support Staff
   - references: https://learn.microsoft.com/purview/dspm-for-ai?tabs=m365, https://learn.microsoft.com/purview/data-security-posture-management" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/data-security-posture-management

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Enhanced Risk Assessment Automation
The new DSPM experience introduces intelligent Security Copilot agents that automate triage and policy management, significantly reducing the manual workload for IT admins. This can lead to faster risk assessment processes and improved response times to potential data security threats.
   - next-steps: Conduct a workshop with IT admins to explore how to leverage Security Copilot for risk assessment automation. Develop a pilot program to test the automation features before full deployment.
   - roles: IT Administrators, Security Teams, Compliance Officers
   - references: https://learn.microsoft.com/purview/data-security-posture-management" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/data-security-posture-management, https://learn.microsoft.com/purview/dspm-for-ai?tabs=m365 " target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/dspm-for-ai?tabs=m365

Streamlined Compliance Reporting
With enhanced posture reporting capabilities, the new DSPM allows for better visibility into compliance statuses across multiple platforms, including third-party integrations. This can improve the efficiency of compliance reporting and audits.
   - next-steps: Create a compliance reporting framework utilizing the new DSPM reporting features. Schedule regular training sessions for compliance officers to familiarize them with the new tools.
   - roles: Compliance Officers, IT Administrators, Data Governance Teams
   - references: https://learn.microsoft.com/purview/data-security-posture-management" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/data-security-posture-management, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=532728

Consolidated Data Security Management
The integration of third-party data signals into the DSPM offers a unified view of sensitive data across various platforms, allowing security teams to manage data security posture more effectively and reduce the risk of data breaches.
   - next-steps: Evaluate current data management practices and identify gaps that can be addressed with the new DSPM features. Plan for an integration strategy for third-party data signals into existing workflows.
   - roles: Security Teams, Data Analysts, IT Administrators
   - references: https://learn.microsoft.com/purview/dspm-for-ai?tabs=m365, https://learn.microsoft.com/purview/data-security-posture-management" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/purview/data-security-posture-management

Potentional Risks**

XXXXXXX ... paid membership only

Data Protection**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

Hypothetical Work Council Statement**

XXXXXXX ... paid membership only

DPIA Draft**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only