BOTHELL, WA – May 14, 2025 – Cascade Environmental (Cascade), the leading field services contractor for drilling and remediation in the United States, has successfully safeguarded sensitive cybersecurity maturity model certification (CMMC)-regulated data and prepared for the responsible deployment of Microsoft 365 Copilot. By partnering with Opsin Security (Opsin), Cascade addressed potential data leaks, implemented robust permission controls, and ensured compliance with CMMC requirements.
With a third of Cascade’s revenue dependent on safeguarding CMMC-regulated data, the company chose to validate its readiness for Microsoft 365 Copilot before introducing the AI-powered tool. Cascade worked with Opsin to simulate Copilot behavior across SharePoint, Teams, and OneDrive, and discovered that over 70% of Copilot-style queries returned sensitive information, including content regulated under CMMC. Years of organic SharePoint growth and inconsistent permissions had created an invisible attack surface, one that could be easily uncovered through natural language prompts.
“Opsin’s tools helped us prove that this wasn’t a theoretical risk,” said John Michael Gross, CIO and CISO of Cascade. “Our users could be seeing sensitive results without realizing the implications.”
Cascade’s initiative not only allowed them to identify this structural exposure and secure critical data but also empowered them to confidently scale Copilot usage across the organization, fostering a culture of responsible innovation and secure AI adoption.
As Cascade continues its phased rollout of Microsoft 365 Copilot, the groundwork laid by Opsin gives them the freedom to explore large language model (LLM) use cases without compromising security or compliance. Cascade is now focused on defining clear, enforceable AI usage policies and continuously monitoring Copilot activity through Opsin’s continuous monitoring model, ensuring access, behavior, and data visibility align with business needs and regulatory obligations.
About Opsin Security
Opsin Security helps organizations deploy GenAI securely by eliminating the risks of oversharing and data exposure. It detects oversharing, prioritizes remediation, and continuously monitors GenAI usage to enforce AI policies and prevent sensitive data leaks. With Opsin, IT and security teams can confidently scale GenAI while accelerating innovation and staying compliant. Learn more at www.opsinsecurity.com