Is Microsoft Copilot Worth the Investment?

Forrester releases the Total Economic Impact™ of Copilot for Microsoft 365
Megan Garza
3 min read
Last updated April 18, 2024
Hourglass with Copilot for Microsoft 365 logo

Organizations looking to improve efficiency and performance are turning to Copilot for Microsoft 365, one of the most powerful productivity tools on the planet.

The solution integrates with Microsoft 365 apps and uses gen AI to help you create, edit, share, and collaborate on documents faster and easier. But at $30 per user per month, is Copilot worth the investment? 

Forrester Research released a new study, New Technology: The Projected Total Economic Impact™ Of Microsoft Copilot For Microsoft 365, which quantified the potential return on investment (ROI) of using Copilot. 

The market research firm based its insights on interviews and surveys of decision-makers actively using or evaluating Copilot for Microsoft 365. 

Here’s what the study found: 

The benefits of Copilot 

According to Forrester, Copilot for Microsoft 365 offers significant benefits to individual users and entire organizations, including: 

  • Onboarding efficiency. The study found a reduction in onboarding times by up to 30%, leading to improved employee satisfaction and operational speed. 
  • A strong ROI. Projected at 112% to 457%, this return on investment demonstrates the tool’s substantial financial impact with a projected net present value of $19.1M to $77.4M. 
  • Increased productivity. Using Copilot’s relevant content, templates, and suggestions, users can create documents faster and with less effort.
  • Operational savings. The report found up to a 0.7% reduction in total expenditures, reflecting increased efficiency and productivity. 
  • Revenue increase. Copilot has the potential for up to 4% revenue growth through improved market strategies and customer engagement. 

The security challenges of Copilot 

Copilot relies on a user's existing Microsoft 365 permissions to determine what data a person can access. The challenge is that managing permissions in collaborative, unstructured data platforms like M365 can be overwhelming.

Varonis complements Microsoft 365's built-in data security features and provides customers with other options for managing and optimizing an organization's data security model, preventing data exposure by ensuring only the right people can access sensitive data at all times. 

Varonis also monitors Copilot data access in real time, detects abnormal Copilot interactions, and automatically limits sensitive data accessible by both humans and AI agents so that you can trust your rollout is secure. 

The different types of Copilot 

When determining whether Microsoft Copilot is a good fit for your organization, you’ll want first to decide the type of Copilot that best fits your needs.

Copilot for Microsoft 365 

Microsoft’s bread-and-butter Copilot option integrates with popular M365 apps such as Word, Excel, PowerPoint, Outlook, Teams, and more to instantly search and compile data from across your documents, presentations, email, calendar, notes, and contacts. 

  • Cost: $30 per user per month 
  • Commitment: Annual commitment 
  • Requirements: You must have a product license for Microsoft 365 Business Standard, Business Premium, E3, E5, or Office 365 E3 or E5. 

GitHub Copilot 

In addition to Copilot for Microsoft 365, developers looking to streamline coding may want to consider Github Copilot, which offers a 55% faster coding time, using AI to suggest code for you based on your context and intent. It can also help you create new functions, write tests, and fix bugs. 

  • Cost: Up to $39 per user per month (free option available) 
  • Commitment: Monthly or annual commitment 
  • Requirements: Github Copilot requires Visual Studio 2022 17.5.5 or newer. For Visual Studio 2022 version 17.4.4 to 17.5.4, use extension version 

Microsoft Security Copilot 

Microsoft Security Copilot, on the other hand, is a gen AI solution created to empower SOC analysts and security and IT teams to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. Users can ask Copilot for Security questions in natural language and receive actionable responses to common security and IT tasks in seconds.

  • Cost: $4 per hour of usage   
  • Commitment: Consumption-based model  
  • Requirements: The only prerequisite for Copilot for Security is an Azure account.

Microsoft Copilot for Azure 

If your org is looking to simplify operations and management from cloud to edge with an AI assistant, Microsoft Copilot for Azure (available in preview mode) allows you to configure the right services for your applications and environment while aligning with organizational policies.

  • Cost: During the preview phase, Copilot for Azure is offered at no additional cost to customers. 
  • Commitment: TBD   
  • Requirements: Azure account holders can apply for access to Copilot for Azure. 

Microsoft Copilot Studio 

If your org requires more in-depth personalization, Microsoft Copilot Studio might be your best bet. This option allows you to customize Microsoft Copilot for Microsoft 365 or build your own Copilot experiences. 

  • Cost: $200 per tenant per month for up to 25,000 messages per month 
  • Commitment: Monthly commitment
  • Requirements: Included in Copilot for Microsoft 365: Enterprise subscription. You can also obtain a standalone Copilot Studio subscription from the Microsoft 365 admin center.  

Is Copilot worth it? 

Forrester interviewed eight representatives with early experience using Copilot for Microsoft 365 and 351 decision-makers from companies considering implementing gen AI solutions like Copilot, representing a comprehensive analysis of the solution’s potential economic impact on organizations. 

After the initial investment in Copilot, interviewees and survey respondents said their organizations used internal data, people, materials, and processes to achieve business transformation across go-to-market, operations, people, and culture.

The report states, “These transformations increased revenues, lowered internal and external operating costs, and improved employee experience and company culture.” 

With the high cost of Microsoft Copilot, the inconsistent quality of outputs, and the security challenges Copilot poses, is it worth investing in the AI tool?

Yes, we think so. Microsoft Copilot for Microsoft 365 can be a productivity game-changer for your organization, and CIOs who refuse to start exploring safe ways to deploy AI will not be popular amongst boards and CEOs when these tools start truly living up to their hype. Our advice is to start now with controlled pilot programs so you don’t get caught flat-footed. 

And with Varonis for Microsoft 365, you’ll gain a real-time view of risk and can automatically enforce least privilege, protecting your org before, during, and after a Copilot deployment. 

Varonis provides complimentary Copilot Readiness Assessments for organizations. Request your free Copilot Readiness Assessment

Want to learn more? Read the full TEI report here.

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:


Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.


See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.


Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

Kerberos Attack: How to Stop Golden Tickets?
The Golden Ticket Attack, discovered by security researcher Benjamin Delpy, gives an attacker total and complete access to your entire domain. It’s a Golden Ticket (just like in Willy Wonka)...
Top 8 Minds in Online Privacy
1. Alessandro Acquisti @ssnstudy Acquisti is a professor of computer science at Carnegie-Mellon University, and is also a researcher at Cylab, a data security research center at CMU. He’s best...
I Click Therefore I Exist: Disturbing Research On Phishing
Homo sapiens click on links in clunky, non-personalized phish mails. They just do. We’ve seen research suggesting a small percentage are simply wired to click during their online interactions. Until...
Azure Skeleton Key: Exploiting Pass-Through Auth to Steal Credentials
EDIT: Security researcher Adam Chester had previously written about Azure AD Connect for Red Teamers, talking about hooking the authentication function. Check out his awesome write-up here. Should an attacker...