CIO.works

How 100 Enterprise CIOs Are Building and Buying Gen AI in 2025

TLDR Summary:
In 2025, enterprise AI spending exceeds expectations, becoming a permanent budget item driven by internal and customer-facing use cases. Enterprises increasingly utilize multiple AI models, with OpenAI, Google, and Anthropic leading the market. Procurement processes mirror traditional software buying, emphasizing cost and security. Enterprises are shifting from building to buying AI applications as the ecosystem matures, particularly in software development and customer support. However, concerns around outcome-based pricing persist. Overall, the landscape shows strategic deployment, diversified model use, and a shift towards AI-native applications.

https://a16z.com/ai-enterprise-2025/

Responsible AI and Cybersecurity: PwC

By CIO / Blog / cybersecurity, AI

TLDR:
AI's rapid adoption creates cyber risks but offers opportunities for cybersecurity teams to enhance security and agility through responsible practices. Organizations must integrate cyber teams in AI development, leverage AI for risk management, and establish governance models to mitigate emerging threats.

https://www.pwc.com/us/en/tech-effect/ai-analytics/responsible-ai-cybersecurity.html

EU – NIS2: Three Difficult Implementation Issues

By CIO / Blog / NIS2

NIS2 Directive aims to enhance EU cybersecurity but faces implementation challenges. Key issues include:
1. Scope – Expansive definitions make it unclear who is covered, especially for diverse organizations.
2. Implementing Regulation – Complex obligations may lead to non-compliance; partially flexible requirements exist.
3. Director Liability – Management boards could face personal liability variably across jurisdictions, complicating compliance.

Overall, the EU's legislative push seeks to address cyber threats, stressing that cybersecurity must be a priority amidst regulatory complexities.

https://www.linklaters.com/en/insights/blogs/digilinks/eu-nis2—-three-difficult-implementation-issues

CIO Wants to Clone Top Techies as Digital Twin and AI Agents

By CIO / Blog / workforce, AI

CIO Dr. Vince Kellen at UC San Diego plans to enhance tech staff productivity by creating digital twins and AI agents to automate repetitive tasks. He aims to address funding pressures and security challenges through automation, enabling his team to focus on complex threats. Kellen proposes digitizing expert knowledge to improve AI's network management and reduce IT professionals' after-hours work.

https://www.theregister.com/2025/06/12/cio_wants_to_grow_tech/

Support for AI Act Pause Grows but Parameters Still Unclear

By CIO / Blog / AI, regulation, EU

Support for delaying parts of the EU's AI Act is increasing, following a meeting of member states and the European Commission's tech leaders. They propose a “stop the clock” approach due to impending deadlines and unresolved guidelines. Member states differ on how long to postpone implementations, with calls for up to two years for some components. The AI industry endorses this delay, citing the need for additional time for compliance. However, any amendments would require legislative review, and predictions on outcomes are uncertain, highlighting divisions within the Commission.

https://iapp.org/news/a/support-for-ai-act-pause-grows-but-parameters-still-unclear

Article 48 GDPR – New EDPB Guidelines Clarify How to Handle Data Requests From Third Countries

By CIO / Blog / GDPR

EDPB's June 2025 guidelines clarify handling third-country data requests under Article 48 GDPR. Data transfer requires international agreements; without them, compliance risks arise. Companies must ensure valid legal grounds for processing and transferring data before responding to requests.

https://www.taylorwessing.com/en/insights-and-events/insights/2025/06/article-48-gdpr

8 Things CISOs Have Learned From Cyber Incidents

By CIO / Blog / cybersecurity

CISOs learn key lessons from cyber incidents:

Share Insights: Sharing experiences from breaches enhances industry resilience and fosters community support.
Shift Strategies: Incidents change CISOs' roles, requiring offensive strategies and adaptability.
Develop Playbooks: A tactical response plan with clear roles is crucial for managing incidents effectively.
Guard Backups: Ensure backup systems are secure and functional to prevent ransomware threats.
Enhance Security: Post-incident, focus on continuous improvement and higher security standards.
Stay Focused: Avoid distractions from flashy tools; prioritize core security practices.
Expect Budget Fluctuations: Funding can diminish post-incident, despite heightened interest in cybersecurity.
Prioritize Well-being: Mental health and stress management are vital for CISOs facing increased pressures.

https://www.csoonline.com/article/4002175/8-things-cisos-have-learnt-from-cyber-incidents.html

The Enterprise Is Not Ready for Vibe Coding — Yet

By CIO / Blog / software development, coding, AI

Vibe coding, using AI for software development, intrigues businesses but isn’t yet ready for widespread implementation due to security and scalability issues. Experts advocate for cautious adoption, recommending controlled experiments while acknowledging the need for engineers to upskill. By 2028, Gartner predicts that vibe coding will generate 40% of new software, but organizations must ensure rigorous standards to mitigate risks.

https://www.ciodive.com/news/vibe-coding-enterprise-CIO-strategy/750349/

How To Make Cybersecurity Part Of Your Company Culture

By CIO / Blog / cybersecurity

It seems there is no text provided for summarization. Please provide the text you want summarized.

https://www.forbes.com/councils/forbescommunicationscouncil/2025/06/02/how-to-make-cybersecurity-part-of-your-company-culture/

Cloud Security Posture Management (CSPM)

By CIO / C / cybersecurity

CSPM: automates security compliance, identifies misconfigurations, monitors cloud infrastructure, assesses risks, ensures policy enforcement, and improves overall cloud security.