FROM 50 TO 1,300 USERS: BPM’S M365 COPILOT JOURNEY

BPM successfully scaled Microsoft 365 Copilot from a 50-user pilot to a firmwide deployment reaching 1,300 employees by partnering with Valorem Reply to develop scalable training, executive sponsorship, and governance frameworks. This approach enabled rapid adoption—currently at 78%—while ensuring security, compliance, and sustainable AI innovation through structured agent management and data hygiene practices. The initiative has transformed workflows across BPM, improving efficiency and supporting ongoing AI-driven business value.

https://www.reply.com/valorem-reply/en/resources/work/2025/mw/from-50-to-1300-users-bpm-m365-copilot-journey

5 Ways for CIOs to Avoid AI Bill Shock

CIOs face new FinOps challenges as AI spending shifts to a usage-driven, non-linear model tied to business workflows rather than user seats. To control costs, they should forecast AI expenses by workflow, model failure scenarios realistically, embed cost controls architecturally, route tasks to appropriately sized models, and tie AI consumption directly to business value through comprehensive governance and prioritization processes. These practices help prevent unexpected AI bill shock by aligning spending with measurable operational improvements and value creation.

https://www.cio.com/article/4190605/5-ways-for-cios-to-avoid-ai-bill-shock.html

Microsoft Entra ID Gets Passkeys Default Authentication Starting September

Microsoft will make passkeys the default authentication method for its Entra ID enterprise identity service starting September 2026, automatically enabling passkeys for users currently relying on phone-based SMS and voice authentication, which Microsoft plans to retire by February 2027. Organizations are advised to transition to phishing-resistant methods before the retirement deadline to avoid sign-in disruptions, as Microsoft aims to reduce reliance on phishable authentication and improve account security against increasing credential theft and phishing attacks.

https://www.bleepingcomputer.com/news/microsoft/microsoft-entra-id-gets-passkeys-default-authentication-starting-september/

7 Skills and Traits of Elite Security Engineers

Elite security engineers excel by combining deep technical skills with a broad systems mindset and adaptability to evolving threats, especially AI-driven ones. They proficiently use AI tools for predictive threat detection, understand emerging AI-related risks, integrate security with business goals, manage third-party and non-human risks, and continuously update their knowledge to stay ahead in a rapidly changing cybersecurity landscape. Their ability to communicate risks across technical and business teams makes them vital for effective enterprise security strategy and operations.

https://www.csoonline.com/article/4196428/7-skills-and-traits-of-elite-security-engineers.html

Your Service Vendors Are Being Rebuilt Around AI

Venture-backed firms are acquiring traditional service vendors and replatforming them around AI agents, shifting contracts to outcome-based pricing that transfers risk to buyers unless effectively governed. This development raises governance and continuity risks due to complex vendor structures and immature AI reliability, necessitating rigorous contract terms on definitions, auditability, accountability, and exit clauses to maintain control and ensure true value. CIOs should pilot AI-driven workflows with clear baselines and metrics they own to secure leverage and avoid paying for vendors' ambiguous performance claims.

https://www.cio.com/article/4196348/your-service-vendors-are-being-rebuilt-around-ai.html

CIOs Must Rethink Operating Models to Unlock AI at Scale

CIOs must address foundational challenges—such as data quality, operating models, governance, skills, and culture—to scale AI effectively, as these organizational readiness gaps hinder AI adoption despite advanced technologies. Successful enterprises integrate AI governance within operating models, secure executive sponsorship aligned with business outcomes, and foster close collaboration between IT and business teams to redefine processes and manage risks. The shift from AI proof of concept to production requires tailored operating models that support scaling, embed governance, and balance innovation with compliance.

https://www.cio.com/article/4195246/cios-must-rethink-operating-models-to-unlock-ai-at-scale.html

Resilience Through Cybersecurity Managed Services

The article discusses how organizations can enhance their resilience by leveraging cybersecurity managed services to address evolving cyber threats. It highlights the importance of partnering with specialized providers to ensure continuous monitoring, rapid incident response, and expert support, enabling businesses to maintain secure and stable operations. This approach helps enterprises improve their cybersecurity posture while optimizing resources and focusing on strategic priorities.

https://www.ey.com/en_fi/insights/managed-services/resilience-through-cybersecurity-managed-services

You Outsourced the AI—but You Still Own the Risk

As enterprises increasingly deploy AI systems developed by third parties, they remain legally and operationally responsible for the risks these systems pose, including discrimination, data mishandling, and customer harm. Despite limited visibility into the models’ training or updates, companies face scrutiny from regulators and courts when adverse outcomes occur, underscoring the need for robust AI risk management and governance even when AI is outsourced.

https://hbr.org/2026/07/you-outsourced-the-ai-but-you-still-own-the-risk

The New AI Trust Architecture: 5 Requirements for Agent-to-Agent Communication

Salesforce AI Research identifies a critical need for a new trust architecture to enable effective, reliable communication and negotiation between autonomous AI agents representing competing organizations. The framework requires five key elements: interpretable standards beyond fixed rules, persistent identity and reputation linked to principals, governance through boundaries rather than exhaustive scripting, structured accountability traceable to humans, and calibrated escalation to balance automation with liability. These principles aim to establish governance, legal, and ethical guardrails before AI agents handle consequential enterprise transactions at scale.

https://www.salesforce.com/blog/new-ai-trust-architecture/

The Business Case for Burning Down Security Debt: A Practical Approach for CISOs

Security debt, defined as long-unresolved vulnerabilities, is growing as organizations discover issues faster than they can remediate them, increasing business risk. CISOs should treat security debt like financial debt by measuring and managing it at the executive level, prioritizing fixes based on exploitability and business impact, focusing on critical applications, and expanding remediation capacity through investment and automation. Aligning security efforts with business risk and establishing clear metrics helps secure executive support and improve risk management outcomes.

https://www.csoonline.com/article/4195135/the-business-case-for-burning-down-security-debt-a-practical-approach-for-cisos.html

Scroll to Top