CIO.works

Risk Management Systems Should Be Constantly Evolving, FDA Official Says

By CIO / Blog / risk management, regulation

FDA official Keisha Thomas emphasized at the RAPS Quality Conference that medical device risk management systems must be dynamic and continuously evolving to address firm-specific risks across all quality management system (QMS) areas. The FDA's new risk-based inspection program under the Quality Management System Regulation (QMSR) focuses on comprehensive compliance rather than conformity, highlighting common citations related to insufficient integration of risk management into decision-making and a decoupling of corrective and preventive actions. The agency also indicated that firms participating in the Medical Device Single Audit Program (MDSAP) may still face FDA inspections if risk signals warrant additional oversight.

https://www.raps.org/resource/risk-management-systems-should-be-constantly-evolving-fda-official-says.html

Gartner Security Summit 2026: Huntress 5 Key Takeaways

By CIO / Blog / strategy, risk management, AI, cybersecurity, compliance, trends

At the Gartner Security & Risk Management Summit 2026, the key insight emphasized was that effective security is an ongoing journey focused on resilience, honest risk assessment, and rapid recovery rather than chasing every emerging trend or technology. Organizations succeeding in the evolving threat landscape prioritize building a strong foundation in identity management, control effectiveness, and operational reality to enhance their ability to withstand and respond to incidents. This pragmatic approach highlights that security is a continuous process centered on adaptability and resilience in the face of challenges, especially with the rise of AI-driven threats.

https://www.huntress.com/blog/key-takeaways-gartner-security-risk-summit

Why Culture Matters More Than You Think When Complex Tech Goes Wrong

By CIO / Blog / culture, technology, security controls

Megan Owen argues that organizational culture plays a critical role in the success or failure of complex technology projects, emphasizing that hierarchies suppressing open communication often lead to unreported problems and compounded failures. Drawing parallels with aviation and healthcare, she advocates for environments that encourage candid dialogue, psychological safety, and reflective learning through checklists and mentorship to identify latent errors and address them proactively. Technology leaders must foster trust, listen carefully to early warnings, and balance assertive decision-making with collaborative problem-solving to prevent and mitigate costly project failures.

https://www.computerweekly.com/opinion/Why-culture-matters-more-than-you-think-when-complex-tech-goes-wrong

AI Innovation Surges as Security Fundamentals Lag, Kroll Research Finds

By CIO / Blog / AI, cybersecurity, security controls

Kroll’s global research highlights a significant gap between rapid AI adoption and the maturity of security fundamentals, revealing that 76% of organizations experienced AI-related security incidents in the past two years. Despite AI’s integration into enterprise operations, many firms lack foundational security practices and governance frameworks, leading to substantial financial losses and insufficient investment in AI security measures. The study underscores that higher cyber maturity correlates with fewer AI security incidents, emphasizing the need for robust security foundations to enable sustainable AI innovation.

https://channeleye.media/ai-innovation-surges-as-security-fundamentals-lag-kroll-research-finds/

CIOs: Tear Down the Wall Between Resilience and Data Security

By CIO / Blog / strategy, data protection, AI, compliance, risk management

AI is exposing the longstanding separation between organizational resilience—focused on system uptime—and data security—focused on protecting information—as no longer sustainable. CIOs are urged to integrate these functions by inventorying and governing unstructured data, automating compliance controls to keep pace with AI-driven threats, and establishing clear audit trails for AI agent actions to meet regulatory demands. This unified approach is essential for enabling enterprise innovation while maintaining trusted data and system recoverability in the evolving AI risk landscape.

https://www.cio.com/article/4179381/cios-tear-down-the-wall-between-resilience-and-data-security.html

How AI Reframes the CIO’s Role and Priorities

By CIO / Blog / CIO, AI, strategy

The article discusses how artificial intelligence (AI) is transforming the role and priorities of Chief Information Officers (CIOs) by shifting their focus from traditional IT management to broader enterprise-wide innovation and value creation. CIOs are now expected to leverage AI to enhance data-driven decision-making, optimize business processes, and drive digital transformation while addressing risks related to ethics, security, and compliance. This evolution requires CIOs to balance technological capabilities with governance and strategic leadership to maximize AI’s benefits across the organization.

https://www.ey.com/en_us/insights/ai/how-ai-reframes-the-cios-role-and-priorities

How to Put a Clear AI Strategy Into Focus

By CIO / Blog / strategy, AI

IT leaders must establish a clear AI vision and strategy to align AI initiatives with business goals, prioritize investments, and manage risks effectively. Despite widespread AI investment plans, few organizations have documented AI strategies, which risks misallocation of resources and regulatory liabilities. A phased approach focusing on productivity, competitive differentiation, and disruptive innovation, led by CIOs as change agents, is essential for leveraging AI as a strategic force multiplier across the enterprise.

https://www.cio.com/article/4181722/how-to-put-a-clear-ai-strategy-into-focus.html

AI Won’t Replace Leaders — But It Will Expose Weak Ones. Here’s How.

By CIO / Blog / AI, technology, leadership

AI is transforming leadership by exposing weaknesses rather than replacing leaders outright. Successful companies will navigate this shift by leveraging AI to enhance decision-making and organizational agility, highlighting the need for leaders to adapt and strengthen their capabilities in managing AI-driven change.

https://www.entrepreneur.com/business-news/ai-wont-replace-leaders-but-it-will-expose-weak-ones-heres-how

CIOs Weather Role Change as AI Investments Come Into Focus

By CIO / Blog / strategy, AI, CIO, finance

CIOs are experiencing evolving responsibilities with a renewed focus on aligning IT strategy closely to business objectives, surpassing cybersecurity management as their top priority, according to Experis’s 2026 CIO Outlook report. While many CIOs see positive ROI from AI investments, challenges persist around balancing innovation with demonstrating clear business value, managing talent shortages, and ensuring AI initiatives are purpose-driven rather than exploratory. Successful tech leaders in this transition are those treating technology as a core business leadership function that integrates thoughtfully with organizational priorities and workforce enablement.

https://www.ciodive.com/news/CIO-role-change-AI-investments-ROI/822949/

The 11 Hardest IT Roles to Fill in 2026 — and What’s Changed

By CIO / Blog / technology, workforce, recruiting, trends, AI

The 2026 State of the CIO survey identifies AI/machine learning and cybersecurity as the hardest IT roles to fill, highlighting a shift toward hybrid roles that combine deep technical skills with business understanding. Demand has evolved from prompt engineering to operationalizing AI at scale and governing its risks, while risk management and business/IT automation have surged due to AI's expanding footprint. Organizations increasingly favor upskilling existing employees over external hiring to address these complex, rapidly changing skill requirements amid a challenging talent market.

https://www.cio.com/article/4184685/the-11-hardest-it-roles-to-fill-in-2026-and-whats-changed.html