CIO – Page 112 – CIO.works

Cybersecurity and AI : Towards a New Human-centered Approach

AI adoption is reshaping business and increasing risks, requiring a shift in cybersecurity to focus on human factors. Traditional security methods are insufficient as threats exploit human cognitive weaknesses. New scenarios include deepfake impersonation and misinformation. Addressing these risks involves enhancing cognitive awareness, establishing verification protocols, regulating AI use, mapping cognitive risks, and preparing response teams. A cultural shift in organizations is essential for proactive AI risk management, integrating technology with human capabilities for comprehensive cybersecurity.

https://www.rsm.global/france/en/insights/yuksel-aydin-cybersecurity-ai-human-centered-approach

Goldman Sachs CIO: Prepare AI Natives to Shape Future of Work—as Only They Can

By CIO / Blog / AI

Goldman Sachs CIO Marco Argenti emphasizes the need to prepare “AI natives” who, familiar with AI tools, will lead the evolution of work alongside AI. As agentic AI enables independent, decision-making agents, the next workforce generation, raised with this technology, is essential for collaboration. While junior roles may adjust, these AI natives will be pivotal due to their adaptability and understanding of AI’s capabilities. The challenge involves training this new talent in managing AI while ensuring experienced supervision remains crucial for quality control in a rapidly changing landscape dominated by AI. The transition demands not just technological, but cultural and managerial adjustments as organizations restructure roles and workflows around AI integration.

https://fortune.com/2025/07/03/goldman-sachs-cio-ai-natives-future-of-work/

How IT Leaders Can Rise to a CIO or Other C-level Position

By CIO / Blog / CIO

IT leaders can advance to C-level roles by cultivating business acumen, expanding networks, and enhancing visibility within their organizations. To become CIOs, they should think like business leaders, engage with other departments, and lead cross-functional projects. Building relationships for mentorship and sponsorship is crucial, as is going beyond technical skills to develop strategic leadership capabilities. Continuous learning and adapting are essential for success in higher executive roles.

https://www.informationweek.com/it-leadership/how-it-leaders-can-rise-to-a-cio-or-other-c-level-position

Briefing

By CIO / Blog / regulation, EU, AI

TLDR: The EU Artificial Intelligence (AI) Act 2024 establishes a regulatory framework for AI, promoting human-centric use while ensuring safety and ethical standards. It categorizes AI risks into four levels and restricts harmful applications. The Act mandates compliance from August 2026, with interim obligations starting February 2025, emphasizing AI literacy among HR professionals to mitigate risks. The legislation aims to foster trust and encourage responsible AI adoption, while requiring significant efforts in education and guidance for effective implementation.

https://www.cipd.org/ie/views-and-insights/thought-leadership/insight/implications-eu-ai-act/

How 100 Enterprise CIOs Are Building and Buying Gen AI in 2025

By CIO / Blog / AI

TLDR Summary:
In 2025, enterprise AI spending exceeds expectations, becoming a permanent budget item driven by internal and customer-facing use cases. Enterprises increasingly utilize multiple AI models, with OpenAI, Google, and Anthropic leading the market. Procurement processes mirror traditional software buying, emphasizing cost and security. Enterprises are shifting from building to buying AI applications as the ecosystem matures, particularly in software development and customer support. However, concerns around outcome-based pricing persist. Overall, the landscape shows strategic deployment, diversified model use, and a shift towards AI-native applications.

https://a16z.com/ai-enterprise-2025/

A CISO’s AI Playbook

By CIO / Blog / cybersecurity

CISO AI Playbook: In a tough security budget climate, improving analyst productivity is crucial. Adopt a strategic framework focusing on throughput over headcount, leveraging AI to handle alerts efficiently. Key steps include calculating alert investigation costs, addressing analyst attention constraints, improving throughput via AI tools, ensuring transparency for trust, valuing time savings, and aligning security outcomes with business goals. AI aids in reducing investigation times and refocuses analysts on high-value tasks while balancing costs and risk mitigation for sustainable operations.

https://www.darkreading.com/vulnerabilities-threats/ciso-ai-playbook

10 Tough Cybersecurity Questions Every CISO Must Answer

By CIO / Blog / cybersecurity

CISOs face various complex challenges in cybersecurity, requiring regular reflection and strategy. Key questions include whether they enable or hinder business, how to balance security and risk, which metrics to report to the board, and understanding their organization's definition of cybersecurity. Furthermore, effective communication of risks, fostering a team environment for dissent, addressing customer security needs, mapping data locations, and adapting staff strategies with AI insights are vital. Lastly, anticipating emerging threats and ensuring the security infrastructure is fit for future demands are crucial for proactive risk management.

https://www.csoonline.com/article/4009212/10-tough-cybersecurity-questions-every-ciso-must-answer.html

CISO’s Guide to Implementing a Cybersecurity Maturity Model

By CIO / Blog / cybersecurity

CISO guide: Implement cybersecurity maturity models to effectively navigate evolving threats and compliance. These frameworks assess current capabilities, identify gaps, establish benchmarks, and prioritize investments for improvement, leading to enhanced security, better ROI, risk management, continuous progress, and compliance. Major models include NIST CSF, CMMC 2.0, CIS Controls, and C2M2. Steps for implementation: select a framework, conduct self-assessment, identify gaps and prioritize actions, and monitor improvements continuously.

https://www.techtarget.com/searchsecurity/tip/CISOs-guide-to-implementing-a-cybersecurity-maturity-model

EU AI Act Unpacked #25: European Commission Releases Critical AI Act Implementation Guidelines (Part 3)

By CIO / Blog / regulation, EU, AI

European Commission released guidelines on prohibited AI practices under the EU AI Act on February 4, 2024. These non-binding guidelines clarify interpretations and enforcement of Article 5's prohibitions, impacting developers and deployers of AI systems. Key prohibitions include:

Predictive policing: AI cannot predict criminal behavior based on profiling or personality traits.
Untargeted facial image scraping: Prohibits collecting facial data from the internet without targeting specific individuals.
Emotion recognition in workplaces/education: Bans AI systems recognizing emotions in these contexts to prevent discrimination.

Exceptions exist for certain practices, but companies must ensure compliance to navigate the regulatory landscape.

https://www.lexology.com/library/detail.aspx?g=ef05513f-5e88-4614-86b4-659468de7f05

Responsible AI and Cybersecurity: PwC

By CIO / Blog / AI, cybersecurity

TLDR:
AI's rapid adoption creates cyber risks but offers opportunities for cybersecurity teams to enhance security and agility through responsible practices. Organizations must integrate cyber teams in AI development, leverage AI for risk management, and establish governance models to mitigate emerging threats.

https://www.pwc.com/us/en/tech-effect/ai-analytics/responsible-ai-cybersecurity.html

Author name: CIO