CIO – Page 150 – CIO.works

EU’s Ai Dilemma: Balancing Regulation, Competitiveness, and Global Pressures –

EU aims to balance AI regulation with global competitiveness amid pressures from the U.S. and China. The EU's regulatory-first approach prioritizes ethical values but risks economic growth. Recent initiatives, such as the AI Act and substantial investments in AI, aim to enhance competitiveness while facing challenges like resource dependency and complex legislation. The EU must simplify regulations without compromising human rights to become a leader in ethical AI, attract investment, and sustain its geopolitical influence. However, achieving consensus among member states and securing funding remains critical for successful implementation.

https://iari.site/2025/03/07/eus-ai-dilemma-balancing-regulation-competitiveness-and-global-pressures/

CJEU Clarifies GDPR Rights on Automated Decision-Making and Trade Secrets

By CIO / Blog / GDPR

CJEU clarifies GDPR rights regarding automated decision-making and trade secrets. On February 27, 2025, the court ruled that data controllers must give clear, accessible information about automated decisions impacting individuals, without sacrificing trade secrets. It emphasized the balance between data subject rights and commercial interests and stated national laws cannot broadly exclude access to data based on trade secrets. Companies must ensure transparency while still protecting proprietary information, aligning with the explainability requirements in the AI Act.

https://www.insideprivacy.com/gdpr/cjeu-clarifies-gdpr-rights-on-automated-decision-making-and-trade-secrets/

Measured Approach’ or Light-handed GPDR? Noyb Reports Only 1.3 Percent of EU Cases Result in Fine

By CIO / Blog / GDPR

1.3% of EU GDPR cases result in fines, contrary to initial fears of severe penalties for noncompliance. Noyb's report indicates low enforcement, allowing large companies to neglect access requests without consequences. Countries like Spain and France are strict enforcers, while others like the UK favor guidance over penalties.

https://www.complianceweek.com/regulatory-enforcement/measured-approach-or-light-handed-gpdr-noyb-reports-only-13-percent-of-eu-cases-result-in-fine/35860.article

How AI Tools Are Reshaping the Coding Workforce

By CIO / Blog / coding, AI

AI tools are transforming the coding workforce by automating code development, resulting in greater efficiency but also altering hiring practices. Companies are using generative AI tools like GitHub Copilot to enable leaner development teams, shifting the focus from repetitive tasks to complex problem-solving and AI tool utilization. As hiring becomes more selective, there's a growing demand for candidates with critical thinking and communication skills rather than just coding ability. Despite potential job displacement, top talent remains essential. The coding tools are still in early stages, with a significant gap between current capabilities and future potential.

https://www.wsj.com/articles/how-ai-tools-are-reshaping-the-coding-workforce-6ad24c86

60% of Cybersecurity Pros Looking to Change Employers

By CIO / Blog / workforce

Over 60% of cybersecurity professionals are considering changing jobs due to mediocre job satisfaction, with key issues being career progression dissatisfaction, not salary. Senior professionals particularly feel undervalued. The demand for remote or hybrid work and career development opportunities are major factors for job satisfaction, with professionals wanting engaging projects and investment in their growth.

https://www.csoonline.com/article/3839266/60-of-cybersecurity-pros-looking-to-change-employers.html

ENISA’s NIS360 Report Guides NIS2 Directive Implementation, Maps Sectoral Maturity, Flags Cybersecurity Challenges

By CIO / Blog / cybersecurity, NIS2

ENISA's NIS360 report aids NIS2 Directive implementation, assessing cybersecurity maturity across sectors and highlighting challenges. It offers detailed analysis, identifies sector strengths and weaknesses, and recommends improvements to enhance resilience. The report underscores the importance of collaboration, tailored guidance, and cross-border alignment while pointing out risks in six sectors. Key sectors like electricity, telecoms, and banking display higher maturity levels, while others like public administration and health need significant improvements. Recommendations focus on upskilling, targeted guidelines, and sector-specific incident response planning. Future efforts will continue to refine strategies for improved cybersecurity compliance.

https://industrialcyber.co/reports/enisas-nis360-report-guides-nis2-directive-implementation-maps-sectoral-maturity-flags-cybersecurity-challenges/

Cyberattacks Targeting IT Vendors Intensify, Causing Bigger Losses

By CIO / Blog / supply chains, cybersecurity

Cyberattacks on IT vendors are escalating, resulting in significant financial losses, according to a Resilience report. In 2024, 23% of cyber insurance claims involved third-party breaches, causing operational disruptions and high costs, exemplified by UnitedHealth's $3.1 billion ransomware attack. Ransomware is still the leading cause of cyber claims, but attackers are shifting focus to larger targets for bigger payouts.

https://www.ciodive.com/news/vendor-driven-cyberattacks-losses/741686/

How Thales Enables PCI-DSS Compliance With a Tokenization Solution on AWS

By CIO / Blog / data protection, PCI DSS

Thales offers a tokenization solution on AWS to help organizations achieve PCI-DSS compliance by replacing sensitive payment data with secure tokens. This reduces sensitive data exposure, streamlines compliance efforts, and enhances security within cloud environments. The Thales CipherTrust Data Security Platform manages key operations while providing flexibility in tokenization methods, whether centralized or decentralized, ensuring robust data protection while maintaining operational efficiency. The platform integrates seamlessly with AWS services, enabling businesses in various sectors to meet regulatory requirements and protect sensitive information.

https://aws.amazon.com/blogs/apn/how-thales-enables-pci-dss-compliance-with-a-tokenization-solution-on-aws/

AI Literacy: a New Mandate Under the EU AI Act

By CIO / Blog / EU, AI, regulation

EU AI Act mandates AI literacy in organizations, requiring tailored training for technical teams, non-technical staff, and leaders. Effective programs should ensure compliance but also promote security culture and address AI risks. Comprehensive training enhances resilience and prepares the workforce for an AI-driven future.

https://blog.knowbe4.com/ai-literacy-a-new-mandate-under-the-eu-ai-act-what-your-organization-needs-to-know

European Commission Provides Guidance on AI Literacy Requirement Under the EU AI Act

By CIO / Blog / AI, EU, regulation

EU Commission provides AI literacy guidance under AI Act; companies must ensure staff training on AI. Literacy obligations started February 2, 2025, national enforcement begins August 2025. AI literacy defined as understanding AI's risks/benefits. Companies should customize training, record efforts, but formal certifications aren't mandatory. FAQ guidance document anticipated.

https://www.insideglobaltech.com/2025/03/06/european-commission-provides-guidance-on-ai-literacy-requirement-under-the-eu-ai-act/

Author name: CIO