CIO – Page 4 – CIO.works

Coherence: Where Leadership and AI Success Intersect

BNY's CIO Leigh-Ann Russell emphasizes “coherence” as a vital leadership discipline in successfully integrating AI within complex, fast-paced organizations, connecting strategy to execution and balancing innovation with control to avoid chaos. Under her leadership, BNY has rapidly advanced AI adoption, deploying over 220 AI solutions and 140 digital employees through a centralized platform, while fostering talent and clarity to embed AI at the core of operations sustainably and ethically.

https://www.cio.com/article/4166851/coherence-where-leadership-and-ai-success-intersect.html

Navigating Compliance and Insurance as a Competitive Edge

By CIO / Blog / regulation, compliance, strategy

In 2026, compliance with regulations like GDPR and NIS2, alongside stringent cyber insurance requirements, has become a key driver for cybersecurity investments, shifting security from a cost center to a strategic business asset. Partners who deliver solutions aligned with these frameworks, supported by platforms like Symantec CBX for continuous compliance monitoring, help organizations reduce risk, lower insurance premiums, and gain a competitive edge through digital trust and operational resilience.

https://www.security.com/blog-post/resilient-channel-series-part-5

AI Is Spreading Decision-Making, but Not Accountability

By CIO / Blog / legal, leadership, AI, risk management

As AI systems become widely adopted in enterprises, decision-making responsibilities are distributed across various teams, but legal accountability tends to concentrate on the organizations deploying these systems and their executive leadership, particularly CIOs. While AI governance frameworks involve multiple functions like legal, risk, IT, and business, courts generally hold humans—especially those integrating AI into real-world decisions—responsible when failures occur, underscoring that AI spreads decision-making but does not absolve accountability.

https://www.cio.com/article/4160986/ai-is-spreading-decision-making-but-not-accountability.html

When Everyone Has AI and the Company Still Learns Nothing

By CIO / Blog / critique, AI, strategy

Robert Glaser discusses the complex “messy middle” phase of AI adoption in organizations, where widespread AI use does not necessarily translate into organizational learning or improved capabilities. He emphasizes the need for companies to develop systems—like Loop Intelligence Hubs—that track and harness AI-driven learning from real work loops to enhance decision-making, distribute useful agent capabilities, and avoid treating AI use as mere token consumption, highlighting that operational control and learning velocity will become key competitive advantages.

https://www.robert-glaser.de/when-everyone-has-ai-and-the-company-still-learns-nothing/

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

By CIO / Blog / security controls

A significant backdoor in enterprise security involves persistent OAuth tokens granted to third-party apps, which do not expire, reset, or receive automatic monitoring, allowing attackers to bypass traditional defenses like MFA once compromised. Research shows 80% of security leaders recognize the risk, yet many do not actively monitor these tokens, exemplified by the Drift-Salesloft attack where stolen OAuth tokens were exploited to access data across hundreds of organizations. Effective security demands continuous behavioral monitoring of apps, blast radius assessment, and intelligent responses to mitigate risks posed by legitimate apps whose credentials have been weaponized after installation.

https://thehackernews.com/2026/05/the-back-door-attackers-know-about-and.html

As AI Complicates Project Tracking, Will CIOs Need New Controls?

By CIO / Blog / AI, strategy

AI projects are transforming traditional workflows into distributed, iterative processes that lack clear visibility and accountability, challenging CIOs to find new ways to govern and track them effectively. As AI adoption spreads across business functions with minimal built-in controls, IT leaders must balance fostering innovation with implementing governance to ensure responsible deployment, oversight, and ongoing evaluation, shifting their role from project delivery to stewardship of AI as a core, accountable part of enterprise operations.

https://www.informationweek.com/machine-learning-ai/as-ai-makes-projects-harder-to-track-will-cios-need-new-controls-

When the CEO Leads the AI Initiative

By CIO / Blog / AI, leadership

The article emphasizes that successful AI adoption in enterprises requires active leadership from the CEO, who champions the initiative internally and externally, while delegating execution to senior executives like the CIO. The CIO plays a critical role in developing realistic AI strategies, balancing enthusiasm with practicality, and maintaining strong communication with the CEO to ensure AI efforts align with business goals and avoid overhyped expectations.

https://www.cio.com/article/4166686/when-the-ceo-leads-the-ai-initiative.html

Your Data Left the Building. Did Anyone Notice?

By CIO / Blog / AI

The article discusses the critical issue of data sovereignty in enterprise AI adoption, highlighting that many organizations cannot clearly track where their data goes when processed by large language models (LLMs), leading to risks around data control and compliance. It emphasizes the growing importance of deliberate data governance as AI moves from experimentation to production, urging CIOs to gain visibility on AI tool usage, understand jurisdictional impacts, and make strategic decisions balancing cost, control, and capability to confidently manage AI data in regulated environments.

https://www.cio.com/article/4166636/your-data-left-the-building-did-anyone-notice.html

Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust

By CIO / Blog / threats

The article highlights a major shift in cybersecurity threats, noting that attackers increasingly exploit trusted native tools and administrative utilities within organizations rather than relying on traditional malware. This “Living off the Land” approach allows attackers to blend in with normal operations, making detection difficult and expanding the attack surface beyond what many organizations realize. Bitdefender offers a free Internal Attack Surface Assessment to help businesses identify and reduce such internal risks before they can be exploited.

https://thehackernews.com/expert-insights/2026/05/your-biggest-security-risk-isnt-malware.html

GDPR Fines Hit $1.4B as Customer Support Becomes Compliance Risk

By CIO / Blog / data protection, GDPR, compliance, EU, regulation, customer service

In 2025, GDPR fines reached $1.4 billion in Europe and $2.8 billion globally, highlighting significant risks in customer support operations due to data handling by outsourced teams. Experts emphasize that compliance depends on strict data access controls, comprehensive audit trails, thorough agent training, and ongoing monitoring to prevent breaches and ensure accountability throughout support workflows.

https://news.designrush.com/gdpr-compliance-customer-support-risks-explained

Author name: CIO