Author name: CIO

How Evolving Regulations Are Redefining CISO Responsibility

By / Blog / , ,

CISOs face growing personal and criminal liability as cyberattacks targeting vulnerabilities in IoT and OT devices increase. Global regulations now require stricter cyber risk management, transparency, and compliance, with 20% of breaches in 2025 linked to device vulnerabilities. CISOs are expected to provide accurate asset inventories, honest reporting, prompt breach disclosure, and the management of third-party risks. Organizations are updating policies, boosting legal support, and enhancing security oversight to adapt.

https://www.csoonline.com/article/4079450/how-evolving-regulations-are-redefining-ciso-responsibility.html

70% of CISOs Say Internal Conflicts More Damaging Than Cyberattacks

By / Blog /

70% of CISOs find internal conflicts more detrimental than cyberattacks during crises. Tensions and unclear roles hinder incident responses, exacerbated by perceived operational slowdowns caused by security measures. To improve relations, CISOs should highlight security's value to revenue and align their strategies with business goals.

https://www.csoonline.com/article/4079876/70-of-cisos-say-internal-conflicts-more-damaging-than-cyberattacks.html

5 Tips for a Healthier Cybersecurity Program

By / Blog / ,

5 tips for stronger cybersecurity:

  1. Implement MFA: Protect all services with multi-factor authentication.
  2. Patch Software: Regularly update software to prevent vulnerabilities.
  3. Test Backups: Ensure effective recovery processes against ransomware.
  4. Train Employees: Conduct phishing simulations and security awareness training.
  5. Assess AI Usage: Create policies for AI use to avoid data leaks.

Invest in resilience to enhance security posture.

https://www.security.com/feature-stories/5-tips-healthier-cybersecurity-program

Another EUDR Backflip: How Did We Get Here?

By / Blog /

EUDR timeline shows delays and shifts in enforcement dates for the EU's anti-deforestation law, initially set for December 2024 but now postponed to December 2025 for large firms and December 2026 for small operators. Proposed changes include a new ‘negligible risk' category to ease compliance, and revisions to reduce the administrative burden by around 30%. Recent modifications backtracked on earlier proposals, maintaining the original deadline for larger businesses while extending the timeline for smaller ones. The industry should prepare for imminent enforcement despite ongoing regulatory changes.

https://www.foodnavigator.com/Article/2025/10/28/eudr-timeline-delays-u-turns-and-backflips/

How State CIOs Are Using GenAI

By / Blog / ,

82% of state CIOs report employees use generative AI daily, up from 53% in 2024. Most adopt a low-risk strategy: pilot projects (90%), proofs of concept (86%), and employee training (71%). Only 25% have dedicated AI funding. AI aids workplace efficiency and service delivery, with usage for internal tasks and some exploration of public-facing services. CIOs support federal AI regulations while opposing restrictive moratoriums.

https://www.smartcitiesdive.com/news/ai-state-cio-government-adoption/803978/

European Commission Publishes Draft Guidance on Reporting Serious AI Incidents

By / Blog / , ,

EU Commission released draft guidance on reporting serious AI incidents under Article 73 of the EU AI Act, requiring high-risk AI system providers to notify authorities of serious incidents. Comments accepted until Nov 7, 2025; final guidance expected to apply from Aug 2, 2026. Key points include broad definitions of “serious incidents,” tight reporting timelines, and potential penalties for non-compliance. Companies must establish clear reporting processes to meet obligations and align with other regulatory requirements.

https://www.lw.com/en/insights/european-commission-publishes-draft-guidance-reporting-serious-ai-incidents

The 10 Biggest Issues CISOs and Cyber Teams Face Today

By / Blog / ,

Important topics for cybersecurity leaders include securing AI infrastructure, rising AI-enabled threats, budget constraints, and preparing employees against sophisticated scams. They face challenges with an expanding threat landscape, limited budgets, prioritizing tasks, risk management, and the emergence of quantum computing threats.

https://www.csoonline.com/article/4077442/the-10-biggest-issues-cisos-and-cyber-teams-face-today-2.html

Can Cybersecurity Withstand the New AI Era?

By / Blog / ,

The pace of technological change, especially in AI and quantum computing, is overwhelming existing cybersecurity measures and further exposing organizations to a shortage of skilled professionals. Small and medium enterprises, and those in underdeveloped regions, are especially vulnerable, lacking the resources for advanced protection. Plug-and-play, automated, and quantum-ready solutions are critical so that robust cybersecurity is no longer exclusive to well-funded enterprises. By democratizing access to smart security tools, organizations can better withstand accelerated cyber threats, maintaining business continuity and competitiveness. Proactive, accessible security must become a necessity rather than a luxury as risks accelerate at machine speed.

https://www.weforum.org/stories/2025/10/can-cybersecurity-withstand-new-ai-era/

Microsoft Sued for Allegedly Forcing M365 Users to Pay for AI

By / Blog / ,

Microsoft is being sued in Australia for allegedly misleading users of its Microsoft 365 subscriptions into paying for its AI assistant, Copilot, by not disclosing a cheaper, non-AI “Classic” plan. The ACCC claims Microsoft hid this option, leading to price increases for many users. The lawsuit seeks penalties and consumer redress for what is characterized as misleading conduct, including claims that accepting AI features or facing a price increase were mandatory.

https://cyberinsider.com/microsoft-sued-for-allegedly-forcing-m365-users-to-pay-for-ai/

Scroll to Top