Author name: CIO

Microsoft Teams Can Record Office Presence From December

By / Blog / , ,

Microsoft Teams will record workplace presence starting December 2025 by detecting connections to office Wi-Fi, aiming to aid hybrid work setups. The feature automatically sets user status based on their location, raising potential data privacy concerns and necessitating employee consent and management activation for use. Critics warn it could undermine trust in remote work practices, emphasizing the need for legal compliance under GDPR and labor laws.

https://www.heise.de/en/news/Microsoft-Teams-can-record-office-presence-from-December-10899943.html

Around 70 Countries Sign New UN Cybercrime Convention—but Not Everyone’s on Board

By / Blog / ,

Around 70 countries signed a UN Cybercrime Convention aiming to combat cybercrime through global cooperation. The treaty requires 40 states to ratify it to become law, yet the US is not among signatories, citing ongoing review. There are concerns about privacy erosion, expanded surveillance powers, and potential misuse by authoritarian governments. Critics argue the treaty's vague provisions could hamper legitimate cybersecurity efforts and lack adequate protections for human rights and due process.

https://www.malwarebytes.com/blog/news/2025/10/around-70-countries-sign-new-un-cybercrime-convention-but-not-everyones-on-board

Microsoft 365 Copilot Now Enables You to Build Apps and Workflows

By / Blog / ,

Microsoft 365 Copilot now lets employees quickly build apps, workflows, and AI agents with natural language prompts. New tools like App Builder, Workflows Agent, and Copilot Studio Lite enable users to create dashboards, automate recurring tasks, and develop work-focused agents. These features are fully integrated with Microsoft 365’s security and compliance standards, providing administrators with centralized controls for management.

https://www.microsoft.com/en-us/microsoft-365/blog/2025/10/28/microsoft-365-copilot-now-enables-you-to-build-apps-and-workflows/

How Evolving Regulations Are Redefining CISO Responsibility

By / Blog / , ,

CISOs face growing personal and criminal liability as cyberattacks targeting vulnerabilities in IoT and OT devices increase. Global regulations now require stricter cyber risk management, transparency, and compliance, with 20% of breaches in 2025 linked to device vulnerabilities. CISOs are expected to provide accurate asset inventories, honest reporting, prompt breach disclosure, and the management of third-party risks. Organizations are updating policies, boosting legal support, and enhancing security oversight to adapt.

https://www.csoonline.com/article/4079450/how-evolving-regulations-are-redefining-ciso-responsibility.html

70% of CISOs Say Internal Conflicts More Damaging Than Cyberattacks

By / Blog /

70% of CISOs find internal conflicts more detrimental than cyberattacks during crises. Tensions and unclear roles hinder incident responses, exacerbated by perceived operational slowdowns caused by security measures. To improve relations, CISOs should highlight security's value to revenue and align their strategies with business goals.

https://www.csoonline.com/article/4079876/70-of-cisos-say-internal-conflicts-more-damaging-than-cyberattacks.html

5 Tips for a Healthier Cybersecurity Program

By / Blog / ,

5 tips for stronger cybersecurity:

  1. Implement MFA: Protect all services with multi-factor authentication.
  2. Patch Software: Regularly update software to prevent vulnerabilities.
  3. Test Backups: Ensure effective recovery processes against ransomware.
  4. Train Employees: Conduct phishing simulations and security awareness training.
  5. Assess AI Usage: Create policies for AI use to avoid data leaks.

Invest in resilience to enhance security posture.

https://www.security.com/feature-stories/5-tips-healthier-cybersecurity-program

Another EUDR Backflip: How Did We Get Here?

By / Blog /

EUDR timeline shows delays and shifts in enforcement dates for the EU's anti-deforestation law, initially set for December 2024 but now postponed to December 2025 for large firms and December 2026 for small operators. Proposed changes include a new ‘negligible risk' category to ease compliance, and revisions to reduce the administrative burden by around 30%. Recent modifications backtracked on earlier proposals, maintaining the original deadline for larger businesses while extending the timeline for smaller ones. The industry should prepare for imminent enforcement despite ongoing regulatory changes.

https://www.foodnavigator.com/Article/2025/10/28/eudr-timeline-delays-u-turns-and-backflips/

How State CIOs Are Using GenAI

By / Blog / ,

82% of state CIOs report employees use generative AI daily, up from 53% in 2024. Most adopt a low-risk strategy: pilot projects (90%), proofs of concept (86%), and employee training (71%). Only 25% have dedicated AI funding. AI aids workplace efficiency and service delivery, with usage for internal tasks and some exploration of public-facing services. CIOs support federal AI regulations while opposing restrictive moratoriums.

https://www.smartcitiesdive.com/news/ai-state-cio-government-adoption/803978/

European Commission Publishes Draft Guidance on Reporting Serious AI Incidents

By / Blog / , ,

EU Commission released draft guidance on reporting serious AI incidents under Article 73 of the EU AI Act, requiring high-risk AI system providers to notify authorities of serious incidents. Comments accepted until Nov 7, 2025; final guidance expected to apply from Aug 2, 2026. Key points include broad definitions of “serious incidents,” tight reporting timelines, and potential penalties for non-compliance. Companies must establish clear reporting processes to meet obligations and align with other regulatory requirements.

https://www.lw.com/en/insights/european-commission-publishes-draft-guidance-reporting-serious-ai-incidents

Scroll to Top