Blog – Page 142 – CIO.works

How CIOs Can Prepare for EU AI Act Enforcement

CIOs must prepare for the EU AI Act enforcement by actively pursuing compliance, managing vendors, and adapting to ongoing requirements. Most businesses are currently unprepared, with compliance risks including significant fines. Experts suggest cataloging AI uses, forming compliance teams, and developing AI literacy initiatives. Collaboration among departments is crucial to effectively navigate compliance complexities, especially with vendor management, as features may complicate assessments. Continuous monitoring and adapting to regulatory changes are essential for maintaining compliance and preventing issues.

https://www.ciodive.com/news/european-union-ai-act-compliance-enterprise-tips-enforcement/743099/

ChatGPT Hit With Privacy Complaint Over Defamatory Hallucinations

By CIO / Blog / AI, GDPR

Noyb, a privacy rights group, has filed a complaint against OpenAI for ChatGPT's false claims about a Norwegian individual being convicted of child murder. This issue raises concerns under the EU's GDPR about the accuracy of generated personal data and the lack of a correction mechanism. The complaint highlights prior similar incidents and argues that OpenAI's disclaimer does not absolve it of legal responsibility for spreading false information. This case aims to prompt regulators to take action against AI-generated defamation.

https://techcrunch.com/2025/03/19/chatgpt-hit-with-privacy-complaint-over-defamatory-hallucinations/

CISO Survey: 6 lessons to Boost Third-party Cyber-risk Management

By CIO / Blog / cybersecurity

A recent survey of 200 CISOs shows over 90% reported increased third-party cybersecurity incidents in 2024. Most experienced moderate to significant escalations. To address these challenges, organizations need to implement six key lessons for better cyber-risk management related to third-party software supply chains.

https://securityboulevard.com/2025/03/ciso-survey-6-lessons-to-boost-third-party-cyber-risk-management/

5 Mistakes Companies Will Make This Year With Cybersecurity

By CIO / Blog / trends, cybersecurity

5 Cybersecurity Mistakes Companies Will Make in 2025:

Ignoring AI's Role: Companies overlook AI’s impact on both attacks and defenses.
Lacking Incident Response Plans: Absence of clear plans leads to chaos during attacks.
Underprepared Workforce: Employees often lack training, becoming easy targets.
Underestimating Insider Threats: Many breaches originate from within the organization.
Neglecting Cyber Preparedness Culture: Cybersecurity must be a shared responsibility across all levels of an organization.

Businesses must prioritize training, incident planning, and a comprehensive security culture to combat rising threats.

https://www.forbes.com/sites/bernardmarr/2025/03/20/5-mistakes-companies-will-make-this-year-with-cybersecurity/

Data Center Investments Surged to $455B Last Year: Report

By CIO / Blog / trends, IT infrastructure

2024 global data center investments rose 51% to $455B; projections indicate 30% growth for 2025. Major spending driven by top cloud providers like AWS, Microsoft, and Google, primarily to expand AI infrastructure. Capital expenditures could exceed $1 trillion annually by 2029. Rising AI demand has strained data center capacity, leading to increased colocation costs. Total spending from enterprises reached $150B, marking the largest annual growth since 2014, with significant contributions from smaller cloud providers and hardware manufacturers. However, economic uncertainties could impact future IT investments.

https://www.ciodive.com/news/data-center-ai-cloud-infrastructure-capex-gpu-servers/743002/

European Accessibility Act Risks Becoming a Box-ticking Exercise

By CIO / Blog / EU, accessibility, regulation

European Accessibility Act (EAA) compliance risk becoming mere box-ticking. Companies are opting for accessibility widgets for fast compliance, but these often create new accessibility issues and fail to address deeper problems. True accessibility requires foundational improvements in website design rather than superficial fixes. Developers should integrate accessibility from the start, ensuring ongoing testing and compliance as standards evolve.

https://thenextweb.com/news/european-accessibility-act-becoming-box-ticking-exercise

How Payment Orchestration Became Essential for Global Merchants

By CIO / Blog / payments, PCI DSS

Payment orchestration is crucial for global merchants.

https://thepaypers.com/thought-leader-insights/how-payment-orchestration-became-essential-for-global-merchants–1272808

DIA Europe: Expert Says Risk Pyramid Can Determine Whether a Device Requires AI Act Conformity Assessment

By CIO / Blog / regulation, AI, EU

Expert suggests using a risk pyramid to classify medical devices under the EU AI Act for conformity assessments. High-risk devices need assessments; low-risk items face transparency obligations, while minimal-risk devices are unregulated. Compliance involves documentation, labeling, and risk management. AI tools will advance diagnostics, exemplified by non-invasive tests like LiverMultiScan.

https://www.raps.org/news-and-articles/news-articles/2025/3/dia-europe-expert-says-risk-pyramid-can-determine

Navigating Global AI Regulation and Innovation

By CIO / Blog / AI, EU, regulation

AI regulation needs clarity as laws develop globally, affecting innovation. A framework is essential for organizations to manage AI risks effectively amidst uncertainty. Current EU guidelines address specific AI systems, yet many low-risk applications remain unregulated, creating risks that require self-regulation. Companies should develop unique AI risk profiles and integrate governance standards within enterprise frameworks. Technological solutions can aid compliance and support responsible AI usage, emphasizing the need for clear governance strategies at enterprise, product, and operational levels. As regulations evolve, a proactive and balanced approach to AI governance is crucial for leveraging innovation while minimizing risks.

https://www.fticonsulting.com/uk/insights/articles/navigating-global-ai-regulation-innovation

Gap in the EU’s Rules for AI Requires a Well-Documented Approach

By CIO / Blog / GDPR, AI, EU, regulation

EU AI Act and GDPR create compliance challenges for organizations using sensitive personal data in AI, particularly regarding bias detection. Regulatory gap exists as the AI Act permits processing special data for bias correction but conflicts with GDPR's prohibitions. Organizations must assess risks, ensure dual compliance, and document processes thoroughly until clearer regulatory guidance emerges.

https://news.bloomberglaw.com/us-law-week/gap-in-the-eus-rules-for-ai-requires-a-well-documented-approach