Citi deployed AI coding tools to 30,000 developers, spending $11.8 billion on tech in 2024, resulting in nearly 40% net income growth. The bank focuses on modernization and digital innovation, addressing past infrastructure underinvestment and regulatory requirements.
https://www.ciodive.com/news/citi-bank-modernization-generative-ai-coding-assistant/737624/
CIO tenures are shorter (3-5 years) than other executives (5-7 years), with over 70% serving less than five years. Increasing technology change drives this trend. While some CIOs desire longer tenures, others move on after transformation phases. Tenure varies by company size and sector, with public sector roles generally longer. Organizations must accept short tenures in tech leadership as normal, while individuals face evolving roles requiring new skills and engagement with broader business strategy. The trend of short tenures is expected to continue amidst rapid technological advancements.
https://www.computerweekly.com/news/366618233/Why-CIO-tenures-are-getting-shorter-and-why-it-matters
CIOs must implement a strategic AI coding approach as AI is rapidly integrated into software development, with 92% of Fortune 500 companies adopting AI tools. This strategy should focus on quality assurance, using a ‘trust and verify' method to counteract the common issues of incorrect AI-generated code, which can incur substantial costs and technical debt. Standardization of AI usage, regular evaluation of its effectiveness, and a collaborative development environment are all crucial for maximizing productivity and ROI. Embracing AI thoughtfully can enhance developer efficiency and ensure high-quality software delivery, essential for future success.
https://devops.com/how-cios-can-implement-and-execute-an-effective-ai-coding-strategy/
Microsoft's Expanded Cloud Logs Implementation Playbook details new logging capabilities in Microsoft Purview Audit for detecting intrusions. It allows organizations to access critical events (like mail activity) and integrate logs into SIEM systems. Aimed at technical personnel, it guides operationalizing these logs in M365 to enhance cybersecurity. Initially available to select federal agencies, now accessible for E3/G3 customers. Feedback can be directed to CISA’s FEIT.
https://www.cisa.gov/resources-tools/resources/microsoft-expanded-cloud-logs-implementation-playbook
Cybersecurity is critical due to diverse threats targeting public institutions, which hold sensitive data. Organizations must implement robust strategies to protect information systems while ensuring service continuity and citizen rights. France, Poland, and Italy have developed differing approaches, emphasizing critical infrastructure protection and public awareness. The evolving cyber threat landscape demands continuous adaptation and cooperation among EU nations to safeguard citizens and institutions against attacks.
Global Cybersecurity Outlook 2025 report by the World Economic Forum.
https://www.weforum.org/publications/global-cybersecurity-outlook-2025/
EU launches Action Plan to enhance healthcare cybersecurity, addressing 309 incidents in 2023. Focus on prevention, detection, and mitigation of threats, covering hospitals and general practices. Establishing a pan-European Cybersecurity Support Centre for tailored guidance over two years. Aim: secure digital healthcare, protecting patient care and lives.
https://commission.europa.eu/news/bolstering-cybersecurity-healthcare-sector-2025-01-15_en
TLDR: In 2025, the cyber threat landscape will evolve due to a fragmented eCrime ecosystem driving mass-targeting cyberattacks, particularly against small and medium enterprises. AI will be crucial for social engineering and disinformation, while geopolitical tensions, especially between Russia, China, and the US, will fuel espionage and cyber operations, notably influencing elections in Germany and Poland. Ransomware and infostealer activities are expected to persist, despite law enforcement disruptions, with sophisticated techniques like BYOVD becoming more common.
https://quointelligence.eu/2025/01/navigating-evolving-threats-in-2025/
Passkeys are emerging as a secure alternative to passwords for online authentication, but challenges remain for widespread adoption, including inconsistent support, user device loss concerns, migration issues, and varying account recovery processes. The NCSC supports improving passkey technologies and standardization while encouraging organizations to offer them. Despite current limitations, passkeys enhance security by being unique, not phishable, and offering faster sign-ins compared to traditional methods, positioning them as the future of authentication.
https://www.ncsc.gov.uk/blog-post/passkeys-not-perfect-getting-better
CIOs can enhance IT-business collaboration by fostering mutual understanding between IT and business staff, combining transformational and transactional leadership styles. This approach involves creating cross-domain learning mechanisms while retaining domain-specific expertise, essential for driving organizational change and achieving alignment.
https://phys.org/news/2025-01-reveals-cio-tactics-boost-business.html
