Blog

Digital Identities and the Future of Age Verification in Europe

By / Blog / ,

EU age verification trends push digital identities for user safety, but raise privacy concerns. Proposals may mandate age checks, risking free expression and contradicting children's rights. Current laws suggest age evaluations without explicit requirement. Upcoming digital identity wallets planned for 2026 could be used for age verification, potentially expanding beyond intended limits, creating further privacy issues. EFF critiques this approach, urging to prioritize user rights.

https://www.eff.org/deeplinks/2025/04/digital-identities-and-future-age-verification-europe

Microsoft Getting Nervous About Europe’s Tech Independence

By / Blog / ,

Microsoft is reacting to growing European skepticism about US tech companies by reinforcing data privacy commitments and enhancing its cloud infrastructure in Europe. Amid concerns over US policies and potential data vulnerabilities, Microsoft plans to increase its European data center capacity by 40%, implement a governance model compliant with European laws, and legally commit to contesting any government orders that threaten its operations in Europe. This strategy aims to restore customer trust and ensure compliance with local regulations amidst geopolitical tensions.

https://www.theregister.com/2025/04/30/microsoft_getting_nervous_about_europes/

Managing Shadow IT Risks

By / Blog /

CISOs face rising risks from shadow IT due to unauthorized technology use; 40% of employees utilize unsanctioned tools, linked to many security breaches. Prohibition can hinder innovation, so a balanced approach is needed. Strategies include deploying discovery tools, creating adaptive governance, conducting risk assessments, educating employees, and offering amnesty for reporting shadow IT. These methods convert threats into insights, promoting secure and agile technology use aligned with business goals, ultimately fostering a security-aware culture.

https://gbhackers.com/managing-shadow-it-risks/

Beyond Safe Models: Why AI Governance Must Tackle Unsafe Ecosystems

By / Blog / ,

AI governance must shift focus from just ensuring model safety to addressing the risks of unsafe deployment ecosystems, which are influenced by institutional contexts, conflicting incentives, and inadequate oversight. While initiatives like the EU AI Act emphasize technical compliance, they often ignore the broader environment affecting AI use, leading to harmful outcomes like discrimination and misinformation. Effective governance requires assessing deployment contexts, aligning institutional incentives, ensuring accountability, and establishing adaptive oversight to manage emerging risks, ultimately recognizing that AI's dangers stem from both its operation and the settings it inhabits.

https://www.techpolicy.press/beyond-safe-models-why-ai-governance-must-tackle-unsafe-ecosystems/

A Guide on Becoming a Chief Information Security Officer

By / Blog / ,

Become a CISO to lead cybersecurity, manage risks, and protect data. Responsibilities include strategic oversight, team management, incident response, and aligning security with business goals. Key skills: cybersecurity expertise, risk management, communication, leadership, and project management. Start with a tech-related degree, gain experience, earn certifications (like CISSP, CISM), and transition to leadership roles. Continuous learning and networking are essential for success in this evolving field. Average salary: ~$309,000 annually.

https://www.techloy.com/a-guide-on-becoming-a-chief-information-security-officer/

What if the EU Was Really Serious About AI?

By / Blog / , ,

EU's AI strategy lags behind the US and China. To become competitive, it should:

  1. Infrastructure: Increase investment in cloud computing and partnering with US tech.
  2. Data: Simplify data regulations, enhance open data access, and incentivize data sharing.
  3. AI Adoption: Set ambitious AI targets and focus on outcomes in public contracts.
  4. Skills and Talent: Fund AI academic positions and pivot education programs toward AI skills.
  5. (De)Regulation: Streamline regulations for ease of use while ensuring safety.

Addressing defense AI and promoting global leadership in open-source AI is vital. Europe has the resources; bold actions are required to catch up.

https://cepa.org/article/what-if-the-eu-was-really-serious-about-ai/

R&G Tech Studio: Navigating AI Literacy—Understanding the EU AI Act

By / Blog / ,

R&G Tech Studio podcast discusses the EU AI Act, focusing on AI literacy requirements for organizations. Hosts Rohan Massey and Edward Machin explain the broad definition of AI systems under the Act and emphasize the importance of AI literacy for both providers and deployers, irrespective of risk categories. Organizations must tailor AI literacy training based on contextual needs, employee roles, and resources. They suggest that companies begin developing AI literacy strategies now, despite limited guidance, to ensure compliance and effectively manage AI-related risks.

https://www.ropesgray.com/en/insights/podcasts/2025/04/rg-tech-studio-navigating-ai-literacy-understanding-the-eu-ai-act#page=1

Managing the Many We’s of IT

By / Blog / ,

CIOs must understand the diverse identities within their IT organizations, recognizing that the “we” in IT includes various groups with differing values and engagement levels. Successful CIOs need to be transparent about their own identity and foster engagement by ensuring employees have effective tools, reducing unnecessary work, and managing vendor relationships. By broadening the concept of “we,” CIOs can enhance collaboration and collective responsibility for IT value creation and security across their organizations.

https://www.cio.com/article/3968848/managing-the-many-wes-of-it.html

Scroll to Top