Blog

How Can CIOs Keep Operations Going During an Outage?

By / Blog / ,

A major AWS outage hit thousands of companies, but only those using the affected US-EAST-1 data center. This highlighted the risks of depending on a single cloud provider. IT leaders stress the need for redundancy—such as backups and failovers—to reduce the operational impact of outages, particularly for mission-critical systems. However, there are financial trade-offs: not every system needs full redundancy, and organizations must prioritize based on risk, sector, and potential impact. While using a single provider can be efficient and drive innovation, CIOs must still prepare for outages by architecting for failure within their provider’s ecosystem, auditing for high-impact dependencies, and ensuring they have strong contingency and recovery plans. Highly regulated or always-on industries require higher resilience, but in all cases, informed risk management is key.

https://www.informationweek.com/cloud-computing/when-a-provider-s-lights-go-out-how-can-cios-keep-operations-going-

Zero Trust Has a Blind Spot—Your AI Agents

By / Blog / ,

AI agents gain autonomy, raising trust issues in Zero Trust models as they often lack identifiable ownership and governance. Security risks emerge from “orphaned agents” with unchecked permissions, violating Zero Trust principles. To enhance security, organizations should apply NIST's AI Risk Management Framework with an identity-centric approach, ensuring every AI agent has a unique identity, defined owner, and lifecycle management. This redefines agentic AI from a risk to a governable entity, establishing trust through accountability and oversight.

https://www.bleepingcomputer.com/news/security/zero-trust-has-a-blind-spot-your-ai-agents/

European Parliament Rejects Compromise to Weaken Sustainability Reporting and Due Diligence Rules

By / Blog /

The European Parliament narrowly voted against a compromise to weaken sustainability reporting and due diligence rules, stalling efforts to simplify regulations. The rejected proposal would have exempted many companies by setting higher employee and revenue thresholds for compliance, but it failed due to internal political divisions. As a result, uncertainty persists for businesses subject to these rules, with further negotiations required ahead of the next parliamentary session. Lawmakers opposing the changes argue this protects the integrity of the EU’s sustainability agenda, while critics warn of continued compliance burdens and a lack of regulatory clarity.

https://senecaesg.com/insights/european-parliament-rejects-compromise-to-weaken-sustainability-reporting-and-due-diligence-rules/

The Human Cost of Defense: a CISO’s View From the War Room

By / Blog / ,

CISO Phil Keibler highlights the unseen struggles of cybersecurity professionals in the documentary Midnight in the War Room, emphasizing the mental toll of preventing constant threats. The film aims to portray these defenders' reality, tackling themes of burnout and the critical nature of their role in protecting vital infrastructure. Keibler notes the pride in their silent successes and the daunting pressure they face, reminding us that while their efforts go unnoticed, they are essential for societal stability. The documentary seeks to inspire recognition and appreciation for cybersecurity as a meaningful career.

https://securityboulevard.com/2025/10/the-human-cost-of-defense-a-cisos-view-from-the-war-room/

EU Proposes ‘simplifications’ to EUDR, December 2025 Deadline to Go Ahead for ‘large and Medium’ Companies

By / Blog /

EU proposes simplifications for upcoming Deforestation Regulation (EUDR) aimed at preventing deforestation-related products in the EU. New measures reduce obligations for businesses, especially small operators, allowing for streamlined compliance. Original deadlines extended to December 2025 for large businesses and December 2026 for small ones. Mixed reactions from stakeholders, with some praising the adjustments while others criticize potential compromises on environmental protection.

https://www.foodbev.com/news/eu-proposes-simplifications-to-eudr-december-2025-deadline-to-go-ahead-for-large-and-medium-com

Navigating NIS2: What Organisations Need to Know as EU Implementation Unfolds

By / Blog / ,

TLDR: As EU Member States implement NIS2, organizations must adapt to varying compliance obligations. Only 14 countries have completed transposition by the October 2024 deadline. NIS2 enhances cybersecurity across sectors, but national differences add complexity. Key compliance requirements include registration, appointing EU representatives, managing risks, reporting incidents, and audits. Non-compliance can lead to significant fines. Organizations should evaluate their operations relative to NIS2, track jurisdictional differences, and strengthen cybersecurity measures.

https://www.goodwinlaw.com/en/insights/publications/2025/10/insights-practices-dpc-navigating-nis2-what-organisations-need-to-know

From Technologist to ‘Digital Governor’: State CIO Role Has Evolved Dramatically

By / Blog /

State CIOs have shifted from purely technical roles to strategic leaders, acting as communicators and change managers. This evolution comes amid high turnover, with 44 CIO changes since 2023, and growing demands for budgetary support in technology amidst rapid advancements like AI and cybersecurity challenges. Effective relationship management and bridging the gap between tech and policy are essential for CIOs today, as they balance innovation and risk.

https://www.route-fifty.com/people/2025/10/technologist-digital-governor-state-cio-role-has-evolved-dramatically/409009/

LIVE From Gartner: The CIO’s 2026 Cybersecurity Playbook

By / Blog / ,

CIOs must align cybersecurity with business, emphasizing shared governance and outcome-driven metrics. The distinction between CIO and CISO roles highlights potential conflicts in reporting structures. CIOs should frame cyber risk as a business decision using Protection Level Agreements to guide investments. Effective governance and risk management are crucial for resilience, with metrics designed to connect cybersecurity outcomes to business performance. The CIO's role evolves into a strategic translator for aligning cybersecurity initiatives with organizational goals.

https://nationalcioreview.com/articles-insights/live-from-gartner-the-cios-2026-cybersecurity-playbook/

Why Companies Need a Chief Trust Officer Today

By / Blog / , ,

CTrO Essential: Centralizes trust across security, IT, and governance. Establishes accountability, reduces friction in deals, and addresses regulatory scrutiny. With increasing AI adoption, CTrOs ensure standards and policies align with accountability measures, enhancing innovation while safeguarding against risks. Trust must be observable and manageable for effective organizational response and stakeholder confidence.

https://www.scworld.com/perspective/why-companies-need-a-chief-trust-officer-today

Europe’s Sustainability Retreat Risks Market Trust

By / Blog / ,

Europe’s new sustainability reforms aim to simplify corporate reporting and due diligence, raise the company size thresholds, and remove EU-wide liability for sustainability harms. While supporters say this reduces compliance costs, critics argue it weakens accountability and Europe’s standing in global sustainable finance. Early evidence shows substantial progress from companies under the original rules, but concerns remain that deregulation could result in less reliable data, transparency gaps, and weaker market trust. The outcome is uncertain, as lawmakers have rejected the current reform proposal, and the final approach will shape both Europe’s market credibility and global influence in sustainability standards.

https://www.forbes.com/sites/feliciajackson/2025/10/22/europes-sustainability-rollback-risks-undermining-market-trust/

Scroll to Top