Blog

NIS2 – One Year on: What’s Missing, What’s at Stake, and What’s Next?

By / Blog / ,

One year after the NIS2 Directive’s transposition deadline, many EU countries have lagged on implementation, but firms cannot afford to wait for local laws. NIS2 applies to essential organizations in critical sectors, often based on size, regardless of where the companies are based or whether their activities are internal. Core obligations include entity registration, risk-based cybersecurity, detailed incident reporting, and strict supply chain controls, with boards personally accountable for compliance. Enforcement tools range from significant fines to bans on managers, and implementation challenges are heightened for multinationals because compliance is assessed per entity, not as a group. Organizations should proactively develop compliance strategies specific to each jurisdiction, as waiting could fail to meet obligations.

https://connectontech.bakermckenzie.com/nis2-one-year-on-whats-missing-whats-at-stake-and-whats-next/

Compliance Isn’t an Annual Ritual Anymore

By / Blog /

In 2025, IT compliance is increasingly critical due to new regulations and updates, indicating IT's maturation akin to other regulated industries. The concept of “CompOps” (Compliance Operations) is evolving to ensure continuous compliance rather than annual audits, necessitating more frequent evidence collection. Organizations must adapt by embedding compliance practices within DevOps processes, focusing on collaboration and communication to meet evolving standards efficiently. The future involves integrating compliance into everyday operations, shifting the perception from an annual chore to a continuous effort essential for business function.

https://securityboulevard.com/2025/10/compliance-isnt-an-annual-ritual-anymore/

EU AI Act – Frequently Asked Questions

By / Blog / , ,

EU AI Act is world's first comprehensive AI law promoting innovation and protecting health, safety, and rights. It categorizes AI systems by risk, with compliance phased in by 2027. High-risk systems face stringent obligations; unacceptable risks are prohibited. The Act emphasizes transparency, human oversight, and adapts to technological changes. Support exists for SMEs, ensuring streamlined processes and reduced burdens. AI literacy is critical for compliance. The Act addresses various areas like biometric data and outlines specific prohibitions, ensuring responsible AI use.

https://ai-act-service-desk.ec.europa.eu/en/faq

Lockheed Martin’s CIO On Digital Transformation And Culture Of Purpose

By / Blog /

Maria Demaree, Lockheed Martin’s CIO and Senior VP for Enterprise Business and Digital Transformation, leads over 5,000 technology professionals and drives IT operations and company-wide digital modernization. She emphasizes a strong sense of purpose and ethical service rooted in her family’s multi-generational commitment to the company. Demaree oversees transformative efforts like uniting siloed business areas, implementing AI-driven solutions, and establishing unified platforms to balance employee consistency with flexibility. Her dual background in business and technology informs an approach focused on operational value, innovation, and resilient legacy. Demaree views AI and quantum computing as transformative, stresses ethical usage, and advocates for lifelong learning and cross-functional collaboration across Lockheed Martin’s workforce.

https://www.forbes.com/sites/peterhigh/2025/10/20/lockheed-martins-cio-on-digital-transformation-and-culture-of-purpose/

The Rise of ‘vibe Working’

By / Blog / ,

“Vibe working” merges generative AI into corporate culture, emphasizing flexibility and creativity. Executives promote “vibe coders” and roles like “Vibe Growth Manager” to streamline tasks. While it simplifies processes, it risks downplaying expertise needed for skilled work, causing confusion about expectations. This trend reflects Gen Z's preference for less rigid job structures and a more casual approach to work. However, excessive reliance on AI without strategic guidance can lead to poor outcomes, raising concerns about losing the human aspect of work. In essence, while “vibing” captures a modern workplace appeal, it still demands substantial effort and skill.

https://www.businessinsider.com/rise-of-vibe-working-coding-microsoft-openai-2025-10

BT: Why Human Firewalls Are Critical in AI Cybersecurity

By / Blog / , ,

BT Security’s Tris Morgan emphasizes the importance of human firewalls in AI cybersecurity, arguing that employee training is crucial against sophisticated AI-driven attacks. He believes that investing in a cyber-aware culture transforms employees into an active defense against threats. Despite advanced technology, many breaches result from human error, with attackers exploiting trust and behavior. Effective training should be ongoing, engaging, and relevant, using simulations and real-world scenarios to foster awareness. For SMEs, cost-effective strategies include realistic training and clear security policies to cultivate vigilance. Continual adaptation to evolving threats is essential for strong cybersecurity defenses.

https://aimagazine.com/news/bt-security-the-importance-of-humans-in-ai-powered-attacks

HSBC CIO Stuart Riley on Leading With Data and AI

By / Blog /

Stuart Riley, HSBC's Group CIO since February 2024, is leading the bank's tech and AI innovations, having previously overseen technology at Citigroup. He aims to simplify HSBC’s complex IT infrastructure and is deploying AI across over 600 applications, emphasizing its long-term potential. His past experience includes developing digital products at Citigroup and significant roles at Deutsche Bank and RBS. Beyond banking, he contributes to educational tech initiatives and advises on sustainable cloud computing. Riley's leadership is crucial to HSBC's digital strategy and competitiveness.

https://businesschief.com/news/hsbc-cio-stuart-riley-on-leading-with-data-and-ai

The CIO as Orchestrator: From Running Systems to Building Ecosystems

By / Blog / ,

CIOs must evolve from managing systems to orchestrating ecosystems that drive growth and innovation through collaboration with partners. Orchestration involves aligning internal and external resources to create value, essential in today's complex tech landscape. Successful CIOs focus on outcomes, embed in business strategies, and utilize partners as co-innovators. A five-step orchestration playbook is suggested for aligning capabilities, designing platforms, creating value propositions, operationalizing delivery, and embedding go-to-market strategies. By mastering orchestration, CIOs can unlock new revenue streams and gain competitive advantages.

https://www.cio.com/article/4074028/the-cio-as-orchestrator-from-running-systems-to-building-ecosystems.html

The Future of Jobs Report 2025

By / Blog /

The Future of Jobs Report 2025 analyzes major trends like technological change and demographic shifts impacting the global labor market by 2030, drawing insights from over 1,000 employers representing 14 million workers across 55 economies. Key points:

  • Technology adoption: Digital access, AI, and big data are the top drivers of transformative workforce changes.
  • Job creation and decline: Net job growth is expected, with significant increases in tech and frontline jobs, and losses in clerical work.
  • Skills evolution: Almost 40% of current skills will change or become obsolete, making upskilling a top priority.
  • Employer strategies: Focus on reskilling, DEI, and employee well-being to address skill gaps.
  • AI impact: Hiring and automation will increase, and wage strategies will shift to attract and retain talent.

https://www.weforum.org/publications/the-future-of-jobs-report-2025/

The End of Cybersecurity

By / Blog / ,

Cybersecurity failures in the U.S. stem from software quality issues, not just cyber threats. As attackers exploit system vulnerabilities, the focus should be on improving software security rather than relying on the cybersecurity industry. AI presents a solution, enabling the creation of safer code and fixing existing flaws. To leverage AI effectively, incentives must be realigned, and a standardized approach to software security must be established. Without systemic changes, security will remain an afterthought in software design, leaving critical infrastructure at risk.

https://www.foreignaffairs.com/united-states/end-cybersecurity

Scroll to Top