CIO.works – Page 16

The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust

By CIO / Blog / risk management, data protection, leadership

Steve Durbin highlights that the next major cybersecurity crisis will not be breaches but the growing distrust in data integrity, especially as AI-driven decisions rely heavily on trustworthy data. He stresses that data governance, clear ownership, and auditability of data are critical to maintaining accuracy and preventing harmful distortions that can compromise operations and decision-making.

https://www.securityweek.com/the-next-cybersecurity-crisis-isnt-breaches-its-data-you-cant-trust/

Shadow AI Usage Statistics 2026: Latest Insights

By CIO / Blog / AI, cybersecurity, trends

Shadow AI—employees using unapproved AI tools at work—has become a widespread business risk, with over 80% of workers globally engaging in such use to boost productivity despite limited corporate governance. This unregulated adoption exposes organizations to significant security, compliance, and financial risks, including costly data breaches averaging $4.2 million, while many companies lack adequate policies or visibility to manage these challenges effectively.

https://sqmagazine.co.uk/shadow-ai-usage-statistics/

Here’s a Thing – What if Shadow AI Is Actually Telling Us Something Useful?

By CIO / Blog / strategy, technology, AI, trends, critique

Dana Louise Simberkoff of AvePoint suggests that shadow AI, like shadow IT before it, signals a cultural stress test within enterprises rather than simply being a technological failure, reflecting a gap between business needs and governance. She advocates for a shift in organizational mindset where employees are treated as stewards of AI, emphasizing trust, clear controls, and distributed judgment to manage AI safely and effectively, rather than imposing restrictive bans that drive usage underground.

https://diginomica.com/heres-thing-what-if-shadow-ai-actually-telling-us-something-useful

How CIOs Can Help Set the Course Toward a Bright Future

By CIO / Blog / strategy, CIO, leadership

In his article, Thornton May argues that CIOs must actively engage in shaping the future by fostering thoughtful discussions and overcoming key deficits such as lack of agency, imagination, attention, passion, and situational awareness within their organizations. He emphasizes that the future is not predetermined and that CIOs have a unique position to guide stakeholders toward a shared, well-reasoned vision for a desirable future by encouraging collaboration, storytelling, and deeper consideration of realistic scenarios.

https://www.cio.com/article/4151995/how-cios-can-help-set-the-course-toward-a-bright-future.html

New Compliance Guide Available: ISO/IEC 27001:2022 on AWS

By CIO / Blog / compliance, aws, isms, iso 27001

AWS has released a new compliance guide titled “ISO/IEC 27001:2022 on AWS,” which offers practical guidance for organizations implementing an Information Security Management System (ISMS) using AWS services. The guide helps align cloud environments with the ISO/IEC 27001:2022 standard, detailing how to integrate AWS security controls, manage governance and risks, and prepare for certification audits by leveraging AWS security, monitoring, and automation capabilities.

https://aws.amazon.com/blogs/security/new-compliance-guide-available-iso-iec-270012022-on-aws-compliance-guide/

The Architecture of Authority: Why AI Is Breaking the Traditional Hierarchy

By CIO / Blog / AI, leadership, risk management

The article discusses how AI is transforming traditional corporate hierarchies by shifting decision-making authority from humans to machines. It highlights the emergence of “Systems of Action,” where AI not only recommends but also initiates decisions, challenging existing governance models that assume humans control judgment and accountability. The piece emphasizes the need for organizations to intentionally design a “Decision Architecture” to manage the flow of authority between people and AI, avoid fragmented autonomous systems, and address conflicts between machine logic and human intuition.

https://nationalcioreview.com/articles-insights/the-architecture-of-authority-why-ai-is-breaking-the-traditional-corporate-hierarchy/

Shadow AI Solutions Need a Unified Security Approach

By CIO / Blog / risk management, AI, cybersecurity, threats

Shadow AI presents a significantly greater enterprise risk than the previous shadow IT challenges, as employees' unsanctioned use of generative AI tools leads to compliance, data leakage, and regulatory penalties risks. Fortinet's executive Russ Schafer highlights the need for unified security platforms incorporating agentic AI to reduce attack resolution times from hours to seconds, emphasizing governance, access management, and interconnected agent frameworks to maintain control and security in AI-driven environments.

https://siliconangle.com/2026/03/30/shadow-ai-needs-unified-security-approach-rsac26/

The AI Revolution: Getting Culture Right for AI Success

By CIO / Blog / strategy, AI, leadership

The article discusses the critical role of fostering a balanced AI culture in enterprises to unlock AI's transformative potential. It emphasizes empowering employees through training and hands-on experience while ensuring governance to manage AI risks, addressing fears and skepticism about AI adoption, and tailoring AI education to different career levels. Leaders highlight that widespread, guided AI experimentation combined with effective governance and measuring ROI will drive innovation and competitive advantage as AI rapidly evolves and becomes integral to business operations.

https://www.cio.com/article/4146677/the-ai-revolution-getting-culture-right-for-ai-success.html

Teleport Report Finds Over-Privileged AI Systems Linked to Fourfold Rise in Security Incidents

By CIO / Blog / AI, cybersecurity, threats, report

A report by Teleport found that enterprises granting excessive access permissions to AI systems experience 4.5 times more security incidents than those restricting AI access, highlighting identity management's lag behind AI adoption. Based on interviews with 205 security leaders, the study shows that broad AI access correlates with higher incident rates, often due to static credentials and lack of automated governance controls, emphasizing the need for unified, machine-speed identity management to mitigate risks.

https://www.infoq.com/news/2026/03/teleport-ai-report/

Watch Your Words: Tim Brown’s Advice for CISOs

By CIO / Blog / cybersecurity, leadership, communication, threads

Tim Brown, former CISO of SolarWinds, shared insights at RSAC 2026 about the 2020 SolarWinds supply chain attack and his personal experience as the first CISO indicted in a civil lawsuit by the SEC for alleged fraud related to cybersecurity disclosures. Brown highlighted how excessive communication and misunderstood internal language during the ensuing SEC investigation led to legal challenges, emphasizing the critical need for clear communication policies and cautious internal messaging to prevent misinterpretation and legal risks in cybersecurity incident management.

https://www.techtarget.com/searchsecurity/feature/Watch-your-words-Tim-Browns-advice-for-CISOs