CIO.works – Page 22

How CISOs Can Survive the Era of Geopolitical Cyberattacks

By CIO / Blog / risk management, cybersecurity

Geopolitical cyberattacks, particularly destructive Iranian wiper campaigns, are increasingly targeting critical infrastructure and organizations to cause operational chaos rather than financial gain. These attacks rely on stolen credentials and legitimate administrative tools to move laterally within networks, making containment and strict internal access controls essential for CISOs to limit damage and ensure organizational resilience.

https://www.bleepingcomputer.com/news/security/how-cisos-can-survive-the-era-of-geopolitical-cyberattacks/

Shadow AI ‘Double Agents’ Are Outpacing Security Visibility – and That’s a Serious Concern for UK Businesses

By CIO / Blog / AI, cybersecurity, threats

UK businesses are rapidly adopting AI agents to automate tasks and boost productivity, with 62% already using them and 68% planning enterprise-wide rollouts soon. However, Microsoft’s Cyber Pulse report warns that these AI agents, acting autonomously across networks and systems, are outpacing security visibility and creating significant risks, highlighting the urgent need for robust governance, visibility, and zero trust security measures to manage and control their access safely.

https://www.techradar.com/pro/security/shadow-ai-double-agents-are-outpacing-security-visibility-and-thats-a-serious-concern-for-uk-businesses

CIO 100 Leadership Live Atlanta: AI Spending Enters a Reckoning Phase

By CIO / Blog / AI, CIO, leadership

At the CIO 100 Leadership Live conference in Atlanta, technology leaders discussed a shift in enterprise AI from rapid growth to a phase emphasizing governance, data accountability, and business justification. Key themes included the need for evolved leadership skills beyond technical expertise, challenges in moving AI initiatives beyond proof of concept, the critical role of knowledge management and data governance, and the importance of integrating AI as a strategic, multidisciplinary leadership priority.

https://www.cio.com/article/4148267/cio-100-leadership-live-atlanta-ai-spending-enters-a-reckoning-phase.html

EnshittifAIcation

By CIO / Blog / customer service, AI, workforce, critique

In the article “EnshittifAIcation,” Stefano Marinelli describes challenges he faces dealing with AI-driven customer service bots and automated systems in managing e-commerce servers, highlighting issues such as rigid AI responses, misunderstandings about technical configurations, and inaccurate recommendations that ignore expert human input. He argues that overreliance on AI systems without proper human oversight leads to inefficiencies, confusion, and erosion of reliability, emphasizing that current AI lacks the ability to learn or understand context like experienced professionals do.

https://it-notes.dragas.net/2026/03/20/enshittifaication/

The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks

By CIO / Blog / AI, cybersecurity

AI-enabled cyber attacks are evolving to use automation and mimic legitimate user behavior, enabling cybercriminals to conduct highly personalized phishing, credential abuse, and adaptive malware attacks that bypass traditional security models. To counter these threats, behavioral analytics must advance into dynamic, context-aware identity-based risk modeling that continuously monitors user activities across the entire security stack, enabling real-time detection of subtle anomalies and privilege misuse in hybrid and multi-cloud environments.

https://thehackernews.com/2026/03/the-importance-of-behavioral-analytics.html

Companies Know AI Is Essential for Cyber Defense but Aren’t yet Seeing Returns

By CIO / Blog / AI, report, cybersecurity

A new EY survey reveals that while nearly all cybersecurity leaders see AI as essential for defense and are deploying it, most have yet to realize significant returns from agentic AI security tools. The survey highlights companies' progress in adopting AI governance frameworks but notes that full integration into corporate culture is limited, stressing the need for robust governance and human oversight to maximize AI’s benefits and manage risks effectively.

https://www.cybersecuritydive.com/news/cybersecurity-ai-agentic-governance-ey-survey/815311/

We Asked Experts About the Most Responsible Ways to Use AI Tools – Here’s What They Said

By CIO / Blog / productivity, risk management, AI

Three years after ChatGPT's release, AI use divides people into those who refuse it and those who use it daily. Experts advise using AI as a brainstorming partner, research assistant, and organizer while maintaining personal judgment, cautioning against overreliance and emphasizing the need to verify AI-generated information with credible sources.

https://www.theguardian.com/lifeandstyle/ng-interactive/2026/mar/18/how-to-use-ai-tools-expert-guide

Cisa Urges Endpoint Management System Hardening After Cyberattack Against US Organization

By CIO / Blog / risk management, cybersecurity, compliance, Microsoft

The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert following a cyberattack on U.S.-based medical technology firm Stryker Corporation targeting their Microsoft environment. CISA urges organizations to harden endpoint management system configurations by implementing Microsoft’s best practices for securing Microsoft Intune, including least privilege administrative roles, phishing-resistant multi-factor authentication, and multi-admin approval policies, to protect against similar malicious activities.

https://www.cisa.gov/news-events/alerts/2026/03/18/cisa-urges-endpoint-management-system-hardening-after-cyberattack-against-us-organization

Disinformation Security By Styx Intelligence

By CIO / Blog / tools, threats, monitoring

Styx Intelligence has launched Disinformation Security, a solution designed to provide continuous visibility into disinformation campaigns that threaten brands, leaders, and customers through false narratives and coordinated activities on public channels. This tool helps organizations detect early signs of disinformation, understand its origins and spread, and respond effectively to mitigate risks such as fraud, impersonation, reputation damage, and operational disruptions.

https://styxintel.com/blog/introducing-disinformation-security/

Shadow AI Has Already Moved Into Your Organization

By CIO / Blog / risk management, AI, cybersecurity, security controls

The article explains that “shadow AI” is already widespread in organizations, as employees use public or unapproved AI tools to speed up work without going through IT or security review. Because these tools can be accessed instantly in a browser, blocking them is often ineffective, resulting in lost visibility into how company data is used. The article concludes that organizations must shift from trying to prohibit AI use to creating governance frameworks, approved tools, and clear policies that enable productivity while maintaining security and compliance.

https://www.forbes.com/sites/tonybradley/2026/03/19/shadow-ai-has-already-moved-into-your-organization/