CIO.works – Page 25

AI-powered Refund Abuse and Dispute Fraud: The Democratization of Deception

By CIO / Blog / AI, payments, frauds, ecommerce

AI has facilitated a rise in refund abuse, with 65% of consumers noting it has made false claims easier. Fraudsters now manipulate digital images using AI tools to appear damaged, undermining traditional proof of claims. This trend poses significant challenges for merchants, who must adapt their verification processes, balancing customer service with fraud prevention. A robust framework is essential, including technology-driven defenses, low-friction verification requests, and a shift to customer-centric risk assessments to mitigate fraud effectively.

https://www.ravelin.com/blog/ai-powered-refund-abuse-dispute-fraud

CISOs Are Meeting With Board Leaders, but Are They Being Heard?

By CIO / Blog / cybersecurity, CISO, budget

CISOs are increasingly meeting with board members to discuss cybersecurity risks, as mandated by the SEC since 2023. While 95% of CISOs regularly update boards, many face time constraints—over half have only 15 to 30 minutes. A report indicates a lack of strong collaboration, with only 30% of boards rating their relationship with CISOs positively. Misunderstanding cyber threats could lead to organizational vulnerabilities, and CISOs risk blame for inadequate risk management. Experts advise on effective communication strategies to ensure boards accurately grasp cybersecurity issues.

https://www.itbrew.com/stories/2026/03/11/cisos-are-meeting-with-board-leaders-but-are-they-being-heard

CISO Conversations: Aimee Cardwell

By CIO / Blog / leadership, cybersecurity, CISO

A key conversation highlights Aimee Cardwell's journey from Netscape to her current role as CISO in Residence at Transcend, emphasizing the need for collaboration, low ego, curiosity, and addressing burnout in cybersecurity teams. She advocates for strategic and tactical balance in leadership, continuous learning, and a team-focused approach to problem-solving. Cardwell also notes the challenges in demonstrating successful security efforts and the growing threat of sophisticated AI-generated phishing attacks.

https://www.securityweek.com/ciso-conversations-aimee-cardwell/

What Changes When You’ve Been a CISO More Than Once?

By CIO / Blog / cybersecurity, leadership, CISO

CISO Series highlights insights from a February 2026 Reddit AMA with seasoned CISOs discussing job transitions, board communication, and vendor relations. Key points include the need for CISOs to translate technical risks into business terms for effective board discussions, the importance of building relationships over sales, and recognizing that while fundamental skills carry over, specific playbooks must adapt to new contexts. A clear distinction between full-time and retained CISO roles was also emphasized, reflecting on the necessity of understanding organizational commitment to cybersecurity outcomes.

https://cisoseries.com/what-changes-when-youve-been-a-ciso-more-than-once/

5 Metrics to Drive Successful AI Outcomes

By CIO / Blog / strategy, AI, leadership

Despite significant AI investments, many enterprises struggle to achieve measurable results. This is often due to a misalignment between AI projects and strategic business goals, as well as a lack of understanding of how to measure AI success. To drive successful AI outcomes, organizations should align AI projects with strategic business goals, understand the true costs of AI, and measure success based on the impact on business outcomes rather than just financial metrics.

https://www.cio.com/article/4137420/5-metrics-to-drive-successful-ai-outcomes.html

What Is Cyber Security?

By CIO / Blog / cybersecurity

Cybersecurity is the practice of protecting systems, networks, and data from digital threats through technologies, processes, and policies designed to prevent unauthorized access, damage, or disruption. The article explains that modern environments require integrated protection across endpoints, cloud, email, servers, and networks. A cybersecurity platform centralizes visibility, analysis, and controls, enabling organizations to detect, prioritize, and respond to threats more effectively. It concludes that unified platforms improve risk management by combining monitoring, intelligence, and automated response across the entire IT ecosystem.

https://www.trendmicro.com/en_gb/what-is/cybersecurity-platform/cyber-security.html

5 Tips for Communicating the Value of IT

By CIO / Blog / communication, leadership, CIO

CIOs must effectively communicate IT's business value to shift perceptions from being a cost center to a profit driver. Key strategies include: highlighting IT's impact, focusing on business outcomes rather than technical metrics, using relevant KPIs, developing storytelling skills, and framing IT as an asset builder. By translating IT achievements into relatable business language and results, CIOs can ensure stakeholders recognize IT's contributions.

https://www.cio.com/article/4137669/5-tips-for-communicating-the-value-of-it.html

Cyber Enforcement – When an Incident Is Just the Tip of the Iceberg

By CIO / Blog / regulation, compliance, cybersecurity, incident response, risk management

The article explains that recent UK enforcement trends show cyber incidents often expose broader compliance failures, making the reported breach only the starting point for regulatory scrutiny. Regulators increasingly focus on security weaknesses, governance gaps, and data-handling practices across the organization, especially after cyberattacks. Fines have risen, and enforcement actions target private-sector companies with inadequate safeguards. The article concludes that organizations must treat cyber resilience, contractual risk allocation, and data protection controls as ongoing obligations because investigations can extend beyond the original incident to encompass broader operational and legal failings.

https://www.slaughterandmay.com/insights/new-insights/cyber-enforcement-when-an-incident-is-just-the-tip-of-the-iceberg/

US Cloud Analysis Shows Microsoft’s Cascading 2025-2026 Price Increases–EA Tier Elimination, M365 Copilot Bundling, and Unified Support Escalation–Will Impose a Mandatory 25% Cost Increase on a Typical $10 Million Enterprise Agreement

By CIO / Blog / AI, Microsoft, budget

US Cloud’s analysis reveals that Microsoft’s pricing changes, including the elimination of EA tier discounts, mandatory Copilot bundling, and escalation of the Unified Support fee, will result in a 25% cost increase for a typical $10 million Enterprise Agreement by mid-2026. This “AI Tax” is attributed to Microsoft’s significant investment in AI infrastructure, despite uncertain ROI for many enterprises. US Cloud suggests software portfolio optimization and replacing Unified Support as strategies to mitigate these price hikes.

https://www.prnewswire.com/news-releases/us-cloud-analysis-shows-microsofts-cascading-20252026-price-increasesea-tier-elimination-m365-copilot-bundling-and-unified-support-escalationwill-impose-a-mandatory-25-cost-increase-on-a-typical-10-million-enterprise-agree-302708750.html

Microsoft Cowork: One Data Store for All Your M365 Assets

By CIO / Blog / AI, Microsoft

Microsoft launched Cowork, a new Copilot AI tool, enhancing Microsoft 365's functionality with agentic AI through collaboration with Anthropic. Cowork is integrated into a new $99 E7 subscription, offering managed enterprise-grade experiences. It includes a context engine, Work IQ, to leverage data from Microsoft and other applications. Analysts note adoption may be slow due to existing E5 contracts. Cowork aims to optimize task management and collaboration in business workflows, although data security concerns remain.

https://www.computerweekly.com/news/366639977/Microsoft-Cowork-One-data-store-for-all-your-M365-assets