AI – CIO.works

What’s Behind Europe’s Push to “Simplify” Tech Regulation?

By CIO / Blog / regulation, EU, AI, GDPR

EU's push to “simplify” tech regulation aims to streamline its complex laws, raising concerns about diluting hard-won protections like GDPR and the AI Act. Amid geopolitical competition with the US and China, 13 member states advocate for deregulation, arguing it hampers innovation. Experts warn this may benefit dominant tech firms rather than smaller businesses and stress the need for a coherent strategy rather than unfocused deregulation. Fragmentation and ineffective regulation hinder innovation in Europe, signaling that reform should focus on coordination and support for startups, not dismantling existing protections.

https://www.techpolicy.press/whats-behind-europes-push-to-simplify-tech-regulation/

EU Commission Clarifies Definition of AI Systems

By CIO / Blog / regulation, EU, AI

EU Commission clarifies AI definition: The Commission published guidelines detailing the definition of AI systems under the AI Act, outlining seven components, including machine-based systems, autonomy, adaptability, objective-driven outputs, inference capability, environmental interaction, and influence over environments. The guidelines help companies assess AI Act applicability. However, the guidelines are non-binding and not yet formally adopted.

https://www.orrick.com/en/Insights/2025/04/EU-Commission-Clarifies-Definition-of-AI-Systems

Biometrics in the EU: Navigating the GDPR, AI Act

By CIO / Blog / AI, GDPR, data protection

Biometrics in the EU are regulated by the GDPR and the AI Act, which address the use of biometric technologies beyond security into areas like emotion recognition and employee monitoring. The GDPR governs the processing of biometric data as personal and, in some cases, “special category” data requiring consent. The AI Act categorizes biometric systems by risk, with real-time remote identification largely prohibited, and specific rules for emotion recognition and categorization. Organizations face complex compliance challenges due to overlapping regulations, requiring a nuanced understanding of technology and legal responsibilities.

https://iapp.org/news/a/biometrics-in-the-eu-navigating-the-gdpr-ai-act

AI Employees With ‘memories’ and Company Passwords Are a Year Away, Says Anthropic Chief Information Security Officer

By CIO / Blog / trends, cybersecurity, AI

Anthropic's CISO, Jason Clinton, predicts AI virtual employees with memories and credentials could emerge in a year, enhancing workplace integration but introducing new cybersecurity risks. AI agents promise cost savings and efficiency but raise concerns about job losses, as illustrated by companies like Klarna and Shopify prioritizing AI over hiring.

https://fortune.com/article/anthropic-jason-clinton-ai-employees-a-year-away/

Cynomi Cinches $37M for Its AI-based ‘virtual CISO’ for SMB Cybersecurity

By CIO / Blog / cybersecurity, CISO, AI

Cynomi raises $37M for its AI-driven virtual CISO targeting SMB cybersecurity amid rising attacks. Co-led by Insight Partners and Entrée Capital, the funding positions Cynomi as a market leader with a valuation over $140M. The company offers automated security management services via third-party resellers, aiming to fill a gap for budget-constrained SMBs. CEO David Primor emphasizes that the virtual CISO can perform various security tasks efficiently, tripling annual revenue recently. Funds will support R&D to expand cybersecurity solutions, as the industry lacks a comprehensive operating system.

https://techcrunch.com/2025/04/23/cynomi-cinches-37m-for-its-ai-based-virtual-ciso-for-smb-cybersecurity/

CIOs Increasingly Dump In-house POCs for Commercial AI

By CIO / Blog / AI

CIOs are shifting from in-house AI proof-of-concept (POC) projects to commercial AI solutions due to high failure rates of internal efforts and low returns. A Gartner survey revealed that the percentage of companies creating their own AI tools dropped from 50% to 20% in just a year. Many organizations are overwhelmed by the demands of building AI systems, often lacking the necessary expertise and resources. The trend is now towards smaller, niche applications of AI, utilizing proprietary data to derive greater value, while software vendors increasingly promote their AI offerings.

https://www.cio.com/article/3965387/cios-increasingly-dump-in-house-pocs-for-commercial-ai.html

Commission Seeks Input to Clarify Rules for General-purpose AI Models

By CIO / Blog / AI, EU, regulation

EU Commission invites feedback to clarify rules on general-purpose AI (GPAI) in a consultation aimed at shaping comprehensive guidelines to enhance understanding of GPAI concepts and compliance processes ahead of August 2025. Stakeholders can provide input until May 22, 2025.

https://digital-strategy.ec.europa.eu/en/news/commission-seeks-input-clarify-rules-general-purpose-ai-models

From Copilot to Agent

By CIO / Blog / AI, cybersecurity

CISOs must prepare for the rise of agentic AI, marking a significant evolution from previous AI models. While security copilots enhanced workflows, agentic AI introduces autonomy, enabling complex tasks and real-time threat responses. It poses both opportunities—like improving SOC efficiency and automating help desk operations—and challenges, including governance and trust issues. Although promising, widespread adoption of agentic AI is cautious, with many security leaders highlighting that it currently struggles to outperform traditional solutions. The technology's potential remains significant as it develops.

https://www.cio.com/article/3965370/from-copilot-to-agent-ai-is-growing-up-and-cisos-need-to-be-ready.html

The European Commission’s Template on Training Data Transparency: First Guidelines for the AI Act

By CIO / Blog / AI, EU, regulation

The European Commission's guidelines for the AI Act mandate transparency in training data for general-purpose AI models, requiring public summaries detailing the data used. This has sparked debate over what constitutes “sufficiently detailed” information, balancing rights holders' needs for access against providers' interests in protecting strategic assets. A template to aid in compliance was released in January 2025, structured into sections covering model details, data sources, and processing aspects, with final guidelines expected by mid-2025. Legal disputes will ultimately shape the regulation's implementation and future AI standards globally.

https://www.advant-nctm.com/en/news/the-european-commissions-template-on-training-data-transparency-first-guidelines-for-the-ai-act

No AI Agents Are Allowed.’ EU Bans Use of AI Assistants in Virtual Meetings

By CIO / Blog / AI, cybersecurity, EU

EU bans AI assistants in online meetings due to security concerns. The rule was made during a recent European Commission presentation, marking the first official ban on AI agents, which automate tasks during virtual conferences. Potential risks arise from AI agents' unpredictable behavior and user awareness issues, leading to heightened caution in their deployment among tech companies.

https://www.techrepublic.com/article/news-eu-bans-ai-assistants-virtual-meetings/