CIO CIO

Sana founder and CEO Joel Hellermark said, “Our focus has always been on creating intuitive AI tools that improve how people learn and work. I’m excited to bring these tools to 75 million Workday users and partner with Workday’s iconic team to launch a new era of superintelligence for work.” By bringing together technology from both companies, Workday users will be able to find answers information and files by searching data sources including Workday, Google Drive, SharePoint and Office365, and access agents that can summarize information, assist with projects, create documents and dashboards based on company knowledge, and automate repetitive tasks, the company said. Competing ecosystems Everest’s Hota said the acquisition is about “planting a flag in the AI assistant market before Microsoft, ServiceNow, or Salesforce become the default entry point.” Oracle, SAP, and ServiceNow are all embedding copilots and workflow AI across their HR applications, he said, “But the bigger competitive dynamic is with the horizontal platforms. Microsoft Copilot and Salesforce Agentforce want to sit above HR and finance systems as the first place employees go with a question. That’s exactly the surface Workday is trying to defend.” source

A solution within reach Simply put, Aishwarya is AUM Biotech’s IT department. After seeing Salesforce co-founder, chairman, and CEO Marc Benioff talk about AI agents on CNBC last year, Aishwarya was inspired to dig into what the new technology could do for his business. “I’m not a coder, I’m a cancer researcher,” he says. “But for the past several months, I’ve drawn myself into learning through YouTube and Google.” AUM Biotech was already using Salesforce for its CRM and Salesforce Data Cloud to manage and govern its data, so much of the hard work around data hygiene to get agentic AI off the ground was already done. And within a month, he deployed Agentforce SDR (sales development representative), an autonomous agent to scale top of funnel efforts, streamline prospect qualification, and generate a 24/7 pipeline. source

Experience-first technology When thinking of how technology can elevate a guest experience, I think of a time I was traveling home from Austin, TX, and the TSA Pre-check line was closed. At first, I figured OK, no big deal, but before I could enter the general screening line, a TSA agent asked me to follow them. They proceeded to hold the line, walked me in front of the entire crowd, held back their luggage on the belt and put mine in front. I was somewhat embarrassed by the attention of others, but for a moment thought, “Is this what Beyoncé feels like?” This level of service was unexpected but had a lasting impression. Eliminating a touchpoint is risky, but for a guest who has been traveling all day to arrive at their hotel, seeing a long line may make them feel defeated. Receiving a pre-arrival text offering to bypass the line and deliver their room key may be exactly the type of check-in experience they’re looking for that day. You just gave that guest the “Beyoncé” experience, which makes anyone feel like a star. With that one act, they unknowingly became the most important person in the room for a moment. IT as culture, not just systems Innovation is exciting, but not all employees embrace change in the same way. With the introduction of AI, there are insecurities that positions are at risk. When employees understand the personal benefit a new piece of technology provides to them, they are more likely to adopt it. source

Most importantly, you need iterators and tinkerers. The playbook for production agents barely exists so your team is going to need to learn on the job. To solve for this. I look for “learn-it-alls” who are genuinely excited about working on agents. People who are eager to tinker– try new things, fail and try again, happily. Without buy-in and support from the broader organization, even the best team will struggle. I’ve seen brilliant agent teams get stuck because they can’t access the data they need, or because security teams block their API integrations, or because business stakeholders won’t participate in the iterative testing process that agents require. Unlike traditional software projects, where you can build in isolation and deploy when ready, agents need ongoing collaboration with the people whose work they’re automating. You need legal teams willing to review new AI policies, security teams who understand the unique risks of LLM-based systems, and business users who will provide honest feedback during the messy early phases when your agent gets things wrong half the time. You need engineers who can tackle new problems, like how to delegate authorization or how to safely manage the tools LLMs can utilize. But most importantly, you need executive air cover when things don’t go smoothly. And, rest assured, they won’t always go smoothly. The organizations succeeding with agents have leadership that treats early failures as learning opportunities rather than reasons to shut down the program. source

We are already in a new kind of global conflict — a cyber cold war — and it’s unlike anything we’ve seen before. Today’s geopolitical tensions aren’t playing out solely through sanctions or soldiers. They’re unfolding invisibly, relentlessly, in the digital shadows. That’s where ransomware, espionage, and AI-powered attacks are being deployed by nation-states to disrupt economies, sabotage infrastructure, and destabilize societies. This is about stealing secrets and undermining operational continuity, sowing distrust and reshaping the global balance of power. This backdrop of geopolitical uncertainty only increases the imperative of doubling down on a modern, cyber-defensive posture. Our adversaries certainly aren’t sitting on their hands — and neither can we. With cyberthreats representing potentially existential risks to commercial organizations’ and militaries’ ability to conduct their most fundamental operations, both CIOs and CISOs must be directly involved in their organization’s cyberdefenses. That being said, CIOs must also keep in mind that this level of security defense and resilience isn’t primarily an IT function. Rather, they need to focus on geopolitical intelligence and strategic planning, as well as using those tools to marshal support and direction from the rest of the C-suite and board of directors from a business and operational perspective. The rules have changed In the original Cold War, the world’s most powerful nations built up arsenals of nuclear weapons and played a careful game of deterrence. In today’s environment, that deterrence has given way to digital aggression. Nation-states are gathering intelligence and working systematically to compromise infrastructure, steal intellectual property, and trigger widespread disruption.​ The usual players remain: China, Russia, Iran, and North Korea. But the tools of this war aren’t tanks or missiles. They’re malware strains, zero days, deepfakes, credential theft, and artificial intelligence. At Palo Alto Networks Unit 42, we’ve investigated incidents where North Korean attackers posed as recruiters to deploy malware disguised as developer tools — and that is just one recent operation among many. ​ These operations are escalating. Cyber campaigns linked to nation-states are becoming more targeted, more coordinated, and more emboldened. Our adversaries are moving beyond espionage toward sabotage. Today’s target-rich environment No organization is immune. Government agencies, power plants, financial firms, healthcare systems, and tech companies are all in scope. The rise of distributed workforces, cloud migration, and IoT has expanded the attack surface exponentially.​ Nation-state actors are increasingly partnering with cybercriminal gangs to obscure attribution and share tools. This alliance of capability and deniability makes them harder to detect and disrupt. Even the most mundane endpoint — a smart thermostat, a printer, a contractor’s laptop — could be the first domino to fall in the compromise of a whole network. These threat actors are as creative as they are determined. The Unit 42 Threat Intelligence unit tracked activity from suspected North Korean cyberattackers posing as recruiters or prospective employers. Their trick? Asking potential “employees” to install malware that seems to be actual development software as part of the hiring process. What organizations can do in the age of geopolitical risk The cyber cold war is a real threat, with real implications. As such, it requires real-time and actionable solutions, as well as long-range planning. Complicating this dynamic threat landscape is the rise of a regulatory environment that requires businesses and organizations across all sectors to bolster their cyber resilience and better protect critical data. Data protection and cybersecurity laws are proliferating throughout the world, led in large part by the European Union’s landmark Global Data Protection Regulation. In addition, the Securities and Exchange Commission’s new cyber disclosure rules require public companies to report breaches faster and more fully. This exerts more pressure on CIOs, CISOs, and their teams to respond to rapidly changing regulations and the potential legal consequences of failing to comply with these emerging requirements. Because this cyber cold war has been forming and transforming for a while, a blueprint of best practices is emerging for organizations’ benefit. Some specific recommendations include: Integrate geopolitical risk into business continuity planning. This isn’t optional. If your supply chain, customer data, or cloud infrastructure spans borders, you’re likely exposed to these transnational threats and the emerging regulatory efforts to counter those adversarial actors. Shift from perimeter security to identity-first, AI-enabled defense. In this new cold war, attackers move fast and hide well. Only AI-powered platforms can respond at machine speed — the way attackers already are.​ Invest in cloud security with global supply chains in mind. Nation-state attackers don’t care where your workloads live. But they will exploit any misconfiguration, gap, or delay in detection. Operationalize threat intelligence. Your teams need access to insights from groups like Unit 42, and not just the one-off threat report, but the continuous stream of intelligence to better inform your SOC, your infrastructure strategy, and your updates to the board. Rethink your role. You are both the steward of systems and the strategist responsible for business resilience. That includes preparing for the geopolitical risks that now shape the global business landscape. The cold war may be digital — but the consequences are real The battlefield has changed, but the stakes are higher than ever. Full-scale disruption of your operations is no longer a hypothetical. The only question is whether you’ll see it coming and whether you’re prepared to respond.​ CIOs who recognize the scale of this shift — and act decisively to modernize their defense posture — will emerge as critical strategic partners in the boardroom. Those who don’t will face security failures and broader risks to your operational readiness and reputation, potentially exposing you to regulatory consequences. The cyber cold war isn’t looming. It’s here. And now is the time to lead like it. To learn more about Palo Alto Networks, visit here. source

A couple of months ago, I did the math. I’ve been in the cybersecurity industry for roughly 10,000 days — a milestone that sounds immense until you realize how quickly the days turn into decades. This reflection inspired me to look back at the journey, not just for myself, but for our entire industry. While the core threats we face — malware, denial-of-service, meddler-in-the-middle attacks — remain stubbornly familiar, the landscape around them has been completely terraformed. What has changed is the speed, scale, and sophistication of our adversaries; the evolution of our role as defenders; and the strategic imperative to change how we think about security itself. Tough lessons, but a foundational experience My own journey began with an unintentional act of campus-wide chaos. In the mid-90s, as a computer science student at Purdue, I was given an assignment on interprocess communication. The goal was to write a program that could self-replicate across different processes. I became so engrossed in the challenge that I decided to take it a step further: What if I could make it replicate across multiple machines on the network? In what I thought was a moment of cleverness, I created a program that did just that. It wasn’t malicious; it didn’t steal data or delete files. As a learning experiment, I even added a harmless pop-up message — “Hello, Earthlings” — to confirm it had been executed. You can probably guess what happened next. The program began propagating across almost every computer lab on campus. Machines crashed under the unexpected load, and within hours, the IT department had to shut down the entire network. After I confessed, the university, to its great credit, didn’t punish me. Instead, they worked with me to build a kill switch and understand the vulnerability. That experience was foundational. It taught me that just because you can do something, it doesn’t mean you should do it. More importantly, it taught me the critical need for guardrails, for control, and for having a good set of brakes when you’re moving fast. It’s a lesson that developers, even 10,000 days later, are still learning as we work to embed security into the beginning of the development lifecycle, instead of treating it as a speed bump on the road to innovation. The CISO: From technical operator to business executive When I began my career, there was no such thing as a CISO. We were security managers, focused almost exclusively on the network and the endpoint. Today, the CISO has become a cornerstone of digital transformation, a shift that accelerated dramatically post-COVID when the business turned to us first to enable secure, remote work. The modern CISO can no longer be just a technologist whose knee-jerk reaction is to buy the latest and greatest tool. I’ve seen the most successful leaders evolve across four key areas: Strategic shift: They’ve moved from being a technical operator to a business executive, capable of having board-level conversations and quantifying risk in business terms. Scope expansion: Their focus has expanded beyond the organization’s walls to include third-party risk management, privacy, and compliance integration. They understand that you are only as strong as your weakest supplier. Investment optimization: They are the gurus of the budget, focused on ROI measurement and technology portfolio optimization rather than simply acquiring new products. Leadership and crisis management: The best CISOs I know are cross-functional workhorses. They can speak the language of DevOps, finance, and legal, championing security across the enterprise. They are also experts in crisis management, drilled and ready for the inevitable incident. This isn’t just consolidation, it’s platformization For years, organizations have tried to solve the problem of complexity by stitching together dozens of best-of-breed products. I saw this firsthand in my previous roles. The intention was to create a “platform,” but the reality was a tangled mess of disparate tools that failed to integrate on a policy, control, or visibility level. It didn’t work because it mirrored the problem instead of solving it. When our CEO, Nikesh Arora, coined the term “platformization,” it crystallized a concept that the industry desperately needed. This type of platformization doesn’t just mean consolidation; consolidation is merely one of its many outcomes. A true platform approach is about streamlining operations through a single, natively integrated system. It’s about leveraging the same rich, accurate, and comprehensive data across your entire security posture to deliver better outcomes. The benefits are clear: Unified security and operational efficiency: You eliminate the complexity of managing dozens of vendors and siloed tools. Superior analytics: You gain correlated insights from machine learning that is trained on a complete dataset, enabling predictive capabilities that can anticipate and prevent threats. Demonstrable business impact: You can show the board faster response times, reduced vendor overhead, and simplified compliance, proving that security is a business enabler, not a cost center. The next 10,000 days Predicting the future is impossible, but I can tell you what the CISO of tomorrow — or perhaps the Chief AI Security Officer — will need. That’s a flexible mindset. The future of the SOC should be 100% automated. We are already seeing the emergence of personal AI agents that can manage our calendars and communications; it’s not a stretch to imagine one dedicated to our personal security. Ultimately, whether used by attackers or defenders, AI is only as effective as the data it’s trained on. That is the fundamental truth. To stay ahead, we must have the best, richest, and most accurate cybersecurity data to power our defensive AI models. To future-proof our strategies, we must foster a culture of security awareness where every employee plays a role. Any digital transformation initiative that doesn’t have cybersecurity embedded as its first step is destined to fail. From that panicked night in a Purdue computer lab to today’s boardrooms, the core lesson remains the same: Building without brakes is far from innovation, but rather an accident waiting to happen. The challenge for the next 10,000 days is to build with resilience

During my mid-20s, there was one popular advertisement that always fascinated me. Iconic Axe deodorant, promising a magical transformation the moment you spray it on. Suddenly, two gorgeous women would be irresistibly drawn to you. As a viewer seeking change in my life, I assumed that this was what I was missing. Of course, we discovered reality was far more mundane. Axe worked fine as a deodorant and did its fundamental job well, but obviously, the promised magic never happened. This is how I am drawing parallels on how AI is currently being perceived. Many executives view AI as revolutionary magic that will transform business overnight; yet, most organisations are now discovering that, while AI will deliver good value, it is nowhere near the miraculous solution sold to them. The AI position today aligns with the trend of the early days of the internet boom, when unprecedented investment drove the valuation of technology to new heights. As of today, we stand at a significant junction in technology, where, based on the current trajectory, we can be concerned that the AI trend is drawing parallels with the Dotcom bubble of 2000. source

Risk, compliance and continuity: A leadership mandate Every M&A integration comes with inherent risks, and for CIOs, safeguarding security and compliance is non-negotiable (aquireBlog). Effective risk management begins before Day 1, addressing vulnerabilities discovered during due diligence and maintaining continuous monitoring throughout the integration. Critical focus areas include ensuring compliance with industry standards, fulfilling legal obligations and proactively managing risks across systems, processes and third-party partners. As emphasized by Reuters in its coverage of M&A risk priorities, effective cybersecurity due diligence is essential for preserving deal value and ensuring regulatory compliance. (Reuters) To drive a smooth, value-focused integration, CIOs must weave risk and compliance into every aspect of planning and execution. In doing so, IT leaders can protect the organization, enable synergies and ensure operational continuity — turning post-Day 1 integration into a strategic advantage rather than a source of disruption. Synergies measurement: Leadership-driven metrics and accountability Signing the deal is only the beginning; true value creation continues long after Day 1. CIOs must embed accountability into post-Day 1 integration by defining clear KPIs, monitoring progress, mitigating risks and reviewing vendor contracts to sustain cost synergies. While capturing the complete benefits of integration is often a multi-year journey, typically spanning 3-5 years, persistent tracking is essential to ensure they are realized. source

In today’s hyper-connected, AI-driven world, the role of IT and security leaders has evolved from operational guardians to strategic enablers of business growth. But with this evolution comes complexity—layer upon layer of it. A new qualitative research report from Chief Disruptor, sponsored by Tanium, “The Interconnection between People, Process and Technology,” offers fresh insights into how 22 global industry leaders are navigating this complexity and, more importantly, what it really takes to build resilience.  While AI and automation are front and centre in every conversation, the path to value is anything but straightforward. Many organisations are struggling to scale beyond proof-of-concept, often due to fragmented processes, siloed teams, or misaligned priorities. It’s clear from these interviews that all three areas—people, processes, and technology—are essential components of an effective cybersecurity and resilience strategy. Breaking down the research People Despite the technical nature of cybersecurity, the human element emerged as a dominant theme. Leaders consistently cited the strain on teams that bear responsibility for cyber resilience, often without adequate resources or skills. The talent shortage is acute, and external hiring is costly, prompting many to prioritize upskilling existing staff. Automation has generally been well received, with employees becoming freed from repetitive tasks and empowered to contribute more strategically. Leaders spoke of “human augmentation” and “supercharging” capabilities, emphasizing that AI should enhance—not replace—human decision-making. However, change management remains a hurdle. Resistance to new ways of working and concerns around AI’s impact on roles must be addressed through transparent communication and inclusive implementation. Trust is essential, and leaders stressed the importance of involving teams early in the adoption of new technologies to foster a cyber-safe culture across the enterprise. Process Modernising internal processes is vital for agility and resilience. Many organisations struggle with legacy systems and siloed operations, which hinder scalability and collaboration. Rapid growth has exacerbated these issues, creating friction between departments, ultimately slowing down innovation. Interviewees highlighted the need to streamline workflows and eliminate outdated practices. AI and automation are seen as key enablers, helping to align operational speed with strategic goals and reduce inefficiencies. Breaking down silos and fostering cross-functional collaboration were recurring recommendations for improving process maturity. Technology Interestingly, technology was described as the “easiest part” to get right—provided it’s aligned with business objectives. Leaders warned against adopting tools for their own sake, urging a problem-first approach to tech deployment. As one contributor noted, “lead with business challenges, not the hammer looking for a nail.” AI and automation are already being used to enhance threat detection and response capabilities. The hype may have peaked, but practical implementation is now the focus. Leaders agreed that success depends on laying the right foundations—ensuring scalability, integration, and trust are built into the strategy from the outset. Achieving people, process, and technology ‘balance’ The research underscores the importance of a measured strategy across people, process, and technology. Whilst Automation and AI offer transformative potential, human expertise remains central to security and IT transformation—it is all about finding the right balance. Learn more about how leaders are finding this balance in ‘The Interconnection between People, Process and Technology’, and learn more about how Tanium AEM protects global enterprises and mission-critical institutions using real-time endpoint data with AI-driven insights. source