CIO CIO

Energy Solutions discovered this in exit interviews, Weisong says. People were leaving, especially those relatively new to the workforce, because they didn’t feel connected to the job or company. To answer this, the company now invests in regular, company-wide, in-person meetings and asks new hires to work at one of the company’s offices. This has helped provide a foundation for new people to attach to. “It’s like when you plant a tree, you put a stake next to it to keep it growing up and not get blown over. So, it can take root,” he says. The effort has been very effective at providing new team members with cohorts, colleagues, and a sense of belonging. The connection these in-person meetings create bolsters the communication among everyone in the company, too. When you know someone, even only slightly, their messages come with a more accurate flavor of their personality and style. “It makes interactions through other mediums easier,” says Weisong. “You have a basis for understanding that person.” source

Successful AI implementation hinges on making the right infrastructure choices early. You can accelerate your AI revolution by critically evaluating infrastructure readiness before investing, ensuring genuine business transformation rather than disappointment. Despite CSIRO research showing 68% of Australian businesses have already implemented AI technologies, adequate infrastructure remains a critical barrier to realising its full potential. Overdriving underpowered infrastructure can create unsustainable operational risks that dramatically increase energy consumption. The five critical questions you should be asking To accelerate your organisation’s AI revolution, ask these five essential questions when evaluating infrastructure investments: 1. Is your infrastructure agile enough to support evolving AI workloads? The most transformative AI implementations leverage edge computing to process data closer to its source. This approach delivers the agility required to scale your AI revolution by strategically blending cloud and edge resources. Your organisation likely faces significant latency challenges due to geographic distance from major cloud regions. Micro Data Centres at strategic edge locations enable local processing for time-sensitive AI applications. By distributing workloads between centralised data centres, cloud resources and edge locations, you can accelerate your unique AI transformation. Your team’s ability to implement and manage these technologies is also just as important as the technology itself. Creating a culture that supports continuous learning, and adaptation will be essential as AI workloads evolve and your infrastructure needs change. 2. Does your power infrastructure support AI’s intensive energy demands? Your technology team faces unique challenges with AI’s power requirements. Current systems likely lack the computational capacity and sustainability features needed for AI workloads, which demand 5-10 times more energy than traditional computing. Schneider Electric’s energy procurement services help you source and manage the increased power requirements for AI. At the same time, its liquid cooling systems improve efficiency in heat-intensive AI environments, with Power Usage Effectiveness (PUE) measurements as low as 1.03 in optimal conditions compared to traditional cooling methods. With the belief that implementing AI shouldn’t require trade-offs between performance and sustainability, Schneider Electric’s energy procurement strategy is designed to empower you to cast off caution and to AI with intent across your hybrid infrastructure. At the same time, energy-efficient solutions like Smart-UPS Ultra with lithium-ion batteries offer a 50% lower carbon footprint than lead-acid alternatives. Remember that your AI revolution depends on the human as much as the artificial if it is to deliver on its promise. Your energy strategy must account for both technological needs and your organisation’s sustainability goals. 3. Can your security framework protect AI data while meeting ANZ compliance requirements? Your organisation faces distinctive regulatory requirements that impact AI implementation. Data sovereignty laws and the Privacy Act create challenges that require security solutions tailored to regional needs. Schneider Electric’s NetBotz provides environmental monitoring and physical access control, while EcoStruxure IT Expert delivers real-time threat detection. Together, they address both physical and cyber vulnerabilities specific to ANZ compliance requirements. Effective security also requires skilled personnel who understand both the technological and human elements. Your security framework should account for your team’s expertise and training needs to ensure they can effectively manage AI security risks. 4. Will your infrastructure scale efficiently without compromising sustainability goals? Energy considerations represent a critical challenge for your AI implementation. Research shows 48% of businesses report positive Return on Investment (ROI) within the first year of implementing AI solutions. However, energy costs significantly impact these gains. Successful AI implementation requires infrastructure designed for your unique requirements while supporting sustainability. This foundation must balance performance needs with environmental responsibility, and it must tread a fine line to succeed. With each organisation’s AI revolution following a unique path, you must evaluate whether infrastructure solutions genuinely support your specific use cases and regional requirements while aligning with sustainability commitments. As such, your leadership approach to creating sustainable AI infrastructure will set the tone for your entire organisation. By demonstrating commitment to both performance and sustainability, you can inspire your team to find innovative solutions that balance these priorities. 5. Does your proposed solution provide end-to-end integration from edge to cloud? The marketplace has become saturated with “AI-ready” solutions that fail to deliver genuine capabilities. This “AI-washing” marketing creates significant barriers for your AI revolution. Fragmented approaches create operational complexity and limit the effectiveness of your AI initiatives. End-to-end integration between edge computing resources, data centre infrastructure and cloud services is essential for seamless AI operations. According to research, while 68% of Australian businesses have implemented AI, many struggle to realise its full potential. Organisations that successfully accelerate their AI revolution will create optimal conditions through strategically designed hybrid IT environments. Your team’s ability to work across traditionally siloed departments is essential for successful end-to-end integration. Creating cross-functional teams with clear communication channels can help ensure your AI implementation is truly integrated across all components. From vision to reality: thriving in your AI era Your AI revolution is a human-led transformation that requires a careful balance of technological capability and human expertise. By implementing modular hybrid IT solutions specifically designed for AI workloads, you can create an environment where both your technology and your people can thrive. To learn more about powering your AI revolution with confidence, download our interactive guide to AI-ready hybrid IT infrastructure solutions. source

Compared to how things were structured before, with three separate tech companies, the current consolidated BBVA Technology focuses on the bank itself without having to provide external services to the market. “Our employees are involved in the technological foundation of any project the bank has,” he says. Above all, the company’s most visible, and most competitive, feature is the app, due to its operational efficiency and mobile capabilities. And a recent updated version of it powered by AI marks a turning point in digital banking, Jurado says, with a firm commitment on improved user experience, from a financial coach and personalized savings plans, to more intuitive and simple ways to make payments. The paradigm of AI When applied to BBVA Technology’s operations and its talent, Jurado sees AI use in everything related to staff retention and attraction. “We’ve adjusted our training offering with new content almost immediately,” he says. “In this sense, we believe it’ll help us detect knowledge gaps and propose customized paths for each person.” Steady progress is essential, though, without getting overwhelmed with tools that might not be practical. Bottom line is progress has to be compatible with concepts of the business plan, such as security, ethics, and responsibility. source

In April, Anthropic’s CISO made an eye-opening prediction: within the next year, AI-powered virtual employees with corporate credentials will begin operating across the enterprise. These agents won’t just support workflows — they’ll become part of the workforce. The business case is obvious: AI agents promise scalable automation, reduced overhead, and tireless productivity. Salesforce is already making this a reality, recently introducing AI “digital teammates.” AI agent deployments are expected to grow 327% during the next two years, but from the vantage point of cybersecurity, this evolution introduces a volatile mix of innovation and risk. We’re not just giving software system access — we’re giving identity, autonomy, and decision-making capabilities. That changes how organizations approach security entirely. Autonomous, credentialed, and vulnerable Let’s be clear: These AI agents are not tools in the traditional sense. Unlike conventional automation or service accounts, these agents act as authenticated users operating under corporate credentials, making decisions, interacting with systems and data, and in some cases, executing sensitive tasks. That means they will have the same access and arguably pose the same risks as a human employee. But unlike humans, AI agents don’t understand context, intent, or consequences the way we do. They can be tricked, manipulated, or coerced through techniques like prompt injection or adversarial inputs. We’ve long accepted that humans are the weakest link in security—phishing and social-engineering schemes prey on our psychology—but AI agents introduce an even softer target: They take things at face value, don’t call the help desk, and operate at machine speed. Once compromised, they could serve as a persistent, high-bandwidth attack surface buried deep inside an organization’s environment. Rethinking security in the AI age Traditional security tools have been designed around human behavior: logins, passwords, and access/privilege levels. AI employees break these assumptions. Non-human identities, which already far outnumber human users, are becoming the dominant force in cloud environments. As cloud investments continue to skyrocket, citing AI as the top driver, and more AI agents are deployed in the cloud, organizations must turn towards a new age of AI security tools that can properly secure all that AI has to offer, specifically questions around: What level of autonomy and authority will AI agents have inside the enterprise? How do you monitor privilege activity and detect deviations? Can these agents be exploited or jailbroken via prompt injection or adversarial inputs? What data are these agents being trained on? The next insider threat AI introduces new, unproven components to your application stack – infrastructure, models, datasets, tools and plugins. And now, AI innovation is accelerating even faster with the introduction of agents. Unlike LLMs, agents reason, act autonomously, and coordinate with other agents. AI agents will have continuous access, won’t sleep or take vacations, and can be deployed at scale across multiple departments. This is bringing new complexity to organizations’ environments and introduces new security risks. One compromised agent could potentially do more damage in minutes than a malicious insider might accomplish in months. AI employees may soon rival, or exceed, insiders as the most dangerous threat vector. OWASP recently published its Agentic AI Threats and Mitigation highlighting emerging threats such as prompt injection, tool misuse, identity spoofing and more. Even more so, recent research from Unit 42 found prompt injection remains one of the most potent and versatile attack vectors, capable of leaking data, misusing tools, or subverting agent behavior. We’ve spent years building defenses around the human element. Now we must turn that same, or even fiercer, rigor toward the machines acting in our name. Taking action Palo Alto Networks recently introduced Prisma AI Runtime Security (AIRS) designed to help organizations discover, assess, and protect every AI app, model, dataset, and agent in their environment. With Prisma AIRS, organizations receive a comprehensive platform that provides: AI Model Scanning – Safely adopt AI models by scanning them for vulnerabilities. Secure your AI ecosystem against risks, such as model tampering, malicious scripts, and deserialization attacks. AI-Security Posture Management – Gain insight into security posture risks associated with your AI ecosystem, such as excessive permissions, sensitive data exposure, platform misconfigurations, access misconfigurations, and more. AI Red Teaming – Uncover potential exposure and lurking risks before bad actors do. Perform automated penetration tests on your AI apps and models using our Red Teaming agent that stress tests your AI deployments, learning and adapting like a real attacker. Runtime Security – Protect LLM-powered AI apps, models, and data against runtime threats, such as prompt injection, malicious code, toxic content, sensitive data leak, resource overload, hallucination, and more. AI Agent Security – Secure agents (including those built on no-code/low-code platforms) against new agentic threats, such as identity impersonation, memory manipulation, and tool misuse. As AI reshapes how enterprises operate and how attacks unfold, Prisma AIRS moves just as fast. Enterprises can confidently embrace the future of AI with Prisma AIRS. Read here how Palo Alto Networks Prisma AIRS, the world’s most comprehensive AI security platform is helping organizations secure all AI apps, agents, models and data. source

AI delivers real ROI when tied to real business goals, not hype. Start with outcomes, not algorithms, to unlock lasting value, agility and efficiency. source

The need to combat global warming is leading to stricter governmental regulations and increased consumer demand for businesses to adopt environmentally friendly strategies and deliver sustainable products. That’s especially true in Europe. What does that mean for your company? If you’re planning to do business anywhere in the European Union (EU), you may have to deal with the Corporate Sustainability Reporting Directive (CSRD) and associated European Sustainability Reporting Standards (ESRS). Those regulations require certain companies with a presence in the EU to report their impact on the environment and society with the goal of having companies provide a positive contribution to the natural world and human systems. “I can see the potential environmental and financial benefits of people wanting to work with, support, and invest in a company dedicated to sustainability,” you say. Then, you look at what is required to comply: Environmental, Social, and Governance (ESG) reporting along your entire value chain. The process can be complex, resource-intensive, and time-consuming. It can require numerous mandatory disclosures, thousands of data points to collect and interpret, and key performance indicators (KPIs) to calculate. You take a deep breath and sigh – knowing those tasks will have to be done manually in your organization with limited resources, which can slow down reporting, increase errors, and raise compliance risks. CSRD.AI Manager to the rescue PricewaterhouseCoopers GmbH WPG Germany (PwC Germany), part of the PwC global professional services network, faced the same process challenge. In response, the organization developed a solution in partnership with SAP that’s also available to clients as well. The solution is called CSRD.AI Manager. Recipient of an SAP Innovation Award for 2025, CSRD.AI Manager employs automation in the form of artificial intelligence (AI) to make the reporting process easier, faster, and more accurate. “As with other organizations, we faced difficulties in interpreting thousands of data points and integrating diverse data sources, leading to inefficiencies,” observes Nico Reichen, a partner with PwC Germany. “The situation not only impacted our operational productivity but also affected workforce morale due to the manual tasks. We needed a streamlined, automated solution.” Creating an automatic winner with CSRD expertise and AI technology To develop the solution for its network and clients, PwC Germany turned to SAP, collaborating closely with the organization’s CSRD expert team and SAP Cloud’s technical development specialists. “The CSRD.AI Manager is an impressive example of how the collaboration between SAP and PwC can create a product that helps clients solve complex problems by adopting advanced technology such as AI,” Reichen notes. “In fact, artificial intelligence is the key component of our solution.” CSRD.AI Manager utilizes SAP AI Core components, as well as the Vector Engine from SAP HANA Cloud for text and embedding generation to automate report generation. SAP Datasphere, SAP Business Technology Platform (BTP), SAP Build Apps and SAP Analytics Cloud are also leveraged for AI-supported data collection and modeling and report visualization. It also integrates the PwC Germany CSRD-specific content with customizable data models to meet evolving compliance requirements. Taking the “sigh” out of ESG reporting All that expertise and technology adds up to a solution for successfully automating data collection, KPI calculations, and report generation, producing a variety of business, IT, and user benefits. CSRD.AI Manager: Enables comprehensive ESG reporting, supporting companies in meeting CSRD compliance requirements and promoting sustainable practices Improves efficiency with an automated, cloud-based solution that reduces data processing time and effort as well as the need for complex hardware infrastructure Automates many manual tasks, reducing errors and freeing employees to focus on strategic activities, while potentially lowering costs. Guarantees a seamless, compliant reporting process, enhancing client trust and satisfaction. Utilizes direct integration of the latest AI functionalities directly into existing IT systems AI-supported data collection automatically provides information on relevant data to answer regulatory questions in a targeted manner. Automated report generation uses extensive KPIs and data points to create an AI-supported report that provides the basis for compliant reporting. Enhances data security and integrity across the entire organization “CSRD compliance used to be a major drain on clients’ resources. But CSRD.AI Manager completely changed the game, automating the heavy lifting and freeing clients’ teams to focus on real sustainability improvements,” announces Benjamin Lösken, Director at PwC and Product Owner of the ESG, Reporting Manager – CSRD. A paragon of innovation In an era of increasing compliance demands, the CSRD.AI Manager provides an AI-driven long-term solution that ensures efficient, reliable, and audit-ready ESG reporting. For that achievement, PwC Germany was selected as the Winner of  the Partner Paragon award at the recent SAP Innovation Awards 2025 ceremony. The honor is given to partners who’ve developed a next-generation application deployed by customers that uses SAP BTP and is licensed by the SAP Build or Tech adoption program. Check out PwC Germany’s pitch deck for more information on a solution for your business. source

“Also, according to IDC, 53% of enterprises plan to start with a pretrained model and augment it with enterprise data,” said Sharath Srinivasamurthy, associate vice president of research at IDC. “When dealing with enterprise data, security becomes paramount. A credible solution that combines Seek AI’s capabilities with IBM Watsonx’s governance framework would help position AI solutions more effectively for regulated industries.” Building AI talent pipelines Watsonx AI Labs also offers IBM a pipeline for emerging talent, as the company looks to partner with startups, scale-ups, and large enterprises to accelerate AI development while sharing costs and risks. “This collaborative model reflects IBM’s strategy to integrate emerging AI technologies into enterprise workflows, accelerating adoption and driving innovation,” said Vershita Srivastava, practice director at Everest Group. “IBM also plans to work closely with local universities and research institutions, offering students and researchers the chance to collaborate on real-world AI projects.” source

AI-driven compliance monitoring and policy execution As global regulations evolve, manual audits and static policies are no longer sufficient for compliance. AI-driven enterprises require real-time governance architectures that dynamically enforce data privacy, access controls and regulatory adherence without manual intervention. A critical component is real-time data flow analysis, which continuously tracks how and where data moves, detecting unauthorized transfers, access violations and policy deviations before they become compliance risks. Unlike traditional audits, this enables instant remediation and proactive enforcement. Contextual risk assessment further strengthens compliance by assigning dynamic risk scores to datasets based on sensitivity, usage and regulatory obligations. High-risk data such as PII and financial records requires stricter access, encryption and retention policies. AI models analyze data interactions, detect anomalies and adjust governance policies in real-time to mitigate risks. Finally, automated policy orchestration ensures governance rules stay aligned with evolving regulations. AI engines can interpret policy changes, assess their impact and enforce necessary modifications across hybrid environments. Achieving adaptive and scalable compliance By combining real-time monitoring, risk-based governance and automated enforcement, enterprises achieve adaptive and scalable compliance, reducing regulatory risks while maintaining operational agility.  As data ecosystems grow more complex and regulatory landscapes evolve, enterprises must move beyond manual governance frameworks toward AI-driven, automated compliance and architectures. Static policies and periodic audits can no longer ensure real-time data security, regulatory adherence and operational agility. Instead, organizations must integrate real-time data lineage tracking, automated risk assessment and AI-driven policy enforcement into their governance strategies. source

either we’re all having the same challenge, or we’ll find some individuals that are a little bit further ahead in their thinking or a little bit further behind. But it’s a great way to actually calibrate, because often, as a CIO, you feel, you can feel a little bit isolated. Yes, I was just thinking that, yeah. And so this is a way to get in front of it and recognize, well, actually, I’m not so bad. I’m doing some pretty good things here compared to my peers. And in other cases, it’s yeah, I maybe need to pick the pace up. I maybe you need to go back to the team and say, Hey, we need to be looking a little bit more in this place, or maybe we need to accelerate here. So I’m a big advocate for staying close to what’s happening within your own industry and your own peers, but also reaching out and going a little broader and middle, maybe a little bit further up in terms of the org structure to get into the minds of how people are operating well, and we, we’ve always noticed that at our various CIO events over the years, you probably, I’m sure you saw that at the CIO 100 event, you get CIOs in a room, and the minute you give everybody five minutes to talk amongst themselves at the tables, the whole room explodes with sound, because everybody has got so much in common, and I’ve always been just personally, I’ve been very impressed with the generosity and the willingness to share and talk openly about problems. It’s I don’t think you find that kind of information exchange, for instance, in a room full of marketing people, you know? I mean, it’s just the competition between different levels, different sea levels is different than it is for CIOs. As you said, I think you’re all working on or solving a lot of the same kind of issues. source

However, unlocking the complete benefits that enterprise AI stands to offer is very difficult without a data mesh in the mix. Data mesh may not be a prerequisite for building AI, but it’s an essential complementary technology for building AI solutions that actually create business value. What is a data mesh? A data mesh is a type of data architecture that enables decentralized ownership of data. Most data mesh works by connecting the various data sources that an organization owns to make them centrally accessible. However, the underlying data sources remain distinct and can therefore be managed in whichever way is most appropriate on a case-by-case basis. Data mesh solves the challenge of forcing all of an organization’s data into a single, inflexible location. When businesses adopt that architecture, they end up with a one-size-fits-all approach to data management — which is a problem because in practice, different business domains or departments typically have different data management needs. source