CIO CIO

Many companies aren’t giving their workers the training or AI tools they need to move beyond basic functionality. source

Silicon Valley kingmakers Meanwhile, the investor lineup reads like a who’s who of Silicon Valley’s kingmakers. Sequoia’s Roelof Botha and “solo GP” Elad Gil represent the kind of money that moves markets and shapes entire industries. Dramatic as it may sound, their funding decisions often preview which technologies will dominate enterprise conversations within two years, making their perspectives essential intelligence for anyone planning technology strategy. The programming extends well beyond AI and public markets. The CEO of Waymo will showcase how autonomous systems are reshaping transportation, while Netflix’s CTO will provide a rare glimpse into the streaming infrastructure that powers global entertainment. Perhaps most intriguingly, Kevin Rose—who founded Digg, sold it, then recently rescued it from corporate ownership—will discuss the art of platform resurrection in an era of constant digital disruption. Disrupt takes place as both TechCrunch and San Francisco reassert their respective primacies — the publication as tech journalism’s defining voice, the city as technology’s undisputed capital. It also promises to be entertaining, as these events always are. source

As artificial intelligence continues its rapid evolution, a new paradigm is emerging, one where autonomous, goal-driven agents operate with increasing independence, adaptability and contextual awareness. These agentic AI systems are not just executing tasks; they are reasoning, planning and orchestrating actions across complex environments. With this shift comes a new challenge: how do we version agentic AI agents? In my previous article, A practical guide to agentic AI deployment, I talked about moving to a software development lifecycle consisting of experiment and build, evaluate and test, adapt, transition to the deployment environment, continue to test, version and repeat. Add to that that, on average, the AI model lifecycle is less than 18 months, so it becomes imperative to create an agent versioning strategy. Traditional software versioning strategies, anchored in static codebases and predictable release cycles, fall short when applied to agentic systems. These agents may learn from experience, update their internal models or even reconfigure their toolchains in response to dynamic goals. Their behavior is shaped not only by code but by memory, context and interaction history. As a result, versioning an agent is no longer just about tracking code changes. It’s about capturing the evolution of behavior, intent and capability. An AI implementation strategy is no longer optional but essential for organizations, and the most critical component of this strategy is a comprehensive approach to agent versioning and rollback capabilities. These systems act as safety nets, allowing organizations to quickly revert to stable versions when new deployments cause unforeseen issues. source

The agentic AI era is here, and it will reshape how businesses operate. The question is: Is your leadership team equipped to handle it? How quickly can you equip your leadership team and workforce with the capabilities to harness their power? This isn’t just about integrating more automation; it’s about leading organizations through a paradigm shift where autonomous AI agents will increasingly define workflows, decision-making and competitive advantage. This necessitates a strategic focus on three core leadership skills, designed not just to future-proof individual careers, but to ensure the enduring resilience, transformation and innovative capacity of your entire enterprise. 1. The “agent architect”: Mastering prompt engineering and strategic oversight The Challenge: In the traditional IT landscape, leadership defines requirements and teams build to spec. In the Agentic Era, the “spec” becomes a high-level goal, and the “build” is largely executed by autonomous agents. Without effective guidance, these agents can stray, underperform or even introduce new risks. source

Endpoints are no longer limited to PCs and laptops. Today, they encompass servers, mobile devices, Internet of Things (IoT) sensors, operational technology machines, and even intelligent workloads powered by Artificial Intelligence (AI) agents. However, each new endpoint introduces new complexities, and the proliferation of IoT devices, remote work, and multitenant infrastructure amplifies that. Traditional antivirus solutions, which rely on signature-based detection, are no match for today’s sophisticated threats. Extended Detection and Response (XDR) platforms have emerged as a response to these challenges, integrating telemetry from endpoints, networks, emails, and identity systems into a unified data lake for comprehensive security management. But adoption remains low; IDC’s Worldwide Endpoint Security Survey found that traditional antivirus/antimalware software and cloud-based endpoint security solutions are still predominantly used globally. Alarmingly, 81% of the financial industry—the most regulated and frequently targeted sector—continues to rely on outdated antivirus solutions. Layered defense: Securing every level Effective endpoint security must go beyond hybrid infrastructure coverage and address granular aspects of security. A standardized, layered approach is essential, encompassing firmware, hardware, operating systems (OS), applications, and supply chain security. Yet, many modern solutions still face limitations. IDC’s survey highlights widespread dissatisfaction among security professionals, with over half expressing concerns about their current endpoint security providers. Trusted Platform Modules (TPMs), encrypted storage, and secure enclaves are pivotal in establishing a hardware root of trust, resisting tampering and theft of cryptographic keys. Complementing this, OS security enforces stringent user permissions, deploys advanced security agents, and mediates access to resources, ensuring adaptive, real-time defenses. Modern threats increasingly target firmware, exploiting its vulnerabilities to bypass Secure Boot, conceal rootkits, and persist across reboots. 58% of respondents believe their firmware security is insufficient, leaving devices exposed for extended periods. Without firmware integrity, higher-level defenses become significantly weakened, granting attackers full system control with minimal detection risk. Supply chain security: Safeguarding every link The software supply chain, which underpins all endpoint components, has become a prime target for attackers. High-profile breaches, such as the SolarWinds hack and the Kaseya compromise, demonstrate how malicious code inserted into vendor software can proliferate across thousands of endpoints. According to IDC, 61% of organizations experienced a third-party data breach in the past year, underscoring the vulnerabilities inherent in extended supply chains. Organizations must implement comprehensive end-to-end controls, including code signing, software bills of materials, vendor security assessments, and continuous monitoring. If the supply chain is insecure, every endpoint built on it is vulnerable. AI protection for an AI landscape AI-driven endpoint security is a game-changer. Neural networks excel at analyzing vast amounts of telemetry data to identify patterns and anomalies that traditional methods might miss. This capability enhances the detection of sophisticated threats, such as zero-day attacks, and automates responses to minimize damage. Modern solutions leverage both on-device and cloud-based AI intelligence. The first offers immediate local defense, operating independently from connectivity to minimize bandwidth usage, enhance scalability, and ensure resilience against network disruptions. The latter provides a broader context, enabling real-time updates and insights derived from global threat intelligence. Combining both ensures continuous protection, even in disconnected or “air-gapped” scenarios. Prioritizing advanced threats Many organizations prioritize combating day-to-day malware and rank advanced threats like zero-day vulnerabilities and supply chain attacks low on priority lists. This misplaced focus leaves organizations exposed to risks that can severely disrupt operations, damage reputations, and result in significant financial losses. Modern endpoint security solutions must address these critical risks and offer multidimensional responses that streamline detection, containment, and remediation. Automated functions, such as isolating infected endpoints, blocking malicious processes, and rolling back changes, reduce reliance on manual intervention, ensuring faster and more efficient threat management. A truly effective security platform transcends the limitations of isolated systems, one that employs advanced analytics and extends across diverse environments. Unified solutions provide complete visibility, consistent controls, and reduced complexity. They consolidate diverse security tools into a single infrastructure, lowering total cost of ownership and accelerating response times. Centralized data lakes serve as the heartbeat of AI analysis, storing and normalizing logs from endpoints, networks, applications, and identity systems. Empowering analysts with AI AI-powered platforms transform security operations by automating routine tasks and providing intuitive interfaces. Analysts can interact with systems using everyday language, eliminating the need for complex query codes. AI also automates reporting, generating executive summaries and daily threat reports, reducing alert fatigue and enabling analysts to focus on genuine threats. To achieve robust endpoint security, organizations must: Secure every layer, from firmware to supply chains Adopt two-fold AI strategies combining on-device and cloud-based intelligence Centralize data for streamlined operations and efficient analysis Embrace automation to boost operational efficiency and accelerate response times Consolidate security tools into a unified infrastructure Focus on solutions that deliver measurable outcomes in compliance, response, and AI security AI-driven endpoint security is not just about risk mitigation, it’s about delivering tangible business value. By transforming every endpoint into a pillar of resilience, organizations can stay ahead of evolving threats, optimize costs, and enhance productivity. Learn more and download the IDC whitepaper “Endpoint Security in the Age of AI”. Wish to connect with the Lenovo ThinkShield team to explore how Lenovo security portfolio can protect your business? Click here. The future of cybersecurity is here. Take the first step toward smarter security today. source

Clorox’s lawsuit cites transcripts of help desk calls as evidence of Cognizant’s negligence, but what if those calls been captured, transcribed, and analyzed to send real-time alerts to Clorox management? Could the problem behavior have been discovered early enough to thwart the breach? Here, generative AI could have a significant impact, as it delivers the capability to capture information from a wide range of communication channels — potentially actions as well via video — and analyze for deviations from what a company has been contracted to deliver. This could deliver near-real-time alerts regarding problematic behavior in a way that could spur a rethinking of the SLA as it is currently practiced.  “This is flipping the whole idea of SLA,” said Kevin Hall, CIO for the Westconsin Credit Union, which has 129,000 members throughout Wisconsin and Minnesota. “You can now have quality of service rather than just performance metrics.” source

In fintech, modernization isn’t just about speed or scale; it’s about orchestrating change within the bounds of regulation. As artificial intelligence (AI) becomes more integrated, compliance is no longer a barrier. It’s becoming a strategic accelerator. This article lays out how AI orchestration, the dynamic coordination of digital systems, data flows and decision-making, can drive modernization in highly regulated industries like lending, banking and capital markets. You’ll walk away with specific architecture insights, process models and leadership strategies that fintech leaders can immediately apply. What is AI orchestration, really? Many organizations equate AI with isolated automation — such as chatbots, dashboards or fraud detection. But orchestration is different. It’s about thesis-applying intelligence at the platform level to manage how systems, rules, workflows and data evolve in real time. source

“You have to continue to learn; you have to keep up to date,” he says, contending that the CIO is best positioned to create a vision of tomorrow for the executive team. “The CIO should be visionary.” He expects his direct reports and others on his IT team to do the same, and he works to cultivate a “really good culture of learners” through formal training and development programs with names such as Summit 2025, Aspire, Ignite, and Ascend. 5. Improve your leadership abilities The amount of change is impacting all jobs, including those in IT — up to and including the CIO role, Pearlson says. So CIOs need to be on top of emerging technology and all the implications that go with them. Otherwise, she says, they could be blindsided and see transformative work move from their office to another. That already happens, she notes, as evidenced by the creation of the chief digital officer, chief transformation officer, and chief AI officer positions. CIOs who want to work on the opportunities that, for example, quantum computing will present — and not lose that work to a new chief quantum officer — need to demonstrate exemplary leadership capabilities now. “We are at another inflection point for the skill set and role of a CIO today,” Pearlson adds. Westerman says many CIOs have work to do here, as they to date have advanced their careers due to their tech talent and not for their management and executive skills. As a result, CIOs often have more work to do to sharpen those skills than others in the C-suite. CIOs have plenty of opportunities to improve — they just have to be intentional, Westerman says, noting that tried-and-true leadership development strategies continue to work. Develop relationships, deliver on promised expectations, seek feedback on how to do better, and then find ways to improve. “CIOs should be asking themselves, ‘Am I getting enough feedback? Am I effective in my environment?’” he adds. Clark sees improving her leadership talents as an ongoing task that takes commitment. “I’m always looking at my own leadership skills. I make sure I get feedback, so I know I’m effective in what I’m trying to achieve. I’m evaluating if I’m an effective peer for my peers. I’m asking, ‘Am I an effective leader? Am I an effective communicator? Am I getting my message out clearly? I’m doing 360s and really taking in the results, because you can’t become a more effective leader if you don’t know what you need to work on,” Clark says. “It’s a journey, and you do it for the rest of your life.” source

Zelle, a peer-to-peer digital money transfer platform, provides ease-of-use that boosts transactions — and fee making — for its partner banks. Is Zelle a direct P&L center? No. But the increases in transactions and fees for its member banks are traceable to Zelle digitalization. How much? Thus far in 2025, Zelle has processed more than $1.92 trillion in transactions, a 20% growth rate year over year, showing the revenue-generating potential of creating digital services for an industry that can use them. Getting to revenue With IT’s long history of a “back office” role, it isn’t easy for CIOs to shift their thinking to revenue generation as an outcome of their digital projects. It is also true that many digital efforts are of a back-office, operational savings nature — but it is equally true that CIOs,CEOs, and other C-level executives have tended to leave a lot on the table by failing to imagine how their digital projects could contribute to corporate revenue. Some years ago as CIO, I lead a digital project that we transformed into a SaaS offering, with other smaller companies agreeing to pay subscription fees for our product and support services. The vision was to expand this project so that more customers could be added, possibly outside of our immediate industry sector — but the CEO preferred at that time to limit our SaaS to a handful of business clients, with a modest goal of breaking even from revenues to cover expenses. source

Overview In our latest CIO ASEAN Leadership Live session, I – Estelle Quek, Editorial Director of CSO ASEAN engaged Violet Chung, Senior Partner at McKinsey, on how artificial intelligence (AI) and generative AI (GenAI) are reshaping the insurance sector across Southeast Asia. Our conversation was structured around key questions that CIOs and senior technology leaders must address to move from experimentation to enterprise transformation. We began by asking what explains Southeast Asia’s relatively low AI maturity scores, despite its digital readiness. Chung pointed to the need for holistic transformation-beyond technology procurement, emphasizing leadership alignment, change management, and scalable enterprise capabilities. As embedded insurance gains traction, we asked how insurers should evolve their business models. Chung highlighted the importance of agile partnerships with non-financial players and the co-creation of customer-centric value propositions. On GenAI, we explored what lessons CIOs can draw from early pilots. Chung cautioned that many initiatives lack integration and measurable ROI. She stressed the importance of infrastructure flexibility, workforce enablement, and a clear roadmap for scaling. I also asked how insurers should approach AI governance, particularly in underwriting and customer-facing applications. Chung advocated for embedding compliance from the design phase, maintaining human oversight, and ensuring data transparency. Finally, we examined the readiness of insurers to scale GenAI amid legacy systems and siloed data. Chung recommended infrastructure-agnostic platforms and agentic architectures, supported by public-private collaboration to close protection gaps and accelerate innovation. Register Now source