Carrie Pallardy, Contributing ReporterMay 29, 20255 Min ReadWilliam Mullins via Alamy StockJohn Deere hired its first CISO in 2014, and James Johnson has remained in that role at the agricultural equipment company to this day. Johnson sat down with InformationWeek to talk about how he got started in his career, why working through a nation state attack was pivotal to his love of security, and how John Deere is building a talent of pipeline in the time of the cybersecurity skills gap.  From Network Engineer to Chief Information Security Officer Johnson started his career as a network engineer at windows and doors company Pella. He loved working in the network space but soon realized that he might grow bored there given enough time.  Derek Benz, a friend of Johnson’s and now CISO of Coca-Cola, suggested looking into security. Johnson went out and got a Certified Information Systems Security Professionalcertification, which helped him land a job as a pen tester at manufacturing and technology company Honeywell.  During his time at Honeywell, the company was hit by Titan Rain, a series of coordinated cyberattacks carried out by a Chinese APT.  James Johnson, CISO“Getting a chance to see how nation states target companies and what they’re capable of doing, I think really made the mission even more important to me at that point,” Johnson shares. “When you do have the nation-state attack early on your career, it’s kind of a game changer … just thinking about the value of the work that you're doing and why it matters.” Related:He spent 11 years at Honeywell, steadily working up the ranks to become a CISO overseeing various divisions within the company. And then, a call came from John Deere.  John Deere’s First CISO That call came at the right time. Johnson had reached a point at Honeywell where his growth would likely be limited for a period of time.  “I was pleasantly surprised by the opportunity,” says Johnson. “I had a great connection to John Deere coming out of Iowa, growing up in the farming community, seeing a lot of that … great brand and an opportunity to really build something that from scratch again.” While building a security program as a first-time CISO is an exciting opportunity, it comes with its challenges. When Johnson arrived, he noticed how trusting the culture was at John Deere. “It’s a great value that John Deere has … they really try to strive to do the right thing with integrity, but that’s not the way the world operates on the digital front,” he says. One of his mentors early on in his tenure at John Deere told him that he was going to have work on shifting the entire company culture as he built his security organization.  Related:And he has made strides. When he first got there, everyone was using relatively simple passwords. Yet, the process to change those passwords was cumbersome and time-consuming.  “Today, MFA is deployed across the company. We have complex passwords,” he says. “We're trying to find ways to use biometrics more.” An Evolving Role His responsibilities in the CISO role have grown over time. When he first joined, he was overseeing IT security and operations. Financial product security, data security and governance; his team have taken on more and more over time.  “We built the program from about 32 people to … 220 people strong now in our organization,” he says.  Johnson has been with John Deere for more than a decade. Not every CISO or CIO sticks with the same company for that long, but Johnson has found that longevity has its benefits. He has built relationships with the board and his C-suite peers “It's pretty hard to get good at something in two or three years,” he explains. “You’re there longer. You’ve got the relationships. You’ve got the ability to influence things and really make a bigger difference.” Today, he is working alongside John Deere’s leadership to navigate the thrilling possibilities and security concerns of AI.  Related:Building a Talent Pipeline While the possibility of a security incident always looms in a CISO’s mind, Johnson is thinking about talent, too. “We will not succeed without the right people in our organization driving the right change,” he says.  John Deere is taking multiple approaches to bringing the right people to his team. First, he looks to other teams for people who are experts and not necessarily in security. He looks for promising talent and asks, “Can I teach that person security?” And the answer to that question in many cases has been “yes.” “We’ve got folks who used to be lead engineers on the product side who now are running our product security department, and they were never interested in security at all,” he says. John Deere also makes use of cyber talent through its bug bounty program, which has paid out more than million since 2022.  Having been a pen tester, Johnson knows how frustrating it can be for someone to discover a vulnerability only for a company to do nothing to fix it. “We have service-level agreements to get certain vulnerabilities that are critical, high, medium, low, fixed within a certain period of time, and in most cases, we beat those numbers,” he says.  John Deere also works with Iowa State University to cultivate talent. “We put some services on campus, part of their tech center, that are services you probably would never get a chance to really work with or learn in college,” says Johnson.  He knows it would be difficult to find cloud security experts, for example, so they are helping develop those experts at Iowa State. “We’ve built a pipeline of talent out of Iowa State University because they know our brand,” says Johnson.  About the AuthorCarrie PallardyContributing ReporterCarrie Pallardy is a freelance writer and editor living in Chicago. She writes and edits in a variety of industries including cybersecurity, healthcare, and personal finance.See more from Carrie PallardyWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #john #deeres #ciso #always #thinking

John Edwards, Technology Journalist & AuthorMay 27, 20254 Min ReadSharon Mandell, CIO of Juniper NetworksSharon Mandell, chief information officer of Juniper Networks, has held various CIO and CTO roles over the past 25 years, each building upon her previous experience and matching her current life phase. In her current role, Mandell is in charge of IT strategy and implementation for an enterprise that offers high-performance networking and cybersecurity products to service providers, businesses, and public sector organizations. In a recent email interview, Mandell discussed the options available for CIOs looking to further advance their careers. What should be the next logical career step for a current CIO? That really depends on the individual CIO, their time in the role, the scope of their responsibilities, the scale of the companies they've worked for, and most importantly, their personal interests and aspirations. The next step could be another CIO role at a larger company in the same industry, or a shift to a different industry -- smaller, same-sized, or even larger -- if the challenge is compelling. It could be a smaller organization with a mission or opportunity that you’ve always wanted to take on. Some CIOs take on adjacent or additional functions -- customer support, engineering, marketing, HR. I haven't yet seen a CIO move into CFO or chief counsel, but with the right background, it's not out of the question. Related:You could step into a COO or even CEO role. Somemove into venture capital or advisory roles. There's no single "right" next step -- it's about what makes sense for your unique path and purpose. When is the best time to make a career move? When you feel like you're no longer having a significant impact or adding meaningful value in your current role. I've often felt taking on new roles can feel like being thrown into the deep end of the pool -- completely overwhelmed at first, but eventually you develop a vision and begin driving change. When those changes start to feel incremental instead of transformative, it may be time to move on. Sometimes, opportunities show up when you're not actively looking -- something that fills a gap in your background, stretches you in a big way, or offers a challenge you’ve always wanted to take on. Even if you're happy where you are -- not that the CIO role is ever truly comfortable -- you’ve got to be open to those moments. When is the best time to stay in place? I don't like leaving a role when I've taken a risk on a project, a technology, or a transformation and haven't yet seen it through to a solid or stable outcome. Related:I also don't want to leave a leadership team holding the bag, especially if I've been pushing them outside their comfort zones. I want my peers to understand why I've made certain decisions, and that usually means staying long enough to deliver real results. That said, sometimes opportunities won't wait. You’ll have to weigh whether staying to finish something or making a move offers more long-term value. At the end of the day, I want the people I leave behind to want to work with me again should the right opportunity arise. What's the biggest mistake CIOs make when planning a career move? Chasing title, prestige, or compensation as the sole driver of the decision, or assuming that "bigger" is always better. At the end of the day, what matters most is the people you surround yourself with, the impact you're able to make, and what you learn along the way. The right role should stretch you, challenge you, and allow you to contribute meaningfully to the organization's success. That’s what makes a career move truly worth it. Is there anything else you would like to add? I’ve never been someone who obsessively mapped out a career trajectory. I've made decisions based on what felt right for my life at the time. There were points when I took smaller roles because they gave me the balance I needed as a single mom. I passed on big opportunities because I didn't want to relocate. I've moved back and forth between CIO and CTO roles more than once. Related:The common thread has been this: I look for roles that challenge me, expand my perspective, and give me big new experiences to grow from -- even if I know they won't be easy or fun. Those are the ones that build grit, resilience, and passion. The money, title, and scope tend to follow if you execute well. I may not end up with the biggest job or the highest salary, but I’ve had one heck of a ride, and that’s what makes it all worth it.  about:Network ComputingAbout the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #juniper #networks #cio #analyzes #career

Enterprises today face a critical imperative. Artificial intelligence is not just a technological evolution; it is a strategic driver of business transformation. AI is reshaping competitive advantage, redefining business models, and unlocking new revenue streams. Yet, many organizations continue to treat AI as a technical add-on, rather than a core business capability. According to a 2023 McKinsey report, organizations that integrate AI across their operations are 1.5 times more likely to experience double-digit revenue growth.  For CIOs and enterprise architects, AI is no longer an IT issue -- it’s a boardroom priority. AI’s role extends far beyond driving efficiencies in operational processes. It is the key to unlocking agility, reshaping decision-making, and transforming business models. CIOs must lead the charge in embedding AI as a strategic enabler, aligning technology with the enterprise’s broader objectives to drive sustainable growth. The Strategic Impact of AI: Drive Business Outcomes Many companies are on the verge of digital transformation to modernize their IT landscapes, yet AI is often viewed as a mere innovation metric, added to enhance existing systems. AI should be embedded when designing core business processes to align business architecture with IT architecture. Related:AI’s true potential lies in its ability to drive enterprise-wide agility, transform decision-making, and accelerate business outcomes. AI empowers leadership teams by providing real-time, data-driven insights that enable smarter, faster decisions. CIOs and enterprise architects must work together to ensure that AI adoption is seamless and strategically integrated, avoiding the temptation of tactical, short-term solutions that fail to scale.  The CIO Playbook: Leading AI-Driven Transformation To harness AI’s full potential, CIOs need a structured roadmap for its integration into the business. Here’s a playbook for AI-first enterprise transformation: Establish a clear AI vision aligned with business goals.  AI should not be siloed within the IT department; it must be part of a broader strategic vision. CIOs should collaborate closely with the C-suite to align AI initiatives with the organization’s core objectives-whether that’s driving customer engagement, enhancing operational efficiency, or unlocking new revenue streams. Invest in enterprise-wide AI integration.  AI must be embedded across all facets of the organization: business, technology, data and applications. This requires a holistic approach to AI architecture, integrating AI at all levels to ensure scalability and flexibility as the business evolves. Related:Leadership Imperative: Govern AI for Long-Term Success As AI continues to evolve, CIOs must play a critical role in shaping AI governance to ensure long-term business success. This includes managing risk, ensuring ethical use, and embedding AI into the enterprise’s culture. For CIOs, AI governance is more than compliance; it’s about creating a framework that promotes innovation while safeguarding the organization’s values and business priorities. The Road Ahead For CIOs and enterprise architects, the question is no longer if they should adopt AI, but how to embed it at the heart of enterprise transformation. AI-first organizations -- those that embrace AI as a core driver of business change -- are outpacing competitors in digital transformation maturity.  AI has the power to redefine leadership decision-making, enhance operational performance, and fuel new business models. But to reap the full benefits, CIOs must lead with vision, govern strategically, and integrate AI seamlessly into the organization’s DNA. Those who do will position their enterprises for long-term, sustainable growth.  #futureproofing #enterprise #transformation #cios #guide

John Edwards, Technology Journalist & AuthorMay 26, 20255 Min ReadLuis Moreira via Alamy Stock PhotoStructured data, such as names and phone numbers, fits neatly into rows and columns. Unstructured data, however, has no fixed scheme, and may have a highly complex format such as audio files or web pages. Unfortunately, there's no single best way to effectively manage unstructured data. On the bright side, there are several approaches that can be used to successfully tackle this critical, yet persistently elusive challenge. Here are five tested ways to achieve effective unstructured data management from experts who participated in online interviews. Tip 1. Use AI-powered vector databases combined with retrieval-augmented generation "One of the most effective methods I've seen is using AI-powered vector databases combined with retrieval augmented generation," says Anbang Xu, founder of AI video generator firm Jogg.AI. A former senior software engineer at Google, Xu suggests that instead of forcing unstructured data into rigid schemas, using vector databases will allow enterprises to store and retrieve data based on contextual meaning rather than exact keyword matches. "This is especially powerful for text, audio, video, and image data, where traditional search methods fall short," he notes.  For example, Xu says, organizations using AI-powered embeddings can organize and query vast amounts of unstructured data by meaning rather than syntax. "This is what powers advanced AI applications like intelligent search, chatbots, and recommendation systems," he explains. "At Jogg.AI, we’ve seen first-hand how AI-driven indexing and retrieval make it significantly easier to turn raw, unstructured data into actionable insights." Related:Tip 2. Take a schema-on-read approach Another innovative approach to managing unstructured data is schema-on-read. "Unlike traditional databases, which define the schema -- the data's structure -- before it's stored, schema-on-read defers this process until the data is actually read or queried," says Kamal Hathi, senior vice president and general manager of machine-generated data monitoring and analysis software firm at Splunk, a Cisco company. This approach is particularly effective for unstructured and semi-structured data, where the schema is not predefined or rigid, Hathi says. "Traditional databases require a predefined schema, which makes working with unstructured data challenging and less flexible." The key advantage of schema-on-read is that it enables users to work with raw data without needing to apply traditional extract-transform-loadprocesses, Hathi states. "This, in turn, allows for working with the diversity typically seen in machine-generated data, such as system and application telemetry logs." Related:Tip 3. Look to the cloud Manage unstructured data by integrating it with structured data in a cloud environment using metadata tagging and AI-driven classifications, suggests Cam Ogden, a senior vice president at data integrity firm Precisely. "Traditionally, structured data -- like customer databases or financial records -- reside in well-organized systems such as relational databases or data warehouses," he says. However, to fully leverage all of their data, organizations need to break down the silos that separate structured data from other forms of data, including unstructured data such as text, images, or log files. This is where the cloud comes into play. Integrating structured and unstructured data in the cloud allows for more comprehensive analytics, enabling organizations to extract deeper insights from previously siloed information, Ogden says. AI-powered tools can classify and enrich both structured and unstructured data, making it easier to discover, analyze, and govern in a central platform, he notes. "The cloud offers the scalability and flexibility required to handle large volumes of data while supporting dynamic analytics workloads." Additionally, cloud platforms offer advanced data governance capabilities, ensuring that both structured and unstructured data remain secure, compliant, and aligned with business objectives. "This approach not only optimizes data management but also positions organizations to make more informed and effective data-driven decisions in real-time." Related:Tip 4. Use AI-powered classification and indexing One of the best ways to get a grip on unstructured data is to use AI-powered classification and indexing, says Adhiran Thirmal, a senior solutions engineer at cybersecurity firm Security Compass. "With machine learningand natural language processing, you can automatically sort, tag, and organize data based on its content and context," he explains. "Pairing this approach with a scalable data storage system, like a data lake or object storage, makes it easier to find and use information when you need it." AI takes the manual work out of organizing data, Thirmal says. "No more wasting time digging through files or struggling to keep things in order," he states. "AI can quickly surface the information you need, reducing human error and improving efficiency. It's also excellent for compliance, ensuring sensitive data -- like personal or financial information -- is properly handled and protected." Tip 5. Create a unified, sovereign data platform An innovative approach to managing unstructured data goes beyond outdated data lake methods, says Benjamin Anderson, senior vice president of technology at database services provider EnterpriseDB. A unified, sovereign data platform integrates unstructured, semi-structured, and structured data in a single system, eliminating the need for separate solutions. "This approach delivers quality-of-service features previously available only for structured data," he explains. "With a hybrid control plane, organizations can centrally manage their data across multiple environments, including various cloud platforms and on-premises infrastructure." When it comes to managing diverse forms of data, whether structured, unstructured, or semi-structured, the traditional approach required multiple databases and storage solutions, adding operational complexity, cost, and compliance risk, Anderson notes. "Consolidating structured and unstructured data into a single multi-model data platform will help accelerate transactional, analytical, and AI workloads." About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #unstructured #data #management #tips

An AI integration modifies a business process and how employees work, but it also requires an integration with IT infrastructure and systems. This is where some of IT’s most technically savvy staff will be working, and they will want to discuss technology integration approaches and ideas. Most CIOs aren’t software engineers, but they are responsible for having a working knowledge of all things IT so they can hold meaningful dialogues with their most technical employees to assist in defining technology direction. What do CIOs need to know about the technical side of AI integration? 1. AI technical integration is about embedding AI in systems and workflows The assumption here is that by the time your staff is getting into technical design and tooling decisions, that the business case and application for AI have already been decided. Now the task is deciding how to effect a technical embedding and integration of the AI into the IT infrastructure and applications that will support the business process. 2. Modeling is first and foremost AI systems are built around models that utilize data stores, algorithms for query, and machine learning that expands the AI’s body of knowledge as the AI recognizes common logic patterns in data and assimilates knowledge from them. There are many different AI models to choose from. In most cases, companies use predefined AI models from vendors and then expand on them. In other cases, companies elect to build their own models “from scratch.”  Related:Building from scratch usually means that the organization has an on-board data science group with expertise in AI model building. Common AI model frameworks, provide the software resources and tools. These AI model-building technologies are not familiar to most IT staffs. The technologies use data graphs to build dataflows and structures that define how the data will move through the graph. Operational flows for the logic that operates on data must be defined. The model-building software also provides for algorithm development, model training, business rule definitions, and the machine learning that the model executes on its own as it “learns” from the data it ingests. IT might not know this stuff, but it can’t afford to ignore it. IT and CIOs need at least a working knowledge of how these opensource model building technologies work, because inevitably, these models must interface with IT infrastructure and data.  3. IT Infrastructure comes next Related:How to integrate an AI system with existing IT infrastructure is where CIOs can expect significant dialogue with their technical staffs. The AI has to be integrated seamlessly with the top to bottom tech stack if it is going to work. This means discussing how and where data from the AI will be stored, with SQL and noSQL databases being the early favorites. Middleware that enables the AI to interoperate with other IT systems must be interfaced with. Most AI models are open source, which can simplify integration --  but integration still requires using middleware APIslike REST, which integrates the AI system with Internet-based resources; or GraphQLwhich facilitates the integration of data from multiple sources. It’s IT that decides how to deploy the optimal data stores, infrastructure storage and connectors needed to support the AI, and there are likely to be different optionsfor deployment. This is where the CIO needs to dialogue with technical staff. 4. Data quality The AI group will rely on IT to provide quality data for the AI. This is accomplished in two ways: 1) by ensuring that all data incoming into the AI data repository is “clean”, and it is accurate and it is able to interact with other data in the AI data repository; and the data is secure. Whether it is working with outside vendors, vetting vendors for clean, secure data and periodically auditing them; or defining the data transformations and security technology and operations that must be put in place internally, it is all IT’s responsibility. The CIO will need to dialogue on technical levels with vendors, and with the IT database, storage, security, systems, applications and networking groups. Related:5. AI security The datain and to AI must be secure at all times. To arrive at this point, security must be enacted on multiple levels, and it will entail technical discussions and decision making to get there.  First and foremost is data security. Much of this has already been discussed under data quality, and it will involve most IT departmental teams. Second is user access authorities and activity monitoring. Who gets access to what, and how will you monitor user activities? The users can define their own authorization lists and IT can implement these -- but complication occurs when it comes to monitoring user activities. If for example, the user activities occur only with onsite data repositories, sites can use a technology like IAM, which gives IT granular visibility of every user activity. However, if cloud-based access is involved, IAM won’t be able to monitor this activity at any level of detail. It might become necessary to use CIEMsoftware instead to gain granular observation of user activity in the cloud. Then there are “umbrella” technologies like IGAthat can serve as an over-arching framework for both IAM and CIEM.  The IT security groupmust decide which strategy to adopt for comprehensive protection of AI. Finally, there are malware threats that are unique to AI. Yes, you can use standard malware detection to ward off attacks from bad actors on AI data, just as you would on standard data and applications -- but the plot thickens from there. For example, there are malware injections into AI systems that can inject inaccurate data or change the labels and features of data. These skew the results derived from that data and result in erroneous recommendations and decisions. The practice is known as “data poisoning.”  IT is expected to come up with a data validation technique for incoming data that can detect possible poisoning attempts and stop them. This could involve data sanitization technologies, or data source verifications, and it is possible that inserting these technologies could slow down data transport. The technical staff needs to weigh these options, and CIOs should insert themselves into the discussions. The Bottom Line The bottom line is clear: CIOs must be able to dialogue and participate in decisions at multiple AI levels: the strategic, the operational and the technical. Even if companies have dedicated data science groups, both data scientists and users will ultimately wend their way to IT, which still must make the whole thing happen. CIOs can help both their staffs and their companies if they develop a working knowledge of how AI works, in addition to understanding the strategic and operational aspects of AI -- because companies, employees and business partners all need to hear the CIO’s voice.  #what #cios #need #know #about

In February 2024, CNN reported, “A finance worker at a multinational firm was tricked into paying out million to fraudsters using deepfake technology to pose as the company’s chief financial officer in a video conference call.” In Europe, a second firm experienced a multimillion-dollar fraud when a deepfake emulated a board member in a video allegedly approving a fraudulent transfer of funds. “Banks and financial institutions are particularly at risk,” said The Hack Academy. “A study by Deloitte found that over 50% of senior executives expect deepfake scams to target their organizations soon. These attacks can undermine trust and lead to significant financial loss.”  Hack Academy went on to say that AI-inspired security attacks weren’t confined to deepfakes. These attacks were also beginning to occur with increased regularity in the form of corporate espionage and misinformation campaigns. AI brings new, more dangerous tactics to traditional security attack methods like phishing, social engineering and the insertion of malware into systems. For CIOs, enterprise AI system developers, data scientists and IT network professionals, AI changes the rules and the tactics for security, given AI’s limitless potential for both good and bad. This is forcing a reset in how IT thinks about security against malicious actors and intruders. Related:How Bad Actors are Exploiting AI What exactly is IT up against? The AI tools that are available on the dark web and in public cyber marketplaces give security perpetrators a wide choice of AI weaponry. Also, IoT and edge networks now present much broader enterprise attack surfaces. Security threats can come in videos, phone calls, social media sites, corporate systems and networks, vendor clouds, IoT devices, network end points, and virtually any entry point into a corporate IT environment that electronic communications can penetrate. Here are some of the current AI-embellished security attacks that companies are seeing: Convincing deepfake videos of corporate executives and stakeholders that are intended to dupe companies in pursuing certain actions or transferring certain assets or funds. This deep faking also extends to voice simulations of key personnel that are left as voicemails in corporate phone systems.  Phishing and spearfishing attacks that send convincing emailsto employees, who mistakenly open them because they think the sender is their boss, the CEO or someone else they perceive as trusted. AI supercharges these attacks because it can automate and send out a large volume of emails that hit many employee email accounts. That AI continues to “learn” with the help of machine learning so it can discover new trusted sender candidates for future attacks.   Related:Adaptive messaging that uses generative AI to craft messages to users that correct grammar and that “learn” from corporate communication styles so they can more closely emulate corporate communications that make them seem legitimate. Mutating code that uses AI to change malware signatures on the fly so antivirus detection mechanisms can be evaded. Data poisoning that occurs when a corporate or cloud provider’s AI data repository is injected by malware that altersso the data produces erroneous and misleading results.  Fighting Back With Tech To combat these supercharged AI-based security threats, IT has number of tools, techniques and strategies it can consider. Fighting deepfakes. Deepfakes can come in the form of videos, voicemails and photos. Since deepfakes are unstructured data objects that can’t be parsed in their native forms like real data, there are new tools on the market that can convert these objects into graphical representations that can be analyzed to evaluate whether there is something in an object that should or shouldn’t be there. The goal is to confirm authenticity.  Related:Fighting phishing and spear phishing. A combination of policy and practice works best to combat phishing and spear phishing attacks. Both types of attacks are predicated on users being tricked into opening an email attachment that they believe is from a trusted sender, so the first line of defense is educatingusers on how to handle their email. For instance, a user should notify IT if they receive an email that seems unusual or unexpected, and they should never open it. IT should also review its current security tools. Is it still using older security monitoring software that doesn’t include more modern technologies like observability, which can check for security intrusions or malware at more atomic levels?  Is IT still using IAMsoftware to track user identities and activities at a top level in the cloud and on top and atomic levels on premises, or has it also added cloud identity entitlements management, which gives it an atomic level view of  user accesses and activities in the cloud? Better yet, has IT moved to identity governance administration, which can serve as an over-arching umbrella for IAM and CIEM plugins, plus provide detailed audit reports and automated compliance across all platforms? Fighting embedded malware code. Malware can lie dormant in systems for months, giving a bad actor the option to activate it whenever the timing is right. It’s all the more reason for IT to augment its security staff with new skillsets, such as that of the “threat hunter,” whose job is to examine networks, data and systems on a daily basis, hunting down malware that might be lurking within, and destroying it before it activates. Fighting with zero-trust networks. Internet of Thingsdevices come into companies with little or no security because IoT suppliers don’t pay much attention to it and there is a general expectation that corporate IT will configure devices to the appropriate security settings. The problem is, IT often forgets to do this. There are also times when users purchase their own IoT gear, and IT doesn’t know about it. Zero-trust networks help manage this, because they detect and report on everything that is added, subtracted or modified on the network. This gives IT visibility into new, potential security breach points. A second step is to formalize IT procedures for IoT devices so that no IoT device is deployed without the device’s security first being set to corporate standards.  Fighting AI data poisoning. AI models, systems and data should be continuously monitored for accuracy. As soon as they show lowered levels of accuracy or produce unusual conclusions, the data repository, inflows and outflows should be examined for quality and non-bias of data. If contamination is found, the system should be taken down, the data sanitized, and the sources of the contamination traced, tracked and disabled. Fighting AI with AI. Most every security tool on the market today contains AI functionality to detect anomalies, abnormal data patterns and user activities. Additionally, forensics AI can dissect a security breach that does occur, isolating how it happened, where it originated from and what caused it. Since most sites don’t have on-staff forensics experts, IT will have to train staff in forensics skills. Fighting with regular audits and vulnerability testing. Minimally, IT vulnerability testing should be performed on a quarterly basis, and full security audits on an annual basis. If sites use cloud providers, they should request each provider’s latest security audit for review. An outside auditor can also help sites prepare for future AI-driven security threats, because auditors stay on top of the industry, visit many different companies, and see many different situations. An advanced knowledge of threats that loom in the future helps sites prepare for new battles. Summary AI technology is moving faster than legal rulings and regulations. This leaves most IT departments “on their own” to develop security defenses against bad actors who use AI against them.  The good news is that IT already has insights into how bad actors intend to use AI, and there are tools on the market that can help defensive efforts. What’s been missing is a proactive and aggressive battle plan from IT. That has to start now.  #let #security #war #games #begin

Snehal Antani has been tinkering with technology since childhood. His father, an electrical engineer, would give him broken devices and task him with fixing them.  He moved into computer science as an undergraduate, eventually earning his master's degree. He then worked for IBM and eventually served as CIO for GE Capital and CTO for Splunk. In 2018, he joined Joint Special Operations Command, a division of the United States Special Operations Command, as CTO. He started Horizon3.ai, an AI pen testing company, with JSOC colleague Anthony Pillitiere in 2019. Here, he describes his unusual career path and how he deploys the skills he learned along the way to facilitate innovation. Can you tell me about your early tech education? When I went to undergrad at Purdue, I knew I was going to do computer science. What I love about computer science is that it’s horizontal -- so I can apply that to any vertical that I'm interested in. I was interested in stock trading while I was an undergrad, so I was able to write code to learn how to trade stocks. The software programming and systems architecture skills that I picked up could be applied to solve any job. What did the early portion of your career teach you?I optimized for learning. I used to sit in the hallway in front of my team lead’s office at IBM. He couldn't see me, but I could see his whiteboard. I would try to understand something he had explained to me. I was too afraid to go in and ask for more information, so I would literally sit on the floor and just stare at it, trying to make sure I understood it in detail.  Related:I wanted to be an expert in distributed systems and enterprise software. The first few jobs I took were all about learning as much as I could in that domain.  I was an awful speaker. I forced myself to become a better communicator. I then moved over to learn how to launch products in product management. I was an awful product manager the first year. But there was no way I was going to get better except by throwing myself into that arena and trying to figure it out.  In 2012 I got recruited to be a CIO at GE Capital. I had never managed anyone before. GE made a bet on me. I learned a lot and I was able to impact the organization as well. Having a solid technical foundation and being able to communicate well were probably the two most important skills I developed early in my career. Can you describe a scenario in which you felt out of your depth? When I was in IBM, there was a customer in Germany struggling with their tech. Their banking system kept crashing. Steve Mills, who was a legendary senior vice president, sent out a message that said, "This customer is struggling. No one can figure out what's wrong. Who here knows how to fix this problem?" I was a nobody at IBM. I replied directly to Mills and said, "I think I can fix this problem. Send me." Related:Once it got there, they were explaining their problem. I had no idea what they were talking about. All I could think was, "I’m going to get fired. I just embarrassed myself and my company." Suddenly, everything in my brain clicked: every single aspect of enterprise software technology, operating systems, distributed systems. We ended up solving the problem about 90 minutes later.  How has life in the C-suite changed for tech folks? I remember going into meetings at GE Capital. People thought I was there to manage the projector. Some of those teams struggled to understand the role technology played in creating a competitive edge. GE had just come off gutting and outsourcing the bulk of their technology DNA. Throughout the 2000s it didn’t seem that there was a belief that technology was a competitive advantage. I think there was a realization that they had gone too far. They started to try to bring in more technical talent. In the mid 2000s through 2015, tech was a back-office function. I believe that’s shifted dramatically, especially now when you think about AI and the advantage you can create using technology. There are certainly CIOs in my network who still view themselves as a back-office function. They don’t want to learn the business. But I believe that type of CIO is in the minority now. Related:Why did you join Joint Special Operations Command in 2018? I was 21 when 9/11 happened. I remember this feeling of both helplessness and the desire to do something about it. Was there a multiplier way to affect change -- one calorie in causing 10 calories of impact? There wasn’t an obvious way for me to do that. I remember in 2014 watching the rise of ISIS. The desire to make a difference came back at a much more intense level. The Special Operations community had invited me to do some planning sessions with them. How could they increase the velocity of innovation in order to keep up with the adversary?  Terrorist organizations were able to use off the shelf technology -- open-source software, cloud computing, drones -- to innovate lethal capabilities that were otherwise only available to armies. And so, the question was, how do we accelerate the innovation velocity? A lot of that experience was drawn from my time at GE Capital. I was able to join as the first ever CTO. For me, it was about purpose and impact. There’s no clearer mission than looking at human beings putting themselves in danger to help others. Anything that we could do using technology to reduce risk to them was an incredible opportunity. How did you come to found Horizon3.ai? I met Tony, my co-founder, at JSOC. We saw a challenge: We have no idea we’re secure until the bad guys show up. Are we fixing the right vulnerabilities? Are security tools actually working? We wanted to find a way to build an autonomous system that allows you to hack yourself as often as you want. Fiercely prioritizing problems that mattered was the first thing that we were able to do because our autonomous agent was able to hack organizations, tell you exactly how it hacked them, and then tell you exactly what to fix and how to fix it. Once you fix it, you can run a retest to verify that you're good to go. Find, fix, verify is the primary experience within the product.  #horizon3ai #cofounder #talks #transition #cto

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.The CIO's Playbook for IT Automation in 2025The CIO's Playbook for IT Automation in 2025This session highlights a practical, step-by-step approach to achieving automation success and hazards to avoid.Brandon Taylor, Digital Editorial Program ManagerMay 22, 20255 Min ViewWith digital transformations everywhere all at once, the importance of automation for IT teams shouldn't come as a surprise. Determining which processes to automate first and which tools to deploy are equally as important, but so are the obstacles that will waste money and slow deployment down. In this archived keynote session, Sidney Madison Prescott, director of innovation, artificial intelligence at NRI, explores a practical, step-by-step approach to achieving automation success. This segment was part of our live webinar titled, “Perfecting IT Automation in 2025: A Roadmap for CIOs.” The event was presented by InformationWeek on April 17, 2025.Watch the archived “Perfecting IT Automation in 2025: A Roadmap for CIOs” live webinar on-demand today.About the AuthorBrandon TaylorDigital Editorial Program ManagerBrandon Taylor enables successful delivery of sponsored content programs across Enterprise IT media brands: Data Center Knowledge, InformationWeek, ITPro Today and Network Computing.See more from Brandon TaylorWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #cio039s #playbook #automation

Sandeep Kashyap, CEO, ProofHubMay 21, 20254 Min ReadEugene Sergeev via Alamy StockIt’s normal to feel nervous when you have to make big decisions at work. After all, you never know how things will turn out. Fortunately, decision-making frameworks can help lessen those nerves and boost your confidence. They bring structure and clarity by bringing practical, proven methods that turn chaos into clarity.  For IT leaders, these frameworks support critical thinking, confident action, and smarter choices -- even under pressure. Most importantly, they help you cut through the noise and ensure every decision stays aligned with your long-term business goals. This blog post will walk you through the five frameworks for effective decision-making that can help IT leaders make more informed decisions. Each one is designed to help you simplify complexity and lead with greater impact.  Importance of Decision-Making FrameworksDecision-making frameworks bring consistency and logic to the decision-making process. They help you break things down and focus on the essentials. Here are the benefits of using these frameworks. Make your objectives clear: Structured decision-making frameworks help you cut through the noise and focus on what matters most, ensuring every decision aligns with your objectives.  Bring teams together: The frameworks allow you to involve the right people and ensure everyone is on the same page. Related:Avoid costly mistakes: IT decisions often involve significant investments, such as new software and infrastructure upgrades. The framework helps you assess potential risk upfront and make deliberate choices.  5 Decision-Making Frameworks Every Leader Should KnowA decision-making framework provides clarity and consistency to make better decisions. Here are five frameworks that can sharpen your thinking and strengthen your leadership. 1. RAPID RAPID is a decision-making framework that helps clarify who is responsible for what when multiple stakeholders are involved.  Each letter in RAPID represents a key role in the decision-making process:  Recommend: The person in this role leads the effort by gathering data, analyzing options, and proposing a well-informed recommendation. Agree: These stakeholders have to work closely with the recommender to shape the best possible decision.  Perform: This is the individual or team responsible for executing the decision once it's made. Input: These contributors offer valuable insights, expertise, or context that inform the recommendation.  Decide: The final authority that makes the call and commits the organization to move forward. This role carries accountability for the outcome. Related:2. SPADE The SPADE framework breaks down each step of the structured decision-making process so that you can reach an informed and critical conclusion. It’s especially helpful when decisions involve multiple teams, limited time, and high visibility.  Each letter in SPADE represents a crucial phase in the decision-making process: Setting: Define the decision’s scope, goal, and constraints.  People: Identify and engage relevant stakeholders such as decision-makers, influencers, and executors. Alternatives: Generate options related to the decision based on criteria like cost, security, and scalability.  Decide: Evaluate all options and select the best course of action. You can avoid negative consequences and bias through objective methods like private voting. Explain: Clearly document and explain the rationale behind a decision to ensure alignment across teams and maintain accountability for outcomes. 3. OODA loop The OODA loop is a four-step approach to decision-making that focuses on filtering available information, putting it in context, and quickly making the most appropriate decision.  Related:The word OODA stands for:  Observe: Monitor system performance, team dynamics, and industry trends to gather relevant and timely data. Orient: Analyze the information you have collected to understand the context, challenges, and opportunities. Decide: Based on your analysis, choose the most effective course of action. Act: Implement the decision quickly and efficiently. Once action is taken, the loop restarts—each decision and outcome creates new conditions to observe and evaluate. 4. Eisenhower MatrixThe Eisenhower Matrix is a task prioritization technique that helps make decisions related to tasks. It helps you organize tasks into four quadrants, based on the urgency and importance, and suggests appropriate action for tasks in each quadrant. It ensures that essential tasks are completed first, contributing to the success of projects and goals.  Here is what the Eisenhower matrix includes:  QuadrantDescription Action DoImportant and urgent Handle these immediately ScheduleImportant but not urgent Schedule these for later DelegateUrgent but not important Assign these to others if possible DeleteNeither urgent nor important Consider removing these altogether 5. Decision TreeA decision tree is a graphical representation that helps IT leaders map out the possible outcomes of different decisions. It helps leaders assess risks, rewards, and the potential consequences of each choice before committing to a path. Decision trees are most useful in complex decision-making processes where multiple scenarios are involved. ConclusionIT leaders deal with tough decisions every day. Which project should be prioritized? Should we adopt new tools or improve the existing ones? Who should get what tasks? To handle these challenges, leaders can use frameworks for effective decision-making like RAPID, SPADE, OODA, Eisenhower Matrix, and decision trees. These tools help bring structure and clarity to tough decisions, making it easier to move forward with confidence in a fast-changing business world. About the AuthorSandeep KashyapCEO, ProofHubSandeep Kashyap, the visionary CEO of ProofHub, boasts over 25 years of IT industry experience. He's a recognized luminary known for innovation and agility. His contributions extend to project management insights and leadership, growth and entrepreneurship. His practical expertise is evident in ProofHub's success. Recognized as Top Leadership Voice on Linkedin, Sandeep’s contributions provide invaluable insight for leaders and professionals seeking to create thriving workplaces.See more from Sandeep KashyapWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #top #decisionmaking #frameworks #effective #leadership

Carrie Pallardy, Contributing ReporterMay 21, 20258 Min Readrudi1976 via Alamy StockNick Lucius has spent his entire career in government service. He has put his skills as an attorney and data scientist to work in several roles with the City of Chicago. Last year, he was confirmed as the city’s CIO, heading up the newly formed Department of Technology and Innovation.  “I’m proud of what we're doing in Chicago … saving significant amounts of money by being more efficient,” Lucius tells InformationWeek. “We’ve saved million already in 2025, which is a significant part of our budget. Butso without a reduction in the delivery of services to humans.”  He talks about how he built his career and how he is aiming to increase both efficiency and access to services for Chicagoans.  Law and Computer Science Lucius plays guitar and piano. His early career ambitions focused on music but shifted to politics and government. During his undergraduate years at Ohio State University, he worked for the Ohio Statehouse.  “I was just really interested in the power of the justice system and how just how much having an advocate can really make a difference in that,” Lucius shares.  That interest led him to law school. He attended DePaul University, a choice that was driven by its location. “Chicago, I chose for the city. I absolutely love the city,” he recalls.  Related:Lucius earned joint degrees in law and computer science. His original intention was to pursue patent law with an interest in technology issues.  Nick LuciusWhile his career took a different path, his skills in computer science and law have served him well. “If I learned anything in the law, it was that having someone articulating as an advocate on behalf of a cause can do so much to move us toward progress,” he says.Armed with the ability to shape a narrative and champion a cause, Lucius has seen how technology can breathe life into those visions.  “On the technology side, I can then build and say, ‘OK, now we’re going to implement a system ... We’re going to create something. We’re going to put something out there that wasn’t out there before to move this cause forward,’” he says.  A Career in Government Lucius had those plans for patent law, but he graduated around the time of the Great Recession that began in 2007. Law firms weren’t hiring. But, as it turns out, the City of Chicago was. He got his start as assistant corporation counsel in the city’s Department of Law, focusing on foreclosures and abandoned buildings. “As soon as I started doing that, I forgot about everything I went to school for, and I spent about 10 years in litigation trying to help out the people of Chicago,” he says.  Related:After all those years of litigation, Lucius’s interest in technology began to resurface. “I also noticed that in my legal cases I had to do a lot of digging into city data systems and city technology systems in order to get my evidence,” he recalls.  He saw how modernizing city systems and connecting those systems across departments could make a big difference in the lives of residents. That spark got him back to his technology roots. He started taking on community projects and volunteer coding classes to hone his skills.  That reinvigorated interest in technology lead to roles as a data scientist with the city and then chief data officer and CTO with the office of the mayor.  Spearheading a New Department As Lucius moved through each of these roles and now in his position as CIO, he increasingly took on leadership responsibilities.  “I’m a builder by nature. And so I always love to roll up my sleeves and get into a problem,” says Lucius. “I find myself in the role now more often of … peopleto me for inspiration … leadership and vision.”  As the head of the department of technology and innovation, Lucius and his team have responsibilities for a vast array of systems that support the third-most populous city in the country.  Related:“We do so much: everything from supply the drinking water, pumping billions of gallons to not just Chicago but 125 cities in the area coming from Lake Michigan. Two major airports, international airports, 250 square miles of roads and sewers,” Lucius notes. “What we do is so massive, and one of the first orders of business when we got started was, we have a lot to just maintain and support.” Lucius leads a team of 75 people, which is slated to grow to 150 by the end of the year. In addition, he works with a large network of vendors and consultants that support the city’s IT systems.  The team is organized into different groups: planning, delivery, support, and cybersecurity. “When someone comes and says, ‘Hey, Nick, I need some help. I need a new website. I need a new app. I need you to solve this problem for me.’ We’re going to plan it. We’re going to build it. We’re going to deliver it. After that, we’ll support it, and we’ll make it’s safe and secure.” Lucius spends the majority of a typical day, up to 75% of it, in collaboration spaces. He is talking to team members, attending events, working to ideate. The remainder of his day is spent thinking about the future.  “What’s happening with AI? Where are we going with quantum computing here in Chicago? What’s our innovation play right now?” he asks.  As any CIO knows, not every day is a typical one. Systems go down. Fires have to be put out. Lucius was just a few months into the CIO role when the CrowdStrike global IT outage hit last year, impacting Windows machines across the city.  “Those kinds of days, when they come … it could be the only thing I do from the moment I wake up until the moment I go to sleep,” says Lucius.  While days like this are inevitable, Lucius and his team still have a bigger picture and goals in sight. The more time it takes to access a benefit, the harder it is for the people who need that benefit the most to get it. He is hoping to use technology to increase equity and accessibility to government services.  “I want to see a decrease in the difficulty that it takes a person with a disability to apply for everything from a disability sticker for the car so that they can park close to their home, to apply for social benefits programs, whether that’s financial assistance or assistance with something in their home or something necessary for their life,” he offers as an example.  Challenges in Government  CIOs across industries share many of the same responsibilities and challenges, but there are sector-specific nuances, too. Lucius notes how much scrutiny public sector CIOs face compared to their private sector peers.  “Even publicly traded organizations don’t quite have the amount of scrutiny and attention that that a major government institution gets,” he contends.  And there is a reason for that pressure. Transparency is important. Delivering government services to citizens is essential. That responsibility is one of the biggest worries on Lucius’s mind.  Major government technology projects often get a lot of time and money, and yet they might fail. “You don’t have to look too far to see examples,” says Lucius. “When Healthcare.gov launched, it didn’t work.” He believes that it isn’t enough to have a great idea, get it funded, and get it launched. He sees the need to constantly evaluate projects to ensure they are actually successful.  “Success is when something works better for Chicagoans and something works better for a human being on the other end, and they get that benefit,” he emphasizes.  How should young people with ambitions in technology and government be thinking about these challenges, particularly during such a turbulent time? Lucius still wants to see people chase their dreams, but he cautions that they need something to latch onto in such a high-pressure field.  “Maybehave family orhave personal experience where what we do here helped or maybe … you’ve just seen the benefit play out for human beings out there in the world,” says Lucius. “If you can latch on to that, that’s something you need in order to get through some of these experiences.”  A Reimagined Future Lucius sees people in the government technology space at a crossroads. They are faced with the major pressures of today’s societal and financial upheaval and the promises of delivering on new technology, like AI.  “All these things … have the potential to make things faster and more efficient, but then also bring the dangers of widening inequities and creating divides in society,” says Lucius. “We sit at the cusp of the reimagination of what it is to govern and what it is to oversee the provision of benefits in this society. And I want government technologists to recognize that … we can own that.” Lucius wants to bring services and benefits to the people of Chicago more efficiently without reducing those services. “We talk a lot about government efficiency these days,” he says. “I think Chicago is a great example.” About the AuthorCarrie PallardyContributing ReporterCarrie Pallardy is a freelance writer and editor living in Chicago. She writes and edits in a variety of industries including cybersecurity, healthcare, and personal finance.See more from Carrie PallardyWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #chicagos #cio #increasing #government #efficiency

John Edwards, Technology Journalist & AuthorMay 20, 20255 Min ReadTecha Tungateja via Alamy Stock PhotoAI-generated code may sound like a career-killer, yet a growing number of IT leaders are now turning to AI to generate various types of routine code, freeing human coders to focus on more complex and rewarding tasks. AI can significantly accelerate software development, says Prasad Sankaran, president, software and platform engineering, at IT consulting firm Cognizant. "Based on natural-language prompts, AI can write code and test scripts across a range of programming languages, frameworks, libraries, and more," he states in an online interview. Sankaran notes that AI can also generate synthetic test data, limiting the need to use sensitive live data sets. "At Cognizant, 20% to 30% of our code is now written by machines -- that's productivity we can pass along to our clients." Multiple Benefits AI-generated code's benefits are clear: more output, better quality in shorter timeframes, and an improved ability to navigate talent constraints, Sankaran says. "All of that translates into business productivity, agility, and effectiveness." He believes that AI-enabled coding allows team members to work faster and with greater focus on higher value, creative activities such as feature relevance, user experience, security, resilience, and performance. Related:Enterprises with large development organizations should expect substantial gains in productivity, says David Menninger, executive director at ISG Software Research. "Organizations that rely on service providers to create applications for them should expect to see rate reductions as a result of the increased efficiencies associated with AI-generated code," he states in an online discussion. Getting Started As is the case with many new technologies, it's best to start simple, Menninger recommends. He suggests beginning with a prototyping exercise. "In this scenario, the quality of the code is less critical, and it will afford an opportunity to learn about AI's capabilities." Another good starting point is code conversion, since the final result can be compared against existing working software. Devansh Agarwal, a machine learning engineer Web Services, says AI is particularly adept at writing standard boilerplate code. "For example, if I want to create an API client for calling a particular API, AI can generate the boilerplate code for it," he explains in an email interview. "If a developer writes this same code, it will take a few hours." AI can generate the identical code almost instantly. "Since this is a very standard piece of code, which is already present on the Internet, it will most likely be correct." Related:Getting started can be surprisingly easy, Agarwal says. "My mom, who has never written a line of code, managed to do it," he states. "The process is simple: Decide what you want to build, prompt the LLM to generate the code, and keep asking it to fix errors until it finally works." Despite its relative simplicity, Sankaran stresses the need to train team members on the most effective use of AI coding assistants while dealing with its inherent risks and limitations. Menninger recommends that AI-generated code should always be reviewed and tested -- just like any other code. View AI in the same light as a junior developer. "You can give it an assignment, but you certainly want to check the results and probably add some refinements or ask it to make some revisions." Potential Roadblocks Sankaran says enterprises need to recognize AI technology's inherent limitations, including the risk of team members relying too heavily on AI-produced code. Meanwhile, generated outputs can be inconsistent and error prone, so there's still a need for human oversight. A combination of predefined plans and templates, as well as automated enforcement of quality gates, baking in organization policies and guardrails, can help tackle this challenge by ensuring predictable, consistent, and compliant results within preset boundaries. Related:The biggest potential drawback is fostering a growing overreliance on AI-generated code, Menninger says. "There can be a tendency to trust the code simply because it has been generated by a machine," he explains. "The good news is that you can also use AI to test code both for quality and security purposes so, hopefully, you can end up with even higher quality code than manually-generated and manually-tested code." Parting Thoughts AI code assistants have come a long way and are continuously improving and delivering a superior developer experience, with more purpose-built and holistically-integrated solutions, driving automation and lead productivity across the software development lifecycle, Sankaran says. Looking ahead, agentic AI has the potential to make software development easier, more autonomous, and orchestrated, Sankaran states. "For example, specialized agents for understanding requirements, writing code, reviewing code, testing, deployment and more, all working together in an autonomous manner under human oversight," he says. "We're moving closer to the day when we can simply describe the functionality we want ... and have the system do the rest." About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #save #time #cost #using #aigenerated

TRS-80, Commodore 64. Early PCs have laughable specifications by today’s standards, but they inspired a lot of creativity. Take Jacob Anderson, owner of Beyond Ordinary Software, for example. He started programming a Commodore 64 as a tween by building character management tools for his Dungeons and Dragons game. The Commodore 64 was an 8-bit machine with the Basic programming language built in. “I was 11 years old and very isolated in a small town, so I didn't really have any exposure to the outside world and everything that was happening with the whole personal computer revolution,” says Anderson. “My dad was the janitor at the middle school, so I helped him clean. One evening, he sat me down in a math classroom that had a Commodore 64-style environment, so I started playing Artillery Duel. I noticed a button on the keyboard called, ‘Run Stop,’ and if you hit that key, the program stops executing and becomes a terminal. I hit that key by accident and typed “list” and I saw all the source code. I instinctively understood everything.” His uncle subsequently helped his family buy a Commodore 64 and peripherals for Anderson, including a dot matrix printer. He became obsessed, spending nearly all his time programming. However, in high school, his progress slowed as he discovered girls and did the things high school kids do. When he went to college on a US Navy ROTC program scholarship at Worcester Polytechnic Institute, he discovered the program actually ran at The College of the Holy Cross in the evenings, which conflicted with his computer science schedule. Anderson chose to give up his three-year Navy scholarship to pursue a dual major in nuclear engineering and computer science. Since he had to figure out a way to pay for school, he got into the Science and Engineering Research Semesterprogram at Los Alamos National Laboratory’s Applied Theoretical Physics Division, which develops novel applications of theoretical physics.  Related:At the time, Los Alamos was retiring its punch card mainframes and adopting modern software development practices. That was significant because at the time, the legacy software had been written in very old Monte Carlo N-Particle Transport Code.  When Anderson arrived for the SERS program, his advisor was John Hendricks, a Ph.D. nuclear engineer from MIT. Hendricks had Anderson running MCNP test problems to validate the physics that the problems were testing.  “I took the SERS program to complete my major qualifying projectat WPI, which was required for graduation. However, I felt that running test problems was a waste of time, so I voiced my concerns to my WPI advisor, John Mayer, and later to John Hendricks, who didn't appreciate my attitude,” says Anderson. “As a result, I planned to leave the SERS program and return to WPI to work on a different MQP.” Related:However, before Anderson could leave, Ken Van Riper, a Ph.D. astrophysicist from Cornell, met with him.  “appreciated my perspective and offered me a project he was working on. I proposed developing a full GUI for it, and he let me take the lead. I stayed in the SERS program and completed the project, which became MUD—MCNP User Demonstration,” says Anderson. “MUD was a 3D graphics-based problem setup tool that could create MCNP input files, run MCNP and visualize the output as particle tracks. Nobody had previously developed a complete package with a simple ‘click the button’ approach. After I graduated from WPI,hired me as staff.” Next, he went to work at Bolt, Beranek and Newman, where he found himself working for the Department of Defenseagain and PRAJA, a dot-com immersive experience company. It focused on 3D visualization tracking of people in complex environments. While at PRAJA, he was the project lead on FOX NFL GameTracker 2000 and PRAJA Football 99. After that, he founded Beyond Ordinary Consulting alongside corporate roles as President of AccessQuery, a web-based job search engine, and XPLive, a SaaS company. He also served as managing partner and later managing director of Totally Evil Entertainment. Related:Important Lesson CIOs Can Learn Vicariously One thing Anderson has learned along the way is that military personnel can benefit the tech industry. “Military personnel are often highly trained, but they're focused on a very unique niche, and they own that entire niche. Whatever their operational job was, they own it. And that’s somewhat unique, because in the, most people take a job for a little while, and then they bounce. They're very scattered when it comes to their career choices,” says Anderson. “When you deal with technical people you want them well versed in their niche job. And that's where the DoD comes in very handy, because the people who get that role are going to know it inside, out and backwards. That’s one of the reasons why I wanted to hire DoD people.” Those who worked for the DoD are very regimented because they must adhere to certain policies and rules. “Military personnel understand the playing field and limitations. They’re good at limiting themselves, and they also understand large-scale systems on a worldwide scale,” says Anderson. “A defense department in any country is enormous, much larger than entities in the private sector. They know how to compartmentalize and manage complex systems. Most people have a really hard time compartmentalizing at a world scale.” However, he says cultural IQ is the most important thing CIOs and other organizational leaders must understand and use to their advantage.“Because the DoD is world scale, you get experience with different cultures, different people from different parts of the world. As a result, you must learn to understand individuals from their cultural point of view. Otherwise, you’re just going to be frustrated all the time,” says Anderson. “The military is the same. It’s important to understand the nuances and respect them so you can engage people more effectively. The military personnel who aren’t good at that wash out early. The ones that are really good at it rise.”  #jacob #anderson #founder #beyond #ordinary

Pankaj Khurana, VP Technology & Consulting, RocketMay 19, 20253 Min ReadElenaBs via Alamy StockFor the past four years, I’ve been building AI-powered tools that help recruiters do their job better. Before that, I was a recruiter myself -- reading resumes, making calls, living the grind. And here’s one thing I’ve learned from straddling both worlds: In hiring, automating the wrong thing can quietly erode everything that makes your process work. As engineering leaders, we’re constantly told to streamline and optimize. Move fast. But if you automate the wrong step -- like how candidates are filtered, scored, or messaged -- you might be replacing good human judgment with rigid shortcuts. And often, you won’t notice the damage until weeks later, when engagement plummets or teams stop trusting your system. The Allure of Automation Hiring is messy. Resumes come in all shapes. Job descriptions are vague. Recruiters are overworked. AI seems like a godsend. We start by automating outreach. Then scoring. Then matching. Eventually, someone asks: can this whole thing run without a person? But here’s the rub: many hiring decisions are deeply contextual. Should a product manager with a non-traditional background be fast-tracked for a high-growth SaaS role? That’s not a “yes/no” the system can decide for you. Early on at Rocket, we made that mistake. Our scoring engine prioritized resumes based solely on skills overlap. It was fast -- but completely off for roles that required nuance. We had to pause, rethink, and admit: “This isn’t working like we hoped.” Related:What Agentic Systems Do Well I’m not anti-automation. Far from it. But it has to be paired with human review. We found that agentic systems -- AI tools with autonomy to assist but not decide -- were far more effective. Think copilots, not autopilots. For example, our system can: Suggest better phrasing for job descriptions Flag resumes that match roles 80% or more Recommend outreach templates based on role and tone But it never auto-rejects or sends messages without review. The AI suggests; the recruiter decides. That balance makes all the difference. Lessons Learned: Where Automation Fails One of our biggest missteps? Automating outreach too heavily. We thought sending personalized AI-written emails at scale would boost response rates. It didn’t. Candidates sensed something off. The emails looked polished but felt cold. Engagement dropped. We eventually went back to having humans rewrite the AI drafts. That one shift nearly doubled our positive response rate. Why? Because candidates want to feel seen -- not sorted. Related:A CIO’s Checklist: What Not to Automate If you’re leading an AI initiative in hiring, here’s a checklist we now swear by: Don’t automate decisions that impact trust. Rejections, scores, hiring calls? Keep a human in the loop. Avoid automating tasks with high context needs. A great candidate might not use trendy buzzwords. That doesn’t make them a bad fit. Be careful with candidate-facing automation. Generic outreach harms brand perception. Do automate the repetitive stuff. Parsing, meeting scheduling, draft -- automate those and give time back to your team. Human-AI Collaboration Wins We saw the best outcomes when recruiters felt like they had an assistant -- not a competitor. Here’s one quick story: A recruiter used our AI to shortlist 10 profiles for a hard-to-fill GTM analyst role. She reviewed five, adjusted the messaging tone slightly, and got two responses in under a day. Same tools -- different mindset. Feedback loops mattered too. We built in ways for users to rate suggestions. The model kept improving -- and more importantly, people trusted it more. Final Thought: Think Like a System Designer If you’re building AI into your hiring stack, go beyond automation. Think augmentation. Don’t just ask, “Can this task be automated?” Instead, ask, “If I automate this, what do we lose in context, empathy, or nuance?” Related:Agentic hiring systems can deliver speed and scale -- but only if we let people stay in control of what matters most. About the AuthorPankaj KhuranaVP Technology & Consulting, RocketPankaj Khurana is VP of Technology & Consulting at Rocket, an AI-driven recruiting firm. He has over 20 years of experience in hiring and tech and has led the development of agentic hiring tools used by top US startups. See more from Pankaj KhuranaWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #dont #automate #wrong #thing #lessons

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Breaking Bread: Do You Understand Your Data?Breaking Bread: Do You Understand Your Data?As IT leadership wrangles with data governance and policies, can operations glean useful information without stepping on a few toes?Joao-Pierre S. Ruth, Senior EditorMay 19, 2025What makes data actionable and real for an organization?Many enterprises capture data as part of their operations and activity but taking that information to another usable level can be a challenge. There may be security concerns, privacy regulations to adhere to, conflicting requirements among stakeholders within the organization.If the world runs on data that fuels the software that gets put into action, how do you separate the wheat from the chaff? And how do you not step on too many toes along the way?In this Breaking Bread session, Craig Martell, chief AI officer for Cohesity; and Matt McVaney, chief revenue office for BombBomb, discussed finding common ground between operations and tech to make data useful, and better understand the demands on either side of this dilemma.InformationWeek's podcast is evolving. The "Breaking Bread" format brings together one CIO, CTO, or other C-suite tech leader to discuss a challenge with an executive from the operations side of another organization.The intent is to allow them the space to exchange ideas and pain points from their respective vantages, and foster discussions that generate new insights for their organizations as well as the audience.About the AuthorJoao-Pierre S. RuthSenior EditorJoao-Pierre S. Ruth covers tech policy, including ethics, privacy, legislation, and risk; fintech; code strategy; and cloud & edge computing for InformationWeek. He has been a journalist for more than 25 years, reporting on business and technology first in New Jersey, then covering the New York tech startup community, and later as a freelancer for such outlets as TheStreet, Investopedia, and Street Fight.See more from Joao-Pierre S. RuthWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #breaking #bread #you #understand #your

Ravi Kunju, Chief Product and Strategy Officer, AltairMay 16, 20254 Min ReadZoonar GmbH via Alamy StockCIOs looking to propel digital transformation face a daunting task. They need to harness the power of data analytics and artificial intelligence. They need to empower their employees and serve their customers with the best software tools, compute resources, data infrastructure, and more. Yet to achieve this, CIOs need to navigate a ballooning budget and technology partners who might be hiking prices without giving you more features. A recent Forrester report found that nearly 80% of US organizations reported increases in software costs over the past year. Moreover, 4 in 5 tech leaders said they anticipated their organization’s adoption of generative AI will increase software costs. Prices are going up.  Instead of cutting the technology offered, CIO should explore changing their software licensing to improve their bottom line. Though the board might not get excited about licensing changes, they should. Complex agreements, the wrong licensing models cost an organization dearly -- both financially and technologically.  At the enterprise level, new types of models are emerging that could improve a company’s bottom line, including one that mimics a library system. They’re challenging the traditional per-seat model and could be the future of software licensing.  Related:Traditional Per-Seat Software Licensing for the Right Tools The per seat model, or named user licensing, has its benefits. For instance, when you have a limited set of people who need specific tools, or where there can be individualized attributes or access controls, like an enterprise resource planning system or customer relationship management software. However, there is risk in extending similar models into other domains like engineering simulation. An engineer and their team solving complex problems and running virtual simulations on computers are using several tools, all for different purposes, stages of design, and use cases. The Office of the CFO isn’t using one spreadsheet app -- they’re using CRMs, databases, accounting, and budgeting tools, etc.  And the company’s needs go beyond software. Your organization needs hardware: cloud resources, high-performance computingpower, mainframes, and beyond.  For the wrong tools, named user licensing can be like owning a car that’s always left running, or it can cause traffic jams for projects if only one person has access to a specific software.  Token-Based Systems Make It Easier to Track Usage Consumption licensing models -- where everyone draws from a shared, but finite “tank” of resources-- can be an improvement. They house resources under a single licensing framework and allow different user personas to navigate between tools as needed. They also give organizations more insight into costs and usage. This is a popular cloud licensing model, though the technology is also seeing continued inflation costs.    Related:But the tank for consumption models can run dry very fast. When it’s empty, you have to pay for more fuel. Plus, having that tank isn’t always helpful for controlling costs. What if someone accidentally runs a compute job overnight that uses all your fuel? You can’t get it back -- you have to buy more and hope it doesn’t happen again. There’s never a guarantee you won’t overshoot your budget. Value-Based Models are Interesting, but Subjective Value-based licensing is a relatively newer software licensing concept aligned with business outcomes. The idea is that the cost of the software is based purely on the benefits to the end customer. These models are well-suited for solutions that can easily quantify business benefits; however, these can be subjective and hard to implement and scale. They can also extend the sales cycle and make every transaction unique.  Related:A Library Model Combines Other Emergent Licensing Trends Growing in popularity is the flexible-hybrid model, which combines consumption-based and value-based licensing with a predetermined capacity commitment that can’t be exceeded.  It’s like a community e-library, wherein a variety of books can be checked out when needed and checked back in when not in use. In this example, the flexible-hybrid model would work by making certain books available to a team to check out. The only determination then is how many books each team member will borrow at once.  With flexible-hybrid models, CIOs can often get the best of everything: software/hardware resources in a single, shared environment, seamless access to tools/resources when and how you need them, and a brake that prevents runaway costs.  Research from ITAM found that more than 76% of organizations considered themselves “over-licensed.” These emerging software licensing models could fix that number. However, we’ll only see it take off if CIOs start critically evaluating their licensing models and asking their vendors for the flexible-hybrid approach. While AI tops the list of many business leaders’ priorities right now, making sure to secure AI tools that everyone can use, and within budget, should be up there, too.  About the AuthorRavi Kunju Chief Product and Strategy Officer, AltairRavi Kunju is responsible for the strategy and vision of Altair products, which includes facilitating the development, sales, pricing, and marketing of Altair’s solutions for multiple industry verticals, across all business lines. Previously, Kunju held several leadership roles at Altair including vice president of business strategy for Altair’s manufacturing solutions, vice president of strategy for enterprise computing, managing director of enterprise computing for the Americas, and managing director of the U.S. North Central region. Prior to joining Altair, Kunju was a project engineer at Ford Motor Company and a structural analyst at Chrysler Corporation.See more from Ravi KunjuWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #what #cios #need #know #about

John Edwards, Technology Journalist & AuthorMay 16, 20255 Min ReadSkorzewiak via Alamy Stock PhotoA great IT idea is as good as gold. That's why an unscrupulous consultant may decide to take one of your organization's original methods or practices to another client -- perhaps even a rival -- without first asking for permission. While most consultants play fair, issues do sometimes come up, observes John Pennypacker, a vice president at AI technology firm Deep Cognition. "Someone working at your office learns your methods on Monday -- by Tuesday those same tricks might help another client," he says in an online interview. Tech companies face the biggest danger. "Your special formula or unique program code gives you your market advantage." Most consultants are professionals who play by the rules, but idea theft still happens, says Adhiran Thirmal, senior solutions engineer at security service and technology provider Security Compass. "Some consultants work across multiple companies in the same industry, and the temptation to reuse a good idea is real," he warns in an online discussion. "It's not always malicious -- sometimes they don't even realize they're crossing a line." That's why ensuring legal protection and building clear communication channels upfront are important. Proving Originality It’s all about holding onto detailed documentation, Thirmal says. "Keep track of emails, meeting minutes, whiteboard sketches -- anything that shows when and where the idea was created," he advises in an email interview. If it's a major innovation, consider filing for a patent, copyright, or trademark to establish official ownership. "Even small things, such as internal Slack messages or version histories, can serve as proof, if needed." Related:Before engaging a consultant, be sure to put protections into place, recommends Iliyan Paskalev, founder of MyHumanoid, a robotics and humanoids information website. "Clearly define within the contract that all ideas, strategies, and materials shared remain the property of your organization," he notes in an online interview. Paskalev also suggests closing any loopholes by using work-for-hire agreements explicitly stating that any contributions made by the consultant belong to your company. Preventive Steps The best defense is a good offense, Thirmal says. Before sharing any sensitive information, get the consultant to sign a non-disclosure agreementand, if needed, a non-compete agreement. "These legal documents set clear boundaries on what can and can't do with your ideas." He also recommends retaining records -- meeting notes, emails, and timestamps -- to provide documented proof of when and where the idea in question was discussed. "If possible, develop key parts of the idea internally first before bringing in outside help." Related:Control what the consultant can see, Pennypacker advises. "Share only what they must know to do their job," he says. Document everything. "Keep emails, notes from meetings, and early drafts -- they prove where ideas started." Pay close attention to what the consultant or consulting team do daily. "Make sure they follow the rules you set." Move fast when you see your ideas being stolen, Pennypacker says. "Look for certain danger signs." Has a product like yours appeared after your project ended? Did your methods show up in competitors' offerings? Has the consultant broken the secrecy agreement? These signs all indicate it may be time to consult a lawyer. Remediation Actions If a consultant takes an idea and commercializes it, or shares it with a competitor, it's time to consult legal counsel, Paskalev says. The legal case's strength will hinge on the exact wording within contracts and documentation. "Sometimes, a well-crafted cease-and-desist letter is enough; other times, litigation is required." If you suspect a consultant has taken your idea and used it elsewhere, gather all of the evidence -- emails, agreements, and meeting records, Thirmal recommends. Then, try to address the matter informally. "If that doesn’t work, and the stakes are high -- such as lost revenue or competitive advantage -- it’s time to bring in a lawyer," he suggests. "If they broke an NDA or misused proprietary information, you may have legal grounds for action." Related:Compensation depends on the amount of damage inflicted. "If the theft results in a loss of market advantage, organizations can demand licensing fees, royalties, or outright financial damages," Paskalev says. "In some cases, businesses have successfully negotiated settlements or forced a buyout of their stolen IP rights." Last Thoughts The best way to protect ideas isn't through contracts -- it's by being proactive, Thirmal advises. "Train your team to be careful about what they share, work with consultants who have strong reputations, and document everything," he states. "Protecting innovation isn’t just a legal issue -- it's a strategic one." Innovation is an IT leader's greatest asset, but it's also highly vulnerable, Paskalev says. "By proactively structuring consultant agreements, meticulously documenting every stage of idea development, and being ready to enforce protection, organizations can ensure their competitive edge." Pennypacker has one final bit of advice: "Guard your company's thinking like you would guard its bank account." About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #how #keep #consultant #stealing #your

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Building Effective Security Programs Requires Strategy, Patience, and Clear VisionBuilding Effective Security Programs Requires Strategy, Patience, and Clear VisionCapital One executives share insights on how organizations should design their security programs, implement passwordless technologies, and reduce their attack surface.Dark Reading, Staff & ContributorsMay 15, 20251 Min ReadNatee Jindakum via ShutterstockCISOs are facing a growing array of threats, including ransomware, business email compromise, identity-based attacks, phishing attacks, and data breaches. Patience and adaptability are required to build, implement, and maintain an effective security program that addresses the gamut of these risks.Many technologies and security measures are available to tackle the various problems organizations face, but they take time and resources to implement properly. One way to do so is to treat the organization's security program as a product, said Capital One cybersecurity CTO Mike Benjamin at last month's RSAC Conference in San Francisco. Like products, security programs have customers, meet a need, deliver something of value, and can be purchased, he said. Some may argue that security programs are not like products but more like a cost center because they are required or have unclear deliverables."People who voted no, a security program is not a product, in everything we see are things we would all argue is a security program that needs help," Benjamin said. "The company only does it because it's required. Does anyone want their program to be thought of in that way? We all strive for it to be something that the company values, to be a core component of how it operates, not a thing that just has to be done."Strong programs balance technology with internal work and overall risk management. Striking an effective balance can be difficult, especially when it comes to application security programs. Security teams must ensure there are no vulnerabilities without slowing down business operations.Read the Full Article on Dark ReadingAbout the AuthorDark ReadingStaff & ContributorsDark Reading: Connecting The Information Security CommunityLong one of the most widely-read cybersecurity news sites on the Web, Dark Reading is also the most trusted online community for security professionals. Our community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals.See more from Dark ReadingWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #building #effective #security #programs #requires

Shane Snider, Senior Writer, InformationWeekMay 15, 20252 Min ReadBYphoto via Alamy StockMicrosoft on Tuesday started layoffs of almost 3% of its global workforce, or about 6,000 employees across various departments. Many were shocked that the layoffs included the company’s director of artificial intelligence, Gabriela de Queiroz.De Queiroz took to LinkedIn to share the news in a lengthy post. “Bittersweet news to share: I was impacted by Microsoft’s latest round of layoffs. Was I expecting it? Maybe. These days no matter how hard you work, how much you advocate for your company, or how much visibility to bring -- none of that makes you immune to restructuring,” she wrote.Such a high-level impact in the AI department shocked many commenters -- considering Microsoft has poured billions of dollars into its AI ambitions, including billion earmarked for AI initiatives in 2025 alone. “If they are willing to cut the director of AI, what hope do any of us have?” one Reddit commenter asked.Microsoft posted strong financial results in its most recent quarter, with its revenue up 13% at billion. But even as revenues rise, companies are looking to offset huge capital outlays for emerging technologies like GenAI. Macroeconomic uncertainty is fueling the cost-cutting effort as well.Tuesday’s layoffs marked the largest Microsoft cuts since 2023, when the company cut 10,000 workers.Related:Bloomberg reports that the layoffs targeted layers of management. About 17% of the cut personnel were classified as managers. Product management and technical program management roles accounted for about 600 of the cuts at Microsoft’s Washington workforce, or about 30% of layoffs, according to the report.What CIOs Should KnowPradeep Sanyal, AI and data leader for IT consultancy Capgemini and a former CIO, says IT leaders should pay close attention and recognize the shifts in market-wide AI strategies.“CIOs should take note, though not necessarily panic,” he tells InformationWeek in an e-mail interview. “Micosoft’s layoff of a high-profile AI leader, even amid massive AI investment, signals a few things …”Sanyal says the companies are restructuring as they shift from experimentation to “operationalization.” The companies are cutting costs by reducing layers and chopping roles not directly tied to revenue generation, he says.Such a change in leadership at a top vendor will likely have implications for customers. “Even if Microsoft’s commitment to AI is strong, sudden leadership exits can disrupt both internal continuity and external partnerships. CIOs betting big on Microsoft AI should press for visibility into roadmap ownership and product stewardship.”Related:The high-profile job cut paints a picture of AI volatility, Sanyal says.“This is a canary moment. When even top-tier AI leaders are not immune, it highlights how volatile the AI labor market is, both inside and outside vendor walls. Enterprises need strong internal AI capability, not just reliance on hyperscalers.”He adds, “In short … Yes, be concerned, but as a strategic signal rather than a tactical red flag. It is a reminder to diversify partnerships, own your AIU vision, and stay nimble as the industry reshapes around the next wave of transformation.About the AuthorShane SniderSenior Writer, InformationWeekShane Snider is a veteran journalist with more than 20 years of industry experience. He started his career as a general assignment reporter and has covered government, business, education, technology and much more. He was a reporter for the Triangle Business Journal, Raleigh News and Observer and most recently a tech reporter for CRN. He was also a top wedding photographer for many years, traveling across the country and around the world. He lives in Raleigh with his wife and two children.See more from Shane SniderWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #microsoft #lays #off #including #director

This session explores primary cyber resilience challenges and solutions. #hidden #threats #are #derailing #cyber

TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.MIT Sloan CIO Symposium to Showcase 10 Startups Focused on CIO NeedsMIT Sloan CIO Symposium to Showcase 10 Startups Focused on CIO NeedsThe annual CIO conference, which InformationWeek will be attending live, will highlight early-stage companies focused on artificial intelligence, cybersecurity, and data needs for enterprise IT.Shane Snider, Senior Writer, InformationWeekMay 15, 20251 Min ReadPanther Media GmbH via Alamy StockThe annual MIT Sloan CIO Symposium taking place May 19-20 in Cambridge, Mass. will feature 10 startup businesses that offer innovative solutions for IT executives during its 2025 Innovation Showcase.The Innovation Showcase offers CIOs and other IT leaders a chance to explore early-stage US-based businesses. Aperio, Arundo Analytics, Bluumly, DataTrails, DBOS, FenixPyre, iCustomer, Narratize, Silverthread, and Skyline Nav were named finalists for the showcase.“It’s an honor to continue to support emerging enterprises as they connect with industry leaders, fostering collaborations that consistently drive meaningful innovation and mutual success,” Anton Teodorescu, chair of the Innovation Showcase, said in a statement.MIT Sloan said the businesses were chosen based on several criteria, including having an enterprise IT solution commercially available, less than million in annual revenue, selling solutions to CIOs or corporate IT departments, and showing innovation and strategic value with potential bottom-line impact.Symposium Celebrates 22nd YearNext week’s two-day symposium will feature dozens of speakers and panelists, including Oracle’s Roger Barga, senior vice president for artificial intelligence and machine learning, Bill Pappas, executive vice president and head of global technology operations for MetLife, Monica Caldas, global chief information officer for Liberty Mutual Insurance, and many other top IT leaders.Related:InformationWeek’s Senior Editor Joao-Pierre S. Ruth and Senior Executive Editor Ben Cole will provide live coverage from the event next week.About the AuthorShane SniderSenior Writer, InformationWeekShane Snider is a veteran journalist with more than 20 years of industry experience. He started his career as a general assignment reporter and has covered government, business, education, technology and much more. He was a reporter for the Triangle Business Journal, Raleigh News and Observer and most recently a tech reporter for CRN. He was also a top wedding photographer for many years, traveling across the country and around the world. He lives in Raleigh with his wife and two children.See more from Shane SniderWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like #mit #sloan #cio #symposium #showcase