DISRUPTIVE TECH efficiency but also with business velocity and opportunity costs .
In 2025 , CIOs need to closely focus on KPIs and metrics that provide a direct link to the business outcomes that depend on them . For instance , in the healthcare industry where there is constant focus on safeguarding data and compliance management , metrics that track user behaviour and anomalies , ensure continuous availability of critical assets , and give visibility into critical and high-risk vulnerabilities and incidents are most vital since they all affect business operations .
# 2 Distributed governance model
Multiple regulations and their related , year-round audits will soon force privacy and compliance leaders to implement a distributed compliance framework to ensure pervasive compliance . The general practice so far has been to entrust compliance to a central team ; however , the job is intrinsic to every department within an organisation . prioritise data sovereignty and data preparation , operating on encrypted data , to guarantee the success of AI implementation .
Sovereign cloud , data portability , NIS2 to boost data resilience says Veeam
Mena Migally , Regional VP EMEA East , Veeam
Veeam ’ s senior global and regional executives including Andre Troskie , EMEA Field CISO ; Edwin Weijdema , EMEA Field CTO ; Michael Cade , Global Field CTO Cloud Strategy ; Mena Migally , Regional VP EMEA East ; and Mohamad Rizk , Senior Regional Sales Director , Middle East and CIS , share their views on next year ’ s technology trends in the data resilience space .
The central compliance team is primarily responsible for programme management . It should have a pulse of what is happening in the industry and map the requirements evolving out of relevant regulations and standards . This central compliance team should keep leadership updated about the evolving landscape and macro challenges posed .
On the other hand , execution of the compliance programme should be broad , empowering business functions at all levels . Each team and business function should understand risk management and use it consistently to address non-conformities flagged during audits as well as for root cause analysis of incidents .
# 3 Scaling up AI usage
The pursuit of digital maturity is reshaping how businesses are operating , and AI is playing a pivotal role in it . The past couple of years were significant for AI as a lot of enterprises ran pilots to harness its capabilities . As we approach 2025 , enterprises will view AI integration from the lens of scaling up its usage and generating ROI .
# 1 Data portability
Evolving regulatory requirements and geopolitical pressures will force enterprises to re-think where their cloud data really sits . Expect an increased focus on data residency , ensuring data stays within specific national or regional borders . As part of this shift , we will see more demand for sovereign clouds , localised cloud environments that keep data within specific authorities to support compliance and mitigate risk .
This , in turn , will highlight the need for data portability across hybrid environments . Enterprises might find out too late in the game that moving data between clouds is not easy . They will also need to consider related data like backups or Large Language Model training data , where those are being kept , and what risk is present . It is a familiar story- the cloud gives businesses more options and flexibility , but taking advantage of these securely and sustainably will require some joined-up thinking .
# 2 The NIS2 hammer
Additionally , we can expect to see more LLMs being utilised in the enterprise setting . These LLMs will be equipped with agents that can make real-time API calls and augment their generative capabilities .
To realise all this , it is crucial for companies to have a robust data strategy in place . This includes streamlining relevant processes and ensuring that they are coordinated with that strategy . CIOs must
It almost goes without saying that leaders will continue to wrestle with regulation in 2025 , especially with the arrival of DORA for the finance sector . However , next year ’ s biggest regulation story will be the first major NIS2 penalty . National regulators will give organisations time to become compliant – many countries have even extended their deadline – but expect to see the first big statement fine for noncompliance towards the end of next year .
72 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com