Dear CIO,
If you have read MITās latest take on enterprise AI, you might come away with the impression that we are heading into another AI winter. I personally have seen headlines of failed pilots, poor ROI, and projects that never made it past the proof-of-concept stage. However, if you look closer, especially through the lens of The Conference Boardās latest research, a very different picture emerges.
Best Regards,
John, Your Enterprise AI Advisor
āFailing AIā Narrative Misses the Mark
AI Is Entering An Operational Era
Not in the Innovation Lab Anymore
The MIT report measures AI by the success rate of individual projects and discrete deployments evaluated on short timelines and narrow metrics. While that can be a useful lens for emerging technologies still in sandbox mode, AI is no longer on the fringe.
According to The Conference Board, more than 70% of S&P 500 companies now list AI as a material risk in their public filings, up from just 12% the year prior. Companies do not escalate something to the risk register unless it is central to how your business runs. This tells us that AI has moved out of the lab and into the engine room.
It is being used in core functions like supply chains, credit scoring, product recommendations, and fraud detection. This is essentially infrastructure now, and measuring AIās value the same way we would evaluate a chatbot pilot from 2018 misses the point.
Risk Is NOT A Red Flag
The Conference Board's report surfaces something MIT overlooks: the rise of disclosure. Companies are publicly acknowledging AI-related risks across cybersecurity, legal exposure, reputational damage, and compliance, not because AI is floundering, but because itās deeply embedded.
Here are some quick stats from the report:
38% cite reputational risk from AI missteps or customer harm
20% call out cybersecurity vulnerabilities introduced by AI models or tooling
And a growing number are navigating a rapidly changing regulatory landscape thatās still taking shape
The irony here is that risk is a sign of integration. Boards are paying attention, and that is a good thing.
It IS Time to Move Beyond "Project ROI" Thinking
Judging enterprise AI by the number of successful pilots is like judging the internet in 2001 based on failed dot-com startups. It misses the strategic shift. This is about strategic maturity, not isolated project wins.
The more relevant questions today are:
How integrated is AI into our mission-critical systems?
How are we adapting our governance to manage new AI risks?
Do we have the oversight and architectural control to scale responsibly?
The CIOās Role: Take Ownership, Not Comfort
Too many organizations are handing off AI responsibility to standalone teams for new āAI functionsā that report to a Chief AI Officer or a digital innovation unit. That structure may speed up experimentation, but it also introduces real risk if it bypasses the CIOās visibility into infrastructure, integration, and security posture.
As AI becomes more embedded, the role of the CIO becomes more important. Governance, security, data architecture, and integration cannot be delegated. If AI is touching production systems, customer experience, or financial operations, it belongs under the CIOās watch.
AI Is Growing Up
We have seen this pattern before. Cloud computing. Mobile. DevOps. In each case, early-stage experiments failed fast and often. However, once adoption moved to the enterprise core, everything changed, including the metrics for success. What is really happening is that enterprise AI is moving into its operational era, and with that comes a need for deeper accountability, smarter governance, and more strategic leadership, especially from the CIOās office.
How did we do with this edition of the AI CIO?
David Jones dives into a report flagging AI as a material risk in public disclosures.
Eric Geller looks at a report citing AI-powered cyberattacks as their top concern, with 75% of IT leaders flagging increased vulnerability and 45% reporting phishing incidents.
Sam Sabin shares that OpenAI banned multiple nation-state accounts exploiting ChatGPT alongside other AI models to plan and execute influence ops and phishing schemes.
Scott Rosenberg reports on OpenAI and NVIDIAās over $400 billion plan toward massive AI data center expansion.
Benjamin Boudreaux and Beba Cibralic urge the application of social contract principles to regulate AI, ensure democratic oversight, and protect individual rights.
John Rzeszotarski highlights the need for better standardization, documentation, and reduced over-reliance on tribal knowledge to enable effective AI integration.
Zeno Belligoli, Antonio Castelli, and George Chouliaras share the lessons they learned through a year of developing a judge as an LLM framework.
Chris Hughes reveals that in 2024, the average time to exploitation of vulnerabilities hit -1 days.
The Artificially Intelligent Enterprise discusses how OpenAI changed from an AI Model company to a Platform Company.
AI Tangle covers OpenAIās DevDay 2025, AMD and OpenAI deal for 6 gigawatts worth of chips, and the potential delay of OpenAIās wearable.
Dear CIO is part of the AIE Network. A network of over 250,000 business professionals who are learning and thriving with Generative AI, our network extends beyond the AI CIO to Artificially Intelligence Enterprise for AI and business strategy, AI Tangle, for a twice-a-week update on AI news, The AI Marketing Advantage, and The AIOS for busy professionals who are looking to learn how AI works.
