Isaac Sacolick’s
accurately captures the pressure CIOs face in 2026: AI must move from experimentation to measurable value, and data governance and security can no longer be deferred. The direction is right. Where I diverge is in how achievable some of these recommendations are without addressing structural realities inside most organizations.
1. “Reengineering IT” is necessary, but insufficient
The article frames 2026 as a year of reorganizing IT operating models around velocity, resilience, and adaptability. That is correct. However, reorganizations alone rarely produce those outcomes.
Most IT organizations already run agile ceremonies, DevOps pipelines, and product teams. The failure mode is not tooling or structure. It is fragmentation of ownership.
AI exposes this brutally. Agentic systems cross departmental boundaries by design. When accountability for data quality, workflow outcomes, and customer impact is split across teams, velocity collapses. The real shift is not “IT reengineering,” but explicit end to end ownership of workflows, including data, controls, and outcomes. Without that, AI simply accelerates existing dysfunction.
2. Data governance must move from policy to infrastructure
The article correctly calls out underinvestment in data governance, especially for unstructured data. Where many CIOs will struggle is treating governance as an engineering discipline rather than a compliance function.
Governance cannot be bolted on through committees or quarterly reviews. It must be embedded directly into systems of record, access layers, and AI workflows. Classification, lineage, and authorization need to be default behaviors, not optional processes. Organizations that rely on retroactive audits or manual tagging will find that agentic AI scales risk faster than teams can respond.
In practice, this means fewer standalone governance tools and more governance logic built into core platforms and pipelines.
3. AI for CX will work only if the backend is coherent
The article is optimistic about AI driven customer experience becoming the primary interface to the company. That will happen, but only for organizations with clean operational foundations.
AI frontends amplify whatever sits behind them. If backend systems are fragmented, data definitions inconsistent, or workflows poorly understood, AI powered CX becomes a liability. Customers experience confident answers that are subtly wrong, inconsistent, or non deterministic.
The real differentiator will not be who ships an AI agent first, but who has a single source of truth underneath it. CX transformation is downstream of operational clarity, not a substitute for it.
4. The problem with “AI experimentation” is not experimentation
The article argues that AI experimentation without short term value must stop. The intent is reasonable, but the framing risks throwing away learning capacity.
The issue is not experimentation. It is unowned experimentation.
Experiments fail when they are disconnected from a production path, lack clear success criteria, or are not grounded in real workflows. Well designed experiments tied to specific operational pain points are still essential, especially as models and tooling change rapidly.
The shift should be from “labs and pilots” to “bounded experiments with owners, timelines, and kill criteria.”
5. Security by design is no longer optional, but it must be practical
Security before AI deployment is a necessary correction. However, security programs that slow delivery or rely on abstract policy will be bypassed in practice.
Effective AI security looks like boring infrastructure work: identity unification, scoped access, logging, replayability, and clear blast radius limits. CIOs who frame security as an enabler of safe speed will succeed. Those who frame it as a gate will lose control to shadow AI usage.
Bottom line
The article is directionally correct. AI is no longer a side project, and CIOs are being judged on outcomes, not intent.
The missing piece is this: AI does not primarily fail because of technology limits. It fails because organizations lack clear ownership, clean data contracts, and coherent systems of record.
In 2026, the winners will not be the most experimental organizations. They will be the most disciplined ones.
The original article.
https://www.cio.com/article/4117078/digital-transformation-2026-whats-in-whats-out.html
