We’ve all heard the horror stories of companies hiring full-time remote workers—only to find out later they’re actually based in North Korea and had access to a company’s sensitive data. This kind of fraud, enabled through using VPNs and residential proxies, is rampant. According to a study last month from Spur Intelligence, 94% of organizations have experienced this type of anonymizing in cybersecurity incidents, and about half lost significant money or information in the attack.But while the threat is known, it’s not one that many companies are fighting proactively. About 44% analyze IP data only after an attack, and only 38% have strong controls on access to enterprise systems from personal devices. More than six in 10 said they aren’t very concerned about these devices leading to exposure of company data. I spoke with Spur Intelligence cofounder Riley Kilmer about this vulnerability and why and how companies should protect themselves. An excerpt from our conversation is later in this newsletter.We’re taking a short break next week, so the next edition of Forbes CIO will land in your inboxes on Thursday, June 18. Until next time.This is the published version of Forbes’ CIO newsletter, which offers the latest news for chief innovation officers and other technology-focused leaders. Click here to get it delivered to your inbox every Thursday.Policy + RegulationsPresident Donald Trump signs an executive order earlier this week.Kevin Dietsch/Getty ImagesThis week, after a long back-and-forth, President Donald Trump quietly signed an executive order on AI regulation. The order puts official policy between the laissez-faire approach of letting AI companies do whatever they want and the requirement that the administration vet all new frontier models before they are released to the public. The order directs the federal government to develop a classified benchmarking process to assess the capabilities of AI models, then design a voluntary framework by which AI companies could submit their new frontier models to the government for vetting for up to 30 days before releasing them.As of now, the order doesn’t mandate any change to the development and release process for AI companies, though Politico reports it represents a huge change in the Trump Administration’s willingness to regulate AI technology. Establishing a process is just the beginning. And while the policy looks rather innocuous now, the benchmarking process—calling on the Treasury Department, National Security Agency, the Cybersecurity and Infrastructure Security Agency, the National Cyber Director, the Commerce Department and the National Institute of Standards and Technology—could become rather rigorous. AI experts, lobbyists and consultants told Politico that the defense-heavy posture of this group, coupled with the historical fact that voluntary regulation rarely stays voluntary over time, could be setting the stage for more stringent regulations in the future. Forbes contributor Paulo Carvão writes that the order is a start, but it faces challenges from the beginning. It could be difficult to establish a process with any legitimacy given the broadness of the parameters—and the Trump Administration’s coziness with Big Tech. The government should also be somewhat transparent about the process to build public trust. What are the basic parameters? How many models are being reviewed, accepted and rejected?The effectiveness of this order—and what happens next in AI—now depends on how it’s built out and followed. Is it going to be a cybersecurity-heavy crackdown on potential threats caused by models, or will it be a more thoughtful look at models’ capabilities and potential uses? Or will it be largely ignored by both the federal government and the companies developing new models?Technology + InnovationNvidia is getting into the consumer PC market. This week, CEO Jensen Huang unveiled the GTX Spark chip, which is designed for personal Windows PCs to run “personal AI agents.” It’s the company’s first integrated consumer chip, including a CPU as well as a cut-down version of the chip Nvidia uses to power its AI supercomputers. Few details were given about the launch timing, price or computer models—just that the computers should be available this fall and will be at the upper end of the cost spectrum.Nvidia made other big announcements this week at its GTC Taipei event. Huang referred to Nvidia as an AI infrastructure company—not just a chipmaker, writes Forbes senior contributor Janakiram MSV. Huang announced the Vera CPU, a standalone data center processor designed for agents rather than human operators—since billions of agents will run continuously and demand far lower latency than people. Huang announced its new physical AI model Cosmos 3, an open-world foundation model that boosts robotic reasoning by learning from teleoperation, simulation and video.Cisco also made big product announcements for the AI age this week at its Cisco Live event in Las Vegas. Cisco unveiled its Cisco Cloud Control platform—allowing people and AI agents to work together on data, development and networking in a purpose-built secure environment.Notable NewsIt’s official: 2026 will be the year of the mega-IPO. Anthropic confidentially filed initial paperwork with the Securities and Exchange Commission to go public late this year. The filing came less than a week after the company overtook OpenAI as the most valuable AI startup, with a $900 billion valuation following a Series H fundraise of $65 billion.Anthropic has seen a meteoric rise in its usage, reputation and valuation in 2026. At the close of its previous funding round in February, the company’s valuation was $380 billion. Anthropic’s Claude is currently used by more than 56,000 companies, according to tech stack tracker Bloomberry. Claude is also gaining popularity with consumers, accounting for 14% of all AI app downloads in Q2, according to Sensor Tower statistics, and posting a higher growth rate than other AI apps.Bits + BytesThe Invisible Security Gap: Why Your Remote Access Strategy Needs an UpgradeSpur Intelligence cofounder Riley Kilmer.Spur IntelligenceThe vast majority of companies—94%—commonly experience cybersecurity incidents in which VPNs and residential proxies are used to anonymize perpetrators, according to a recent report from Spur Intelligence. Many of these incidents are serious—nearly half have reported significant operational or financial impact—yet only 44% use IP intelligence to block users from their internal systems. I spoke with Spur Intelligence cofounder Riley Kilmer about the problem and how companies can take action against it. This conversation has been edited for length, clarity and continuity.Why is VPN fraud something that many companies don’t seem to be thinking about or investing in? Kilmer: It’s hard to comprehend what the losses might be. What is the loss of one credential for an employee logging in? It depends on who the employee was. What kind of access did they have? What kind of data is it? Are they able to laterally move and install malware or ransomware or things like that? A lot of our big banking customers came to us originally for fraud-based things. They weren’t really thinking about the employee base. They were looking at if a financial account was taken over or the dollar amount of fraud that they are going to have to pay out because of their security posture. Those numbers are a lot easier to look at and quantify.Until you’ve experienced one, you might not be thinking about a security event because you don’t know what it actually ends up costing you. It could cost you your whole reputation or it could be a non-event. The difference between those two varies so much,so how can a CEO prioritize or push for these internal security pieces when it doesn’t have any impact on revenue.What impact does AI have on VPN fraud?I see AI legitimizing this entire proxy industry, and that's the larger concern. We have all these security and fraud events coming from residential proxies, and AI companies are now leveraging those to get data at scale. They’re trying to circumvent captures, rate limits and portals to collect as much data as possible to build their models and have the most real-time access to everything out there on the internet.It’s big money for the proxy companies, and it’s provided them a level of legitimacy. Prior to AI, they didn’t have this. It was: You can get ad verification or see how something loads in a different country. Now it’s like: OpenAI buys from us and they spend X millions a year on our services. Now it seems these proxy companies are legitimate because they're working with large companies everybody’s heard of. My bigger concern is that now people view some of these services as legitimate. Oftentimes, they’re built on the back of botnets. Now it’s letting them know that because you installed stuff via malware, you can get paid big bucks by real companies by saying that it was consensually gathered proxies.On the security side, AI makes things faster. One of the things with the VPNs and proxies is that there's a lot of on-top infrastructure to use. If you can do something at scale and faster, it’s always going to be more dangerous on the security side.What advice would you give a CIO or CISO trying to convince decision makers that this is something that needs attention and investment?This is not the sexy work of the internet, it’s the boring monotonous piece that has to be done. It’s janitorial work. It’s surprisingly easier to farm out to an IP reputation service than to try to bring it all in-house. A lot of companies try, and then realize it’s so much easier to have this managed and tracked by a company that specializes in this.IP enrichment is not as hard as it sounds. So many parts of the data pipeline supports this level of enrichment. You can have this information available in a pretty dashboard for management to look at, then in an actionable way for analysts that have to deal with each alert and triage it. They have that context right there to be able to handle it without having to farm it out, and you can make faster decisions. Comings + GoingsCybersecurity firm CrowdStrike appointed Dr. Bartley Richardson as its chief AI and autonomous systems officer. Richardson joins the company from Nvidia where he led engineering for agentic AI, cybersecurity AI, and AI infrastructure.Investment research company MSCI appointed Kashi Kakarla as its chief technology officer and head of product engineering, effective June 22. Kakarla joins the company from Intuit, where he led technology and engineering for the Intuit Small Business Platform.Cloud database platform Teradata promoted Josh Fecteau to the combined role of chief data and AI officer & chief information officer, effective June 2. Fecteau expands his responsibilities from his previous role within Teradata where he served solely as chief data and AI officer since November 2025.Facts + CommentsForbes published its inaugural Iconoclast 50 list this week, honoring some of the most influential people in business, finance, entertainment, media and technology. Honorees appear on at least one other Forbes list, and have made a meaningful impact on their industry in the last two years.$2.5 trillion: Combined net worth of all 50 list members15: List members affiliated with tech companies30: Age of the youngest honorees: Kalshi cofounders Luana Lopes Lara and Tarek Mansour. The oldest is 95-year-old legendary former Berkshire Hathaway CEO Warren BuffettStrategies + AdviceEvery advancement in society must build a "trust layer" when it is new. That's happening now with AI, as everyone collectively verifies what it can do as they move toward unquestioning acceptance. Here's a look at what will happen next. The difference between how others perceive you at work may be your reputation. Are you known as a doer—who answers questions, fixes problems and follows instructions—or a strategic thinker who goes a step beyond the immediate issue? Here’s how to move more toward a strategic thinker’s mindset.QuizTech stocks have had a huge week, with several companies shattering earnings expectations and raising revenue projections. Which company had a huge surge this week that propelled its cofounder to be the third-richest person in the world?A. MetaB. HPC. OracleD. NvidiaSee if you got the answer right here.