Archive for January 20, 2026

ServiceNow enhances global Partner Program

Posted in Commentary with tags on January 20, 2026 by itnerd

 ServiceNow today announced significant enhancements to its global Partner Program to accelerate AI agent innovation. This includes a newly reimagined Build Program that opens ServiceNow’s partner ecosystem to more innovators and strengthens the ServiceNow Store as a global marketplace for partner-built AI agents. The program will enable a broader set of ISVs, developers, and technology partners to build, test, certify, and distribute solutions on the ServiceNow AI Platform, with more than 1,000 partners — including AutomatePro, SailPoint, and others — transitioning to the revamped program. ServiceNow also introduced a unified investment portfolio and simplified pricing model designed to fuel partner-led growth, making it seamless for partners to innovate, differentiate, and monetize on the ServiceNow AI Platform.

ServiceNow’s partner ecosystem continues to expand in scale and impact with more than 2,700 partners globally. As customers shift from AI experimentation to AI at scale, partners play an increasingly critical role in delivering specialized use cases, speeding deployment, and driving measurable business outcomes. An expanded and open partner ecosystem positions ServiceNow to meet growing enterprise demand for AI agents, generative automation, and industry-specific workflow innovation; these updates equip ServiceNow partners with the programs, investments, and platform capabilities they need to lead this next wave of AI-powered transformation.

Reimagined Build Program opens ServiceNow’s partner ecosystem to more innovators

ServiceNow’s redesigned Build Program makes it significantly easier for ISV, developer, and technology partners to get started, explore new ideas, and differentiate their offerings as they bring new solutions to market. This will accelerate a wave of partner-built AI agents, applications, and connectors that will extend the value of ServiceNow for customers.

The program’s modernized tier structure — Registered, Select, Premier, and Elite — introduces stronger program benefits and fresh opportunities for partners to showcase their AI solutions in the ServiceNow Store, a global marketplace for enterprise-ready AI agents. A new Access Tier also invites aspiring and entry-stage partners to start building immediately with ServiceNow, giving them instant access to tools and resources without needing to fully enroll first.

More than 1,000 existing partners will transition into the redesigned Build Program by March, establishing a unified, fast-growing pipeline of innovators building AI-powered solutions on the ServiceNow AI Platform.

Expanded investment portfolio strengthens support across the entire partner lifecycle

ServiceNow is supercharging its partner ecosystem with a unified investment strategy for 2026, designed to spark growth, fuel innovation, and help partners win faster, together. The expanded partner investment portfolio provides meaningful support at every phase of the journey — from building demand to closing deals to driving successful deployments — achieved through an increased investment in incentives, rewards, and co-marketing programs.

Key components include:

  • Market Development Fund (MDF): New funding opportunities and 100% reimbursement for select activities, enabling eligible partners to build demand and generate pipeline.
  • Strategic Investment Fund (SIF): Targeted funding to accelerate high-impact customer opportunities and unlock faster outcomes.
  • Sell-through, deployment, and specialization incentives: Rewards that recognize partners for driving customer value and deepening technical expertise across the ServiceNow AI Platform.

Each program element is aligned with the updated ServiceNow partner tiers, ensuring partners gain access to the right support at the right time, and that their benefits scale as their success grows.

To further simplify partner engagement and remove friction as the partner ecosystem grows, ServiceNow is also introducing a streamlined fee structure. Beginning immediately, all global partners will move to a streamlined single annual membership fee. This change reflects direct partner feedback and is designed to create a simpler, more equitable structure that allows partners to focus on building, innovating, and going to market, rather than navigating complex program fees.

With fewer barriers to entry and clearer paths to value, partners appreciate the ability to more easily build differentiated AI-powered solutions, reach customers through the ServiceNow Store, and deploy their solutions on the ServiceNow AI Platform.

For more information on the ServiceNow Partner Program visit servicenow.com/partners.

Leave a comment »

Guest Post: AI’s dual edge, supply chain peril, and passkeys vs. passwords

Posted in Commentary with tags on January 20, 2026 by itnerd

What will the cybersecurity landscape look like in 2026 and beyond?

As we enter 2026, the cybersecurity battleground continues to shift, presenting internet users and organizations with a mix of threats and challenges. Karolis Arbaciauskas, head of product at the cybersecurity company NordPass, offers his expert outlook for the year ahead.

“Artificial intelligence will sharpen the tools of both attackers and defenders, while the integrity of global supply chains will face increasing scrutiny,” says Arbaciauskas.

According to Arbaciauskas,  the cybersecurity landscape is generally poised for a period of evolution, characterized by both technological advancements (including AI) and persistent, fundamental vulnerabilities.

Here are Arbaciauskas’ key cybersecurity predictions for 2026:

AI integration — Smarter and more widespread

The integration of artificial intelligence (AI) capabilities by both threat actors (red teams) and defensive security practitioners (blue teams) will continue. On the offensive side, AI will be predominantly leveraged to enhance reconnaissance operations, enabling higher-fidelity data collection and intelligence gathering. The cybersecurity community is also starting to worry that threat actors might soon figure out a way to use AI for automated vulnerability discovery and start scanning networks and applications for flaws and misconfigurations.

Supply chain attacks will increase

In the enterprise field, supply chain attacks might become an even bigger problem than they are now. The trend is emerging — mature organizations increasingly strengthen their cybersecurity, so for bad actors it is becoming easier to penetrate companies through vendors.

I would advocate prioritizing investment in resilience against this attack vector. More attention should be paid to the technical part of vendor assessment and the final agreement. Prior to onboarding any third-party service provider, organizations should implement comprehensive vendor risk assessment protocols. This evaluation should include verification of SOC Type 2, ISO 270001, penetration testing outcomes, and documented security practices.

Negligence – One of the biggest challenges ahead

The most significant challenges that private users and organizations will face this year will stem from common security deficiencies rather than novel attack methodologies. The threat landscape will remain substantially shaped by threats caused by our own negligence, such as infrastructure and application misconfigurations, insufficient digital hygiene, weak credential management, password reuse, and lack of MFA.

For businesses, an underaddressed risk may come from malicious actors inside the company. Rogue employees or privileged administrators possess authorized access enabling them to bypass security controls. And they often maintain that access even after leaving the company. It is worrying that, according to a survey commissioned by PasswordManager.com last year, about 40% of workers used passwords from a former employer after leaving the company.

Moreover, the threat extends beyond disgruntled or laid-off employees with a vendetta. Last year, media outlets reported on multiple instances of foreign state-linked operatives digitally infiltrating Western companies. Consequently, organizations should dedicate more attention and resources to mitigating these sophisticated threats.

The great corporate migration to browsers

As more and more companies indicate that browsers are the main workspace, where their  employees spend most of their time, we will see more security focused extensions and browsers, including new enterprise browsers and tools.

Passwords will remain the first line of defense

Together with industry researchers we have been studying password-related behavior and data leaked to the dark web for 7 years now, and unfortunately, we see no significant improvement in digital hygiene globally. At least for now, it looks like passwords will remain the first line of defense against digital intruders and one of the weakest links in the security chain at the same time. Credentials will remain the predominant initial access vector enabling cyber incidents.

Passkey adoption will increase but will not overtake passwords

As advocates of passkey authentication, we initially projected more rapid and widespread adoption, given the technology’s inherent phishing-resistant properties and superior security architecture. While actual adoption rates have proven slower than anticipated, the trajectory remains consistently positive. Major platform providers like Apple, Google, and Microsoft have integrated native passkey support across their ecosystems.

Consumer-facing services such as PayPal, eBay, and Amazon are progressively implementing passkey authentication options as well. We also see more enterprise organizations that are beginning to deploy passkeys within their workforce.

However, several barriers continue to impede accelerated adoption. Consumer awareness and comprehension of passkey technology remains limited, account recovery workflows present usability challenges, and cross-platform interoperability issues persist. These factors constitute the primary obstacles to mainstream adoption. Based on current trajectory analysis, passkeys remain multiple years from achieving predominant status as a consumer authentication method.

Regulation will determine increased spending

Regulations and compliance requirements in the European Union (for example, the EU Cyber Resilience Act and NIS2) signal a broader shift toward standardized mandated cybersecurity. This will probably create some additional challenges for CISOs and stimulate an increase in general cybersecurity spending but is expected to have positive implications for overall ecosystem resilience.”

Leave a comment »

Nexthink Spark Resolves 77% of IT Issues at First Contact

Posted in Commentary with tags on January 20, 2026 by itnerd

 Nexthink today announced the launch of Nexthink Spark, the world’s first personal IT agent powered by real-time DEX data. 

Built on the Nexthink Infinity platform, Spark is a personalized, context-aware, fully autonomous AI agent that reaches employees and resolves IT issues before they impact work. Unlike traditional virtual agents that primarily route or log tickets, Spark is designed to fix issues at first contact. 

Already in use by more than 25 of Nexthink’s most DEX-mature customers, Nexthink Spark is fundamentally reforming IT support services. Traditional approaches to IT support have failed, with ticket volumes continuing to rise, employee satisfaction stalled, and costs mounting to around 4% of global IT spend. Consequently, businesses have had to choose between overstaffing IT service teams or accepting chronic employee frustration and decreased productivity. 

Nexthink Spark offers a third way forward. After a very broad early adopter program involving thousands of employees Spark achieved a 77% first contact resolution rate, more than five times the industry average of 15%. This was paired with a major reduction in lost productivity time, as Spark was able to autonomously resolved L1 issues in less than 2 minutes on average.

Key features of Nexthink Spark include: 

  • Personalization: Leverages real-time endpoint telemetry to understand each employee’s digital journey, delivering the right resolutions through the right conversations at the right moment.
  • Context-aware intelligence: Uses live signals from the Nexthink Infinity platform to understand issues as they occur and apply the most relevant remediation in real time.
  • End-to-end automation: Executes fixes using native DEX remote actions and workflows, resolving issues autonomously without complex integrations or external orchestration.
  • Governance and guardrails: Built with enterprise-grade controls that allow IT teams to define policies, approve actions, and continuously train models to adapt safely to the organization.

To learn more about Nexthink Spark and how it helps organizations reduce IT support costs while improving employee productivity, visit Spark | Nexthink.  

Leave a comment »

2026 State of CCM Report: Resource Constraints Drive 85% of Organizations to Rethink Traditional GRC Approaches

Posted in Commentary with tags on January 20, 2026 by itnerd

RegScale today announced its second annual State of Continuous Controls Monitoring (CCM) Report, building on last year’s landmark study with expanded insights into how organizations are adapting to rising regulatory pressure and increasing security demands.

This year’s data shows that 83% of organizations report moderate or major delays caused by manual compliance work, with 53% dedicating the equivalent of one full-time employeeexclusively to evidence collection — just one of dozens of manual GRC workflows. As security and risk frameworks multiply and regulatory expectations accelerate, teams are facing the highest operational stress levels recorded to date.

Key Findings from the 2026 Report

  • 85% of organizations report delaying or eliminating legacy GRC activities due to resource constraints.
  • 44% have postponed control testing and monitoring, while 33% have postponed policy updates and governance reviews with 25% citing a lack of skilled employees as a major barrier.

AI Adoption Rising, Yet Full Automation Remains Rare:

  • 95% of organizations have implemented some level of automation in GRC.
  • Only 4% have achieved full end-to-end automation.
  • Only 28% monitor their security controls continuously in real- time, while 72% still rely on periodic assessments.
  • 64% report significant or transformational improvement from AI adoption.

The 2026 report underscores a pivotal trend: real-time compliance and security are becoming indistinguishable requirements. Organizations that rely on manual evidence collection, fragmented data, and periodic control checks face increased exposure and higher operational costs, particularly as AI-driven threats accelerate.

Beyond workforce strain and automation maturity, the report examines board-level reporting and metrics, industry-specific compliance challenges, regulatory complexity, and how organizations are evolving governance models to support continuous assurance. Together, these insights provide a broader view of how compliance programs are being reshaped to meet rising expectations from regulators, executives, and businesses.

To explore the full findings of the 2026 State of Continuous Controls Monitoring Report, please download the full report or attend the exclusive webinar on January 27, 2026, where industry experts will share actionable guidance on strengthening compliance operations, improving automation maturity, and building a more resilient security posture.

Methodology:

The 2026 State of Continuous Controls Monitoring Report is based on a survey conducted in September and October 2025 among 253 InfoSec leaders, including CISOs, CIOs, Chief Risk Officers, and VPs and Directors of Security. Respondents were surveyed from organizations with more than 1,000 employees and across a range of industries, including financial services, healthcare, tech, retail, government, business services, manufacturing, and more.

Leave a comment »

ATTOM Acquires ResiShares to Expand Its Data and Analytics Platform

Posted in Commentary with tags on January 20, 2026 by itnerd

ATTOM today announced it has acquired key assets of ResiShares, including its analytics platform and proprietary technology. By combining these assets with ATTOM’s national property data, the acquisition strengthens ATTOM’s analytics and technology foundation and reinforces the company’s ongoing investment in data, analytics, and AI-driven innovation for clients across the entire real estate ecosystem.

Founded to support sophisticated investment and operating workflows, ResiShares built a scalable, modular analytics platform that integrates proprietary forecasting models, quantitative research, and advanced tooling. It was founded by industry veterans Michael Greene, Alex Villacorta, Dan Glaser, and Michael Cook, and reflects deep expertise across data science, quantitative research, and real-world asset operations.

ATTOM will evolve this technology into enterprise grade analytics products, bringing new tools and deeper insights to a broad range of clients across the real estate industry and beyond, including financial services firms, insurers, technology companies, government agencies, and data-driven enterprises.

ResiShares’ technology includes proprietary price and rent forecasts, neighborhood-level performance analytics, and advanced modeling designed to surface trends, risk, and opportunity across markets. Combined with ATTOM’s national data assets, these capabilities enable clients to apply more advanced analytics to their own use cases across industries.

By integrating these capabilities into its broader platform, ATTOM will accelerate product development and deliver expanded, AI-powered insights that support decision-making across industries and business applications.

Leave a comment »

Ivo raises $55M to transform contracts into a trusted source of intelligence for every business

Posted in Commentary with tags on January 20, 2026 by itnerd

Contracting has become one of the most strained workflows for in-house teams.  An increasing number of contracts must be reviewed accurately, but resources are stretched thin. In addition, critical business insights are locked within contracts without easy ways to extract them. To meet this challenge, Ivo, the AI-powered contract intelligence platform that removes tedious contract review and transforms contracts into reliable business intelligence for enterprises, is today announcing a $55M Series B funding round led by existing investor Blackbird, with participation from existing and new investors Costanoa Ventures, Uncork Capital, Fika Ventures, GD1 and Icehouse Ventures. 

Since its last funding round, the company has grown annual recurring revenue by 500%, increased total customers by 134 percent, and expanded adoption within the Fortune 500 by 250 percent.

The new capital will support product development and scaling as the company deepens its reach across the hundreds of organizations that already rely on Ivo, including Uber, Shopify, Atlassian, Reddit, and Canva. 

Ivo is purpose-built for in-house teams that need both reviews with surgical accuracy as well as visibility into their complete contract library. The company’s AI-powered contract review solution, Ivo Review, allows users to complete reviews in a fraction of the time; customers report saving up to 75 percent of the time that manual review would demand. The product standardizes a company’s positions and precedents using playbooks built and implemented by lawyers. This means that every contract is reviewed accurately, consistently, and efficiently, critical for large and globally distributed teams.  

Ivo Intelligence gives companies visibility into every single one of their agreements in seconds without having to rely on manual input or metatagging. Contracting teams can now answer business-critical questions of their contracts within minutes, rather than taking months of manual review. The system also automatically identifies connections between agreements and highlights standard legal positions, allowing contracting teams to operate with greater clarity and control. 

Ivo’s long term vision is to elevate contracts into strategic assets for every business and to make the experience of working with them effortless. As the platform expands, the company aims to bring clarity, speed, and intelligence to contracting so that teams across the enterprise can operate with greater confidence and insight.

Leave a comment »

Specops 2026 Breached Password Report: A Year’s Worth of Malware-Stolen Credentials

Posted in Commentary with tags on January 20, 2026 by itnerd

Specops Software has published its annual Breach Password Report 2026. With credential abuse remaining one of the most reliable and scalable initial access methods available to attackers, this report dives deeply into a year’s worth of malware-stolen credentials. 

The data in this research comes from the Outpost24 Threat Intelligence Team, finding that over 6 billion stolen passwords were captured during 2025. The research takes a look at which credential-stealing malware was most prolific in the year, what length passwords were most commonly compromised, as well as which base words were most often used in compromised passwords, and more. 

You can read the report here: https://specopssoft.com/our-resources/most-common-passwords/

Leave a comment »