ServiceNow and OpenAI collaborate to deepen and accelerate enterprise AI outcomes

Posted in Commentary with tags on January 21, 2026 by itnerd

ServiceNow and OpenAI today announced an enhanced strategic collaboration to power agentic AI experiences and accelerate enterprise AI outcomes. The agreement unlocks a deep collaboration between OpenAI technical advisors and ServiceNow engineers that will be equipped with its frontier models, which will give customers direct access to frontier capabilities, custom ServiceNow AI solutions built and aligned to their unique roadmaps, and increased speed and scale with no bespoke development required. ServiceNow will build direct speech-to-speech technology using OpenAI models to break through language barriers and offer more natural interactions. With the latest OpenAI models including GPT-5.2, ServiceNow will unlock a new class of AI-powered automation for the world’s largest companies.

Co-innovation that drives faster, easier customer adoption

As AI model releases accelerate, large enterprises need help keeping their workflows aligned with the latest innovations. Bringing OpenAI models into the ServiceNow AI Platform complements a customer’s ServiceNow configuration management database (CMDB) while also offering native, embedded access to intelligence to further inform actions that will be taken within workflows. ServiceNow’s AI Control Tower then provides the governance and orchestration layer, giving organizations centralized visibility into how models are applied across workflows, how they interact with enterprise data and systems, and how AI-driven actions are executed at scale in a controlled, auditable way. For example:

  • Real-time speech-to-speech voice agents: With OpenAI, ServiceNow is working toward real-time speech-to-speech AI agents that can listen, reason, and respond naturally without text intermediation. For example, a user can speak in their preferred language and receive an instant response from an AI agent that opens a case, triggers an approval, and orchestrates next steps without translation delay — reducing latency, preserving meaning, and eliminating unnecessary handoffs.
  • Super charging automation: Computer-use models from OpenAI unlock a new class of IT automation for ServiceNow customers by enabling interactions with systems. By turning unstructured documents into actionable data, this capability extends secure, context-aware automation across more environments — enabling autonomous orchestration of workplace tools like email and chat, automation of legacy systems including mainframes, and greater efficiency across complex IT landscapes.

Delivering AI impact on a foundation of proven success

This agreement builds on the long-standing efforts of ServiceNow to offer customers the choice of accessing OpenAI models for:

  • AI assistance that lets employees ask questions in natural language and get clear, actionable answers through speech-to-text capabilities.
  • AI-powered summarization and content generation for incidents, cases, knowledge articles, and service interactions — helping teams resolve issues faster with less manual effort.
  • Developer and admin tools that turn intent into workflows, logic, and automation, dramatically speeding how business processes are built and updated.
  • Intelligent search and discovery that pulls the right information from across enterprise systems exactly when it’s needed.

ServiceNow powers more than 80 billion workflows every year. Together with OpenAI, the company is bringing customers innovative new capabilities that enable even more advanced automation and workflows across industries and across use cases.

Leave a comment »

Guest Post: 2025 saw a 45% increase in ransomware attacks

Posted in Commentary with tags on January 21, 2026 by itnerd

Ransomware attacks soared in 2025, with 9,251 recorded cases compared to 6,395 cases in 2024

The latest findings from NordStellar, a threat exposure management platform, reveal that the number of ransomware incidents in 2025 soared compared to 2024. The data shows that in 2025, 9,251 ransomware cases were recorded on the dark web, marking a significant 45% increase compared to 6,395 cases recorded in 2024.

The number of ransomware cases rose significantly in the last quarter of 2025. December set a two‑year record, with a substantial 1,004 recorded incidents.

“In the last quarter of 2025, ransomware groups deliberately exploited end-of-year cybersecurity gaps caused by reduced staffing and monitoring,” says Vakaris Noreika, cybersecurity expert at NordStellar. “However, there has been an upward trajectory the whole year. Ransomware actors are growing increasingly aggressive — given the surge in 2025, the number of ransomware incidents in 2026 is likely to exceed 12,000.”

According to Noreika, the number of ransomware groups has also been increasing. The recorded ransomware incidents in 2025 could be traced back to 134 different groups — a 30% increase from the 103 groups linked to recorded ransomware incidents in 2024.

SMBs in the US were affected the most

Companies in the US remained the primary targets, with 3,255 recorded ransomware cases in 2025 (a 28% increase from 2,544 incidents in 2024), accounting for 64% of all cases. The US was followed by Canada with 352 cases (a 46% increase from 2024), then Germany with 270 cases (a 97% increase), the United Kingdom with 233 cases (a 2% increase), and France with 155 cases (a 46% increase).

Small and medium-sized businesses (SMBs) with up to 200 employees and revenues up to $25 million experienced the most ransomware attacks. This data aligns with th

“SMBs are attractive targets for ransomware attacks because they often lack security staff and tools and operate within limited cybersecurity budgets — all of which are essential to safeguard their systems,” says Noreika. “Smaller organizations are also more likely to rely on outdated software, have limited security monitoring, and  rely on external vendors for IT support. Consequently, when attacked, they’re more likely to pay ransoms quickly to avoid business disruptions, which is why ransomware groups keep targeting them.”

The most-targeted ransomware-victim company profile in 2025

As in 2024, companies in the manufacturing industry continued to bear the brunt of ransomware attacks, with 1,156 incidents in 2025 (a 32% increase from the previous year), accounting for 19.3% of all cases (a 0.3% increase from 2024). 

The manufacturing industry was followed by the IT industry, with 524 recorded cases (a 35% increase from 2024), professional, scientific, and technical services (494 incidents, a 30% increase), the construction industry (443 incidents, a 24% increase), and healthcare, with 339 attacks (a 6% decrease from 2024).

Experts from NordStellar analyzed the ransomware attacks on companies in the manufacturing industry. They found that SMBs (those with up to 200 employees and $25M in revenue) operating in the general manufacturing industry were the most targeted. They were followed by other smaller businesses operating in the machinery manufacturing sector (10% of all attacks on the manufacturing industry), and SMBs operating in the appliances, electrical, and electronics manufacturing sector, accounting for 9.9% of all ransomware attacks on the manufacturing industry.

“Cybercriminals prioritize choosing targets that offer the biggest payoff for the least amount of effort, and SMBs in the manufacturing industry fit this perfectly — they generate enough revenue to pay large ransoms but usually don’t have the capacity to implement strong security measures or fast recovery options,” says Noreika.

According to Noreika, manufacturing companies are in a difficult position — their production lines can’t stop for long periods, so even short disruptions can cause significant financial losses. Consequently, they’re pressured to do anything it takes to continue their operations — even if it means giving in to the attackers’ demands.

“Machinery and industrial equipment manufacturers were also heavily targeted — this could be the result of expanded digitalization and remote connectivity in production environments,” says Noreika. “Meanwhile, appliance and electronics manufacturers are facing a higher risk of experiencing a cyberattack due to complex supplier integration and cloud-based operations.”

According to Noreika, interconnected environments increase the likelihood of lateral compromise, which can occur through shared networks or third‑party access.

The ransomware group landscape: Qilin takes the lead

Data reveals that the ransomware group Qilin carried out the most attacks in 2025, with 1,066 cases (a 408% increase compared to 2024). It was followed closely by Akira, with 947 recorded ransomware cases (a 125% increase), then the-remerged Cl0p leaks (594 cases, a 525% increase), the relatively new, rapidly growing ransomware threat actor Safepay (464 cases, a 775% increase), and INC ransom, with 442 recorded cases (an 83% increase compared to 2024).

“The changes in the ransomware threat actor landscape reflect how competitive the ransomware-as-a-service world has become,” says Noreika. “Groups like Qilin experienced significant growth because many affiliates joined their operations after other platforms were shut down or became less profitable. Affiliates choose which ransomware to use based on better payment structure, support, the reliability of the tools provided, or reputation of success.”

He underscores that Akira could have expanded for similar reasons. According to Noreika, the emergence of new ransomware names suggests that groups often rebrand or start fresh operations when facing law‑enforcement pressure. He notes that the activity of LockBit, one of the most active groups in 2024, witnessed a significant decline in 2025 due to successful law enforcement operations. 

Incidents peak, but targets remain the same: What’s next?

According to the findings, the number of ransomware cases peaked in the last quarter of 2025, with 2,910 recorded incidents, marking a 38% increase compared to the same period in 2024 (2,102 cases) and a 49% increase from the number of incidents recorded in the July-September period of 2025 (1,954 cases).

The data from the final quarter of 2025 mirrored the findings from throughout the year — small and medium-sized manufacturers remained the primary target. For more details on the findings on ransomware cases in 2025 Q4, read here.

“The success of end-of-year attacks is concerning — this will likely motivate the ransomware groups to repeat these timing patterns at the end of 2026 as well,” says Noreika. “Businesses, especially SMBs and those operating in industries where operational downtime is unacceptable, or that handle high-value data, should be on high alert and reassess their preparedness to combat ransomware.”

To increase their resilience against ransomware attacks, Noreika advises companies to strengthen their basic security hygiene. This includes updating and patching systems and applications, using multifactor authentication, implementing password management policies, and enforcing the zero trust framework to prevent malware from spreading laterally.

“For early threat prevention and detection, intelligence is key — it enables businesses to patch critical vulnerabilities and detect indicators of compromise as soon as possible,” says Noreika. “Data leaked onto the dark web may expose credentials or sensitive details that attackers can exploit to gain unauthorized access. An early alert enables organizations to reset passwords, revoke access keys, disable compromised accounts, and support faster incident response.”

Noreika explains that having a ransomware incident-response plan is crucial for reducing the scope of damage from an attack as soon as possible. He also emphasizes the importance of having a recovery plan as well as backing up critical data to minimize operational downtime.

Disclaimer: While the total number of 9,251 ransomware attacks in 2025 is accurate, the figures presented for each category (industry, company size, and country) may be slightly higher. This is because a number of incidents were missing data needed for categorization and thus were omitted.

Leave a comment »

Sumo Logic strengthens cloud data security and data pipeline visibility with new Snowflake and Databricks integrations

Posted in Commentary with tags on January 21, 2026 by itnerd

Sumo Logic today announced its new Snowflake Logs App and Databricks Audit App. These strategic apps provide customers with robust visibility into their data pipelines, dependable security analytics, and faster troubleshooting across two of the industry’s leading cloud data platforms.

With data volumes and associated vulnerabilities rapidly growing, security, operations, and data teams require unified, real-time insight into user activity, configuration changes, performance issues, and potential threats across their environment. These new apps expand Sumo Logic’s industry-leading coverage for Databricks and Snowflake platforms to help teams detect anomalies, investigate incidents, and monitor and optimize operations.

Snowflake Logs App

Snowflake provides a single, fully managed data platform, but our customers often lack visibility into performance, login activity, and operational health.

The Sumo Logic Snowflake Logs App enables customers to:

  • Analyze login and access activity to identify anomalies or potentially suspicious behavior
  • Optimize data pipelines and workloads with insights into long running or failing queries
  • Centralize log data for easier correlation across applications, cloud services, and data platforms

With real-time dashboards and alerting, teams can troubleshoot faster, improve reliability, and maximize the value of their Snowflake investment.

Databricks Audit App

Databricks offers a unified platform for data, analytics and AI. For our customers using the platform for highly sensitive workloads, visibility into user behavior and configuration changes is critical.

The Sumo Logic Databricks Audit App delivers:

  • Centralized visibility into user activity, job execution, access patterns, and administrative operations
  • Real-time detection of unauthorized access attempts, privilege escalations, and anomalous behavior
  • Faster incident investigations with visualizations that contextualize activity across multiple workspaces

With unified insights across Databricks audit logs, security and compliance teams can more effectively identify emerging critical threats, reduce detection time, and maintain a strong security posture.

Availability

Both the Databricks Audit App and Snowflake Logs App are now available in the Sumo Logic App Catalog.

Leave a comment »

Black Kite’s 2026 Wholesale & Retail Report Reveals Over 70% of Major Retailers, Nearly 60% of Wholesalers, and 52% of the Supply Chain Have Exposed Credentials

Posted in Commentary with tags on January 21, 2026 by itnerd

Black Kite today announced the release of its 2026 Wholesale & Retail Report: Cyber Exposure in the Age of Digital Supply Chain Attacks, which delves into the cyber risk for retail and wholesale companies that rely on many of the same essential vendors, including IT service providers, software platforms, and financial services. The report found a significant overlap in threat actors actively targeting these two sectors, confirming that they see wholesale and retail not as separate markets but rather as one large, interconnected system of targets.

The interconnectedness between wholesale and retail is aggressively exploited by threat actors that view the landscape as a single, lucrative target likely to pay out to minimize supply chain disruption. Additionally, with attackers seeing wholesale and retail as one target, they have developed universal attack tools and malware, such as Stealer Logs and MFT exploits, capable of working across both. Their goal is simply to find the easiest entry point into the system, regardless of which sector that entry point belongs to. For defenders, this tactic means their defense strategies must be unified. For instance, a successful breach into a wholesaler can create an easy entry point leveraged by the same group to be used against a major retailer that uses that particular wholesaler.

One of the report’s most critical findings is the widespread presence of compromised credentials, meaning that initial access has already been granted to a majority of the industry. In fact, over 70% of major retailers, nearly 60% of wholesalers, and 52% of the supply chain have exposed credentials.

Additional key findings include:

  • 17% of retail ransomware victims had revenue over $1B, demonstrating that threat actors prioritize ‘big game hunting’ in the retail sector – a specific target for high-value extortion.
  • 39% of wholesale ransomware victims had revenue in the mid-market range of $20M–$100M as attackers play a ‘volume game’ on smaller enterprises.
  • 42% of critical supply chain vendors are exposed to at least one vulnerability from the CISA Known Exploited Vulnerabilities (KEV) Catalog, listing flaws currently under active attack.
  • 2 vendor categories – Professional & Technical Services (793) and Information (705) –  totaling 1,498 companies, dominate the supply chain, outnumbering physical categories by a significant margin.

The report’s findings are conclusive. The shared supply chain is the new threat, and credential theft is the dominant access vector. In order to protect themselves, wholesalers, retailers and their vendors must urgently prioritize patching the specific vulnerabilities listed in the CISA KEV catalog, particularly those granting Remote Code Execution (RCE), which are the exact flaws active ransomware groups are weaponizing today.

Black Kite’s report empowers cybersecurity leaders and business executives to understand today’s emerging threats and learn how to proactively manage their third-party cyber risk to protect their organizations from supply chain disruptions.

To read the report, visit https://content.blackkite.com/ebook/wholesale-retail-tprm-report-2026/.

Leave a comment »

ServiceNow enhances global Partner Program

Posted in Commentary with tags on January 20, 2026 by itnerd

 ServiceNow today announced significant enhancements to its global Partner Program to accelerate AI agent innovation. This includes a newly reimagined Build Program that opens ServiceNow’s partner ecosystem to more innovators and strengthens the ServiceNow Store as a global marketplace for partner-built AI agents. The program will enable a broader set of ISVs, developers, and technology partners to build, test, certify, and distribute solutions on the ServiceNow AI Platform, with more than 1,000 partners — including AutomatePro, SailPoint, and others — transitioning to the revamped program. ServiceNow also introduced a unified investment portfolio and simplified pricing model designed to fuel partner-led growth, making it seamless for partners to innovate, differentiate, and monetize on the ServiceNow AI Platform.

ServiceNow’s partner ecosystem continues to expand in scale and impact with more than 2,700 partners globally. As customers shift from AI experimentation to AI at scale, partners play an increasingly critical role in delivering specialized use cases, speeding deployment, and driving measurable business outcomes. An expanded and open partner ecosystem positions ServiceNow to meet growing enterprise demand for AI agents, generative automation, and industry-specific workflow innovation; these updates equip ServiceNow partners with the programs, investments, and platform capabilities they need to lead this next wave of AI-powered transformation.

Reimagined Build Program opens ServiceNow’s partner ecosystem to more innovators

ServiceNow’s redesigned Build Program makes it significantly easier for ISV, developer, and technology partners to get started, explore new ideas, and differentiate their offerings as they bring new solutions to market. This will accelerate a wave of partner-built AI agents, applications, and connectors that will extend the value of ServiceNow for customers.

The program’s modernized tier structure — Registered, Select, Premier, and Elite — introduces stronger program benefits and fresh opportunities for partners to showcase their AI solutions in the ServiceNow Store, a global marketplace for enterprise-ready AI agents. A new Access Tier also invites aspiring and entry-stage partners to start building immediately with ServiceNow, giving them instant access to tools and resources without needing to fully enroll first.

More than 1,000 existing partners will transition into the redesigned Build Program by March, establishing a unified, fast-growing pipeline of innovators building AI-powered solutions on the ServiceNow AI Platform.

Expanded investment portfolio strengthens support across the entire partner lifecycle

ServiceNow is supercharging its partner ecosystem with a unified investment strategy for 2026, designed to spark growth, fuel innovation, and help partners win faster, together. The expanded partner investment portfolio provides meaningful support at every phase of the journey — from building demand to closing deals to driving successful deployments — achieved through an increased investment in incentives, rewards, and co-marketing programs.

Key components include:

  • Market Development Fund (MDF): New funding opportunities and 100% reimbursement for select activities, enabling eligible partners to build demand and generate pipeline.
  • Strategic Investment Fund (SIF): Targeted funding to accelerate high-impact customer opportunities and unlock faster outcomes.
  • Sell-through, deployment, and specialization incentives: Rewards that recognize partners for driving customer value and deepening technical expertise across the ServiceNow AI Platform.

Each program element is aligned with the updated ServiceNow partner tiers, ensuring partners gain access to the right support at the right time, and that their benefits scale as their success grows.

To further simplify partner engagement and remove friction as the partner ecosystem grows, ServiceNow is also introducing a streamlined fee structure. Beginning immediately, all global partners will move to a streamlined single annual membership fee. This change reflects direct partner feedback and is designed to create a simpler, more equitable structure that allows partners to focus on building, innovating, and going to market, rather than navigating complex program fees.

With fewer barriers to entry and clearer paths to value, partners appreciate the ability to more easily build differentiated AI-powered solutions, reach customers through the ServiceNow Store, and deploy their solutions on the ServiceNow AI Platform.

For more information on the ServiceNow Partner Program visit servicenow.com/partners.

Leave a comment »

Guest Post: AI’s dual edge, supply chain peril, and passkeys vs. passwords

Posted in Commentary with tags on January 20, 2026 by itnerd

What will the cybersecurity landscape look like in 2026 and beyond?

As we enter 2026, the cybersecurity battleground continues to shift, presenting internet users and organizations with a mix of threats and challenges. Karolis Arbaciauskas, head of product at the cybersecurity company NordPass, offers his expert outlook for the year ahead.

“Artificial intelligence will sharpen the tools of both attackers and defenders, while the integrity of global supply chains will face increasing scrutiny,” says Arbaciauskas.

According to Arbaciauskas,  the cybersecurity landscape is generally poised for a period of evolution, characterized by both technological advancements (including AI) and persistent, fundamental vulnerabilities.

Here are Arbaciauskas’ key cybersecurity predictions for 2026:

AI integration — Smarter and more widespread

The integration of artificial intelligence (AI) capabilities by both threat actors (red teams) and defensive security practitioners (blue teams) will continue. On the offensive side, AI will be predominantly leveraged to enhance reconnaissance operations, enabling higher-fidelity data collection and intelligence gathering. The cybersecurity community is also starting to worry that threat actors might soon figure out a way to use AI for automated vulnerability discovery and start scanning networks and applications for flaws and misconfigurations.

Supply chain attacks will increase

In the enterprise field, supply chain attacks might become an even bigger problem than they are now. The trend is emerging — mature organizations increasingly strengthen their cybersecurity, so for bad actors it is becoming easier to penetrate companies through vendors.

I would advocate prioritizing investment in resilience against this attack vector. More attention should be paid to the technical part of vendor assessment and the final agreement. Prior to onboarding any third-party service provider, organizations should implement comprehensive vendor risk assessment protocols. This evaluation should include verification of SOC Type 2, ISO 270001, penetration testing outcomes, and documented security practices.

Negligence – One of the biggest challenges ahead

The most significant challenges that private users and organizations will face this year will stem from common security deficiencies rather than novel attack methodologies. The threat landscape will remain substantially shaped by threats caused by our own negligence, such as infrastructure and application misconfigurations, insufficient digital hygiene, weak credential management, password reuse, and lack of MFA.

For businesses, an underaddressed risk may come from malicious actors inside the company. Rogue employees or privileged administrators possess authorized access enabling them to bypass security controls. And they often maintain that access even after leaving the company. It is worrying that, according to a survey commissioned by PasswordManager.com last year, about 40% of workers used passwords from a former employer after leaving the company.

Moreover, the threat extends beyond disgruntled or laid-off employees with a vendetta. Last year, media outlets reported on multiple instances of foreign state-linked operatives digitally infiltrating Western companies. Consequently, organizations should dedicate more attention and resources to mitigating these sophisticated threats.

The great corporate migration to browsers

As more and more companies indicate that browsers are the main workspace, where their  employees spend most of their time, we will see more security focused extensions and browsers, including new enterprise browsers and tools.

Passwords will remain the first line of defense

Together with industry researchers we have been studying password-related behavior and data leaked to the dark web for 7 years now, and unfortunately, we see no significant improvement in digital hygiene globally. At least for now, it looks like passwords will remain the first line of defense against digital intruders and one of the weakest links in the security chain at the same time. Credentials will remain the predominant initial access vector enabling cyber incidents.

Passkey adoption will increase but will not overtake passwords

As advocates of passkey authentication, we initially projected more rapid and widespread adoption, given the technology’s inherent phishing-resistant properties and superior security architecture. While actual adoption rates have proven slower than anticipated, the trajectory remains consistently positive. Major platform providers like Apple, Google, and Microsoft have integrated native passkey support across their ecosystems.

Consumer-facing services such as PayPal, eBay, and Amazon are progressively implementing passkey authentication options as well. We also see more enterprise organizations that are beginning to deploy passkeys within their workforce.

However, several barriers continue to impede accelerated adoption. Consumer awareness and comprehension of passkey technology remains limited, account recovery workflows present usability challenges, and cross-platform interoperability issues persist. These factors constitute the primary obstacles to mainstream adoption. Based on current trajectory analysis, passkeys remain multiple years from achieving predominant status as a consumer authentication method.

Regulation will determine increased spending

Regulations and compliance requirements in the European Union (for example, the EU Cyber Resilience Act and NIS2) signal a broader shift toward standardized mandated cybersecurity. This will probably create some additional challenges for CISOs and stimulate an increase in general cybersecurity spending but is expected to have positive implications for overall ecosystem resilience.”

Leave a comment »

Nexthink Spark Resolves 77% of IT Issues at First Contact

Posted in Commentary with tags on January 20, 2026 by itnerd

 Nexthink today announced the launch of Nexthink Spark, the world’s first personal IT agent powered by real-time DEX data. 

Built on the Nexthink Infinity platform, Spark is a personalized, context-aware, fully autonomous AI agent that reaches employees and resolves IT issues before they impact work. Unlike traditional virtual agents that primarily route or log tickets, Spark is designed to fix issues at first contact. 

Already in use by more than 25 of Nexthink’s most DEX-mature customers, Nexthink Spark is fundamentally reforming IT support services. Traditional approaches to IT support have failed, with ticket volumes continuing to rise, employee satisfaction stalled, and costs mounting to around 4% of global IT spend. Consequently, businesses have had to choose between overstaffing IT service teams or accepting chronic employee frustration and decreased productivity. 

Nexthink Spark offers a third way forward. After a very broad early adopter program involving thousands of employees Spark achieved a 77% first contact resolution rate, more than five times the industry average of 15%. This was paired with a major reduction in lost productivity time, as Spark was able to autonomously resolved L1 issues in less than 2 minutes on average.

Key features of Nexthink Spark include: 

  • Personalization: Leverages real-time endpoint telemetry to understand each employee’s digital journey, delivering the right resolutions through the right conversations at the right moment.
  • Context-aware intelligence: Uses live signals from the Nexthink Infinity platform to understand issues as they occur and apply the most relevant remediation in real time.
  • End-to-end automation: Executes fixes using native DEX remote actions and workflows, resolving issues autonomously without complex integrations or external orchestration.
  • Governance and guardrails: Built with enterprise-grade controls that allow IT teams to define policies, approve actions, and continuously train models to adapt safely to the organization.

To learn more about Nexthink Spark and how it helps organizations reduce IT support costs while improving employee productivity, visit Spark | Nexthink.  

Leave a comment »

2026 State of CCM Report: Resource Constraints Drive 85% of Organizations to Rethink Traditional GRC Approaches

Posted in Commentary with tags on January 20, 2026 by itnerd

RegScale today announced its second annual State of Continuous Controls Monitoring (CCM) Report, building on last year’s landmark study with expanded insights into how organizations are adapting to rising regulatory pressure and increasing security demands.

This year’s data shows that 83% of organizations report moderate or major delays caused by manual compliance work, with 53% dedicating the equivalent of one full-time employeeexclusively to evidence collection — just one of dozens of manual GRC workflows. As security and risk frameworks multiply and regulatory expectations accelerate, teams are facing the highest operational stress levels recorded to date.

Key Findings from the 2026 Report

  • 85% of organizations report delaying or eliminating legacy GRC activities due to resource constraints.
  • 44% have postponed control testing and monitoring, while 33% have postponed policy updates and governance reviews with 25% citing a lack of skilled employees as a major barrier.

AI Adoption Rising, Yet Full Automation Remains Rare:

  • 95% of organizations have implemented some level of automation in GRC.
  • Only 4% have achieved full end-to-end automation.
  • Only 28% monitor their security controls continuously in real- time, while 72% still rely on periodic assessments.
  • 64% report significant or transformational improvement from AI adoption.

The 2026 report underscores a pivotal trend: real-time compliance and security are becoming indistinguishable requirements. Organizations that rely on manual evidence collection, fragmented data, and periodic control checks face increased exposure and higher operational costs, particularly as AI-driven threats accelerate.

Beyond workforce strain and automation maturity, the report examines board-level reporting and metrics, industry-specific compliance challenges, regulatory complexity, and how organizations are evolving governance models to support continuous assurance. Together, these insights provide a broader view of how compliance programs are being reshaped to meet rising expectations from regulators, executives, and businesses.

To explore the full findings of the 2026 State of Continuous Controls Monitoring Report, please download the full report or attend the exclusive webinar on January 27, 2026, where industry experts will share actionable guidance on strengthening compliance operations, improving automation maturity, and building a more resilient security posture.

Methodology:

The 2026 State of Continuous Controls Monitoring Report is based on a survey conducted in September and October 2025 among 253 InfoSec leaders, including CISOs, CIOs, Chief Risk Officers, and VPs and Directors of Security. Respondents were surveyed from organizations with more than 1,000 employees and across a range of industries, including financial services, healthcare, tech, retail, government, business services, manufacturing, and more.

Leave a comment »

ATTOM Acquires ResiShares to Expand Its Data and Analytics Platform

Posted in Commentary with tags on January 20, 2026 by itnerd

ATTOM today announced it has acquired key assets of ResiShares, including its analytics platform and proprietary technology. By combining these assets with ATTOM’s national property data, the acquisition strengthens ATTOM’s analytics and technology foundation and reinforces the company’s ongoing investment in data, analytics, and AI-driven innovation for clients across the entire real estate ecosystem.

Founded to support sophisticated investment and operating workflows, ResiShares built a scalable, modular analytics platform that integrates proprietary forecasting models, quantitative research, and advanced tooling. It was founded by industry veterans Michael Greene, Alex Villacorta, Dan Glaser, and Michael Cook, and reflects deep expertise across data science, quantitative research, and real-world asset operations.

ATTOM will evolve this technology into enterprise grade analytics products, bringing new tools and deeper insights to a broad range of clients across the real estate industry and beyond, including financial services firms, insurers, technology companies, government agencies, and data-driven enterprises.

ResiShares’ technology includes proprietary price and rent forecasts, neighborhood-level performance analytics, and advanced modeling designed to surface trends, risk, and opportunity across markets. Combined with ATTOM’s national data assets, these capabilities enable clients to apply more advanced analytics to their own use cases across industries.

By integrating these capabilities into its broader platform, ATTOM will accelerate product development and deliver expanded, AI-powered insights that support decision-making across industries and business applications.

Leave a comment »

Ivo raises $55M to transform contracts into a trusted source of intelligence for every business

Posted in Commentary with tags on January 20, 2026 by itnerd

Contracting has become one of the most strained workflows for in-house teams.  An increasing number of contracts must be reviewed accurately, but resources are stretched thin. In addition, critical business insights are locked within contracts without easy ways to extract them. To meet this challenge, Ivo, the AI-powered contract intelligence platform that removes tedious contract review and transforms contracts into reliable business intelligence for enterprises, is today announcing a $55M Series B funding round led by existing investor Blackbird, with participation from existing and new investors Costanoa Ventures, Uncork Capital, Fika Ventures, GD1 and Icehouse Ventures. 

Since its last funding round, the company has grown annual recurring revenue by 500%, increased total customers by 134 percent, and expanded adoption within the Fortune 500 by 250 percent.

The new capital will support product development and scaling as the company deepens its reach across the hundreds of organizations that already rely on Ivo, including Uber, Shopify, Atlassian, Reddit, and Canva. 

Ivo is purpose-built for in-house teams that need both reviews with surgical accuracy as well as visibility into their complete contract library. The company’s AI-powered contract review solution, Ivo Review, allows users to complete reviews in a fraction of the time; customers report saving up to 75 percent of the time that manual review would demand. The product standardizes a company’s positions and precedents using playbooks built and implemented by lawyers. This means that every contract is reviewed accurately, consistently, and efficiently, critical for large and globally distributed teams.  

Ivo Intelligence gives companies visibility into every single one of their agreements in seconds without having to rely on manual input or metatagging. Contracting teams can now answer business-critical questions of their contracts within minutes, rather than taking months of manual review. The system also automatically identifies connections between agreements and highlights standard legal positions, allowing contracting teams to operate with greater clarity and control. 

Ivo’s long term vision is to elevate contracts into strategic assets for every business and to make the experience of working with them effortless. As the platform expands, the company aims to bring clarity, speed, and intelligence to contracting so that teams across the enterprise can operate with greater confidence and insight.

Leave a comment »

« Older Entries
Newer Entries »