ServiceNow and Accenture Bet on Migration to Win Enterprise Risk

ServiceNow and Accenture Bet on Migration to Win Enterprise Risk

Analyst(s): Fernando Montenegro
Publication Date: July 7, 2026

ServiceNow and Accenture have launched a joint offering that combines managed security services with AI-powered migration off legacy risk platforms. Read against ServiceNow’s Armis and Veza acquisitions, it looks less like an AI feature and more like a bid to become the enterprise risk platform of record.

What Is Covered in This Article:

  • ServiceNow and Accenture launched a joint offering that pairs managed security services on the ServiceNow AI Platform with an Accenture AI tool for migrating from legacy risk platforms.
  • The offering spans integrated and third-party risk, operational technology risk brought onto the same platform as IT, and AI agents for proactive compliance.
  • The migration tooling, not the managed services, is the load-bearing piece, aimed at addressing the switching costs that keep incumbents like Archer, MetricStream, and IBM OpenPages in place.
  • ServiceNow’s acquisitions of Armis and Veza make OT and identity claims more credible and point to a broader consolidation play.
  • Agentic AI moving from assistant to operator raises a governance question that will gate how far the model scales.

The News: On June 29, ServiceNow and Accenture expanded their cybersecurity partnership with a joint offering. It pairs two things: managed security services built on the ServiceNow AI Platform and an Accenture tool that uses AI to automate migration from legacy risk platforms to ServiceNow. The stated goal is to remove the cost and complexity from that move.

The offering spans four areas. Integrated risk and third-party risk management put AI agents to work monitoring vendors and managing their lifecycles, with a single view of enterprise risk. Operational technology risk management brings OT and IT onto one platform. Proactive risk and compliance uses AI agents to track regulatory changes and automate responses. The fourth piece is the migration itself.

The companies set all of this against a backdrop of faster attacks and exploit windows that now close in hours rather than months.

ServiceNow and Accenture Bet on Migration to Win Enterprise Risk

Analyst Take: The easy way to read this announcement is that ServiceNow has added some AI to its security and risk products, with Accenture along to help customers get there. We feel that framing misses what is actually happening.

The partnership lands in the middle of a deliberate buying spree, the roughly $7.75 billion Armis deal that ServiceNow closed earlier this year, its largest to date, and the Veza acquisition before it. The pattern those deals form is hard to ignore. Armis brings asset visibility and cyber-exposure data across IT, OT, and connected medical devices. Veza brings identity and access. The Accenture offering brings managed services and a way to migrate off whatever a customer runs today.

Put those together, and the question is less about AI features than about position: is ServiceNow trying to become the enterprise risk platform of record, the place where exposure, identity, workflow, and remediation all meet? To us, that is the bet worth watching, and it changes how much this particular partnership matters.

Migration Is the Load-Bearing Piece

Most of the coverage will focus on the managed services, but the more interesting component is the migration tooling. Legacy risk and governance estates are sticky for a reason. Organizations that have spent years customizing Archer, MetricStream, or IBM OpenPages incur switching costs that have little to do with the merits of any newer platform and everything to do with the effort of moving.

That is the moat ServiceNow needs to breach, and it is a sensible place to spend Accenture’s effort. Whether an AI-assisted migration can meaningfully lower that cost, rather than simply reframe a long consulting engagement as an automated one, is the open question. If it works, the competitive effect is larger than the announcement suggests, because the constraint on displacing incumbents was never the destination; it was the journey.

Armis Changes the Operational Technology Story

The offering brings operational-technology risk onto the same platform as IT. A year ago, we would have read that as an ambitious claim from a workflow vendor with little depth in industrial environments. Armis changes that, because ServiceNow now owns a recognized source of OT and cyber-physical asset visibility rather than depending on partners to supply it, which makes the OT-onto-IT pitch considerably more credible.

It also turns this into something the OT security specialists, Claroty, Nozomi Networks, Dragos, Tenable OT, and others, should read closely. A platform player folding asset intelligence, risk workflow, and remediation into one operating model is a different kind of competitor than a point offering. We would not call the outcome settled, though. Integrating an acquisition of that size while delivering it through a services partner is genuinely hard, and the industrial world tends to punish overpromising.

Agents That Operate, Not Just Advise

The through-line across the four services is agentic AI doing operational work, monitoring vendors, tracking regulatory change, and managing lifecycle tasks, rather than surfacing recommendations for a human to act on. That is the direction the market has been moving, and it is where the value sits, if the trust holds.

The tension, which belongs here rather than tacked on at the end, is that letting agents execute governance and compliance workflows raises the same governance question one level up: who governs the agents, what data they can access, and how is any of it audited? The offering gestures at this by pairing automation with centralized risk visibility, which is the right instinct. Even so, governance-of-the-agents is likely to be the gating factor on how far this scales, and we suspect buyers will test it hard before handing over consequential actions.

This Is Also a Services Land Grab

It is worth naming the commercial motive plainly. Accenture wants the outcome-based managed-security position, and so do Deloitte, KPMG, IBM Consulting, Wipro, Kyndryl, and others, all of whom would happily wrap similar services around a risk platform. Tying itself closely to ServiceNow gives Accenture a sharper story, though it trades away some of the vendor-neutral posture large integrators usually guard.

The timing is not accidental. In Futurum’s 1H 2026 Cybersecurity Global Enterprise Decision Maker Survey (n=624), 48% of organizations increasing their cybersecurity budgets cited risk-management strategy as a top 3 driver, ahead of cybersecurity modernization at 45%. When buyers frame spending around managing risk rather than refreshing infrastructure, an offering that leads with integrated risk and operational outcomes is aimed squarely at where the money is going.

What to Watch:

  • Can AI-assisted migration actually reduce switching costs? Legacy risk platforms stay put because moving is expensive and disruptive. This offering only matters if the migration tooling changes that math rather than renaming a long consulting project.
  • Does the Armis integration deliver on the OT-onto-IT promise? Owning the asset-visibility layer helps, but folding a $7.75 billion acquisition into a partner-delivered offering is where ambitious platform stories tend to meet execution reality.
  • How far will buyers let agents act on their own? Today’s agents mostly assist. Whether organizations allow them to execute governance and compliance workflows with limited oversight will decide how much of this scales.
  • Who governs the agents? Access to sensitive risk, compliance, and identity data raises the oversight question one level up. Buyers without clear auditability may stall agentic AI at the pilot stage.
  • Does one platform beat a best-of-breed stack here? Enterprises still run governance, third-party risk, OT, and compliance across separate tools. Consolidation appeals in theory, though the tradeoffs are real, and rivals will contest it.

For more information, read the full announcement from ServiceNow and Accenture.

Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.

Other Insights From Futurum:

Can IBM and ServiceNow Finally Make Legacy Systems AI-Ready?

ServiceNow Embeds AI Across Platform. How Far Can This Model Scale?

Who Will Control the Enterprise Agentic Workforce? CIOs Face a New Platform War

ServiceNow Q1 FY 2026 Results Raise Full-Year Subscription Outlook

Author Information

Fernando Montenegro

Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.

Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.

Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.

Related Insights
Compliance as Code Is No Longer Optional: Why Manual Reviews Can’t Keep Up
July 4, 2026

Compliance as Code Is No Longer Optional: Why Manual Reviews Can’t Keep Up

Qodo's 'Compliance as Code' framework automates enterprise AI compliance through PR checks, solving the data privacy and security gaps that plague manual reviews at scale....
Brave's Browser Containers Raise the Bar for Privacy and Workflow Flexibility
July 3, 2026

Brave’s Browser Containers Raise the Bar for Privacy and Workflow Flexibility

As AI platform adoption accelerates to $181.3B projected market size, Brave's v1.92 release introduces native browser containers addressing data privacy concerns for 52.6% of enterprise decision makers managing multi-cloud AI...
The Hard(er) Challenge in Agent Governance Is Authorization
June 25, 2026

The Hard(er) Challenge in Agent Governance Is Authorization

Fernando Montenegro, VP at Futurum Group, argues that the launch of the Agent Control Standard does not close the agent governance gap, and that "shrinkage," not universal coverage, is the...
Can Cisco Widen Splunk’s Agentic SOC Capabilities With WideField
June 25, 2026

Can Cisco Widen Splunk’s Agentic SOC Capabilities With WideField?

Fernando Montenegro, VP at Futurum, examines Cisco's planned acquisition of WideField Security and how deeper identity and session intelligence could strengthen Agentic SOC capabilities as enterprises deploy more AI agents...
HPE Discover 2026: A Coherent AI Story That Now Has to Convert
June 24, 2026

HPE Discover 2026: A Coherent AI Story That Now Has to Convert

Fernando Montenegro and Tom Hollingsworth analyze HPE Discover 2026, where HPE built a networking-centered, full-stack AI story and now must convert that breadth into spending momentum and a security story...
Can Databricks’ Security Upgrades Finally Unify AI Innovation and Compliance at Scale?
June 19, 2026

Can Databricks’ Security Upgrades Finally Unify AI Innovation and Compliance at Scale?

Databricks announces Automatic Identity Management for Entra ID and Okta, removing compliance bottlenecks for regulated industries. New security enhancements enable zero-trust access across all major clouds....

Book a Demo

Welcome

The vision behind everything in Futurum’s Custom Research practice is this: research should show you what is happening, what comes next, and what to do about it. It should be personal to each audience, easy for people to grasp, and structured so LLMs can reason over it accurately. And it should be fast and turnkey; you want answers now, not another project to carry for quarters.

Whether you are defining business, channel, or go-to-market strategy; evaluating vendors or justifying ROI; or commissioning research to fill an emerging market need, we have your back, with a program that answers your questions with the objectivity and credibility to drive real decisions.

To do it, we bring unmatched data to bear: Futurum research, surveys, and market projections; validated market feeds; ETR’s 15 years of insight from 10,000 technology decision-makers; G2’s buyer and user data; and what our analysts hear every day. Add leading primary collection, from AI-moderated voice interviews to surveys and analyst-led interviews, all turnkey, and every project comes out credible, nuanced, and actionable.

And we don’t just drop the results in your lap. For internal work, we provide analyst-led sessions, interactive dashboards, and a range of formats. For market-facing work, Futurum delivers turnkey activation and amplification that actually gets seen, by people and by LLMs, through our media and share of voice. This is research that moves decisions and markets.

We will meet you wherever you are, from a fast-turn brief to a multi-year program, and shape the work to your goals, timeline, and budget. The right program for your moment.

If any of this is useful, I would love to talk.

Benjamin Brown, VP Custom Research, Futurum Research

Benjamin Brown

VP, Custom Research · The Futurum Group

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.