ServiceNow and Accenture Are Going After Cyber Risk’s Legacy Platform Problem

ServiceNow and Accenture

Key Takeaways

ServiceNow and Accenture's joint AI platform offering gives enterprises a structured migration path from fragmented legacy cybersecurity and GRC systems to a unified, cloud-native risk management platform.

Agentic AI applied to third-party risk management and OT security monitoring enables risk signals to flow directly into enterprise execution workflows, closing the gap between risk detection and response.

Accenture's AI-powered migration solution reduces the cost and complexity of replacing embedded legacy risk platforms, lowering the barrier for enterprises to modernize cybersecurity infrastructure at scale.

ServiceNow and Accenture announced on June 29 a joint offering designed to help enterprises move from legacy cybersecurity and risk platforms to AI-powered managed services on the ServiceNow AI Platform. The offering includes managed security services built on ServiceNow and an Accenture AI-powered migration solution designed to automate the move from legacy risk platforms to ServiceNow.

The pitch is aimed at two common blockers in enterprise risk modernization: migration cost and migration complexity. Many organizations know their cybersecurity and risk platforms need to become more connected, automated, and responsive, but large-scale platform replacement can create disruption, cost overruns, and adoption risk.

ServiceNow and Accenture are positioning the joint offering as a way to reduce that friction while bringing agentic AI into risk management, compliance, third-party risk, and operational technology environments.

Addressing Legacy Risk Platforms

The announcement lands as security teams face faster threats and higher breach costs.

ServiceNow and Accenture cited 2025 data showing US breach costs reached an all-time high of $10.22 million per incident, up 9% year over year. The companies also said AI is compressing the time between vulnerability discovery and exploitation from months to hours.

That changes the operating requirement for risk platforms. Static controls, manual compliance checks, disconnected vendor-risk records, and slow migration programs are harder to defend when threats move faster and regulators, boards, insurers, and customers expect stronger proof of control.

“Companies need more than isolated security tools,” said Rex Thexton, Global CTO at Accenture Cybersecurity. “They need the ability to connect risk insights, automate decision-making, and respond at enterprise scale.”

ServiceNow and Accenture are trying to address that gap by putting risk management, agentic AI, managed services, and migration automation into one modernization path.

Analysis

What this means: Legacy risk systems can slow cyber resilience. ServiceNow and Accenture are targeting the fragmented platforms that make it harder for enterprises to connect risk signals, controls, vendors, compliance obligations, and response workflows. ERP leaders should treat risk modernization as part of the enterprise operating model, not as a separate cybersecurity tooling decision.

Attend Our Next Event

Managed Risk Services in Enterprise Workflows

The managed services portion of the offering covers integrated risk management, third-party risk management, operational technology risk, and proactive compliance.

For integrated risk and third-party risk, AI agents monitor vendors, automate lifecycle management, and give security teams a unified view of enterprise risk on the ServiceNow AI Platform. For operational technology (OT), the offering is designed to bring IT and OT risk into one platform, improving visibility across industrial control systems and critical infrastructure. For compliance, AI agents monitor regulatory changes and automate responses so organizations can address risk before an incident occurs.

That workflow focus is meaningful. Cybersecurity platforms often produce alerts or findings, but enterprise risk management depends on connecting those signals to owners, controls, obligations, vendors, assets, remediation steps, and evidence.

ServiceNow’s role is to connect intelligence to execution through workflows. Accenture’s role is to bring cybersecurity expertise, managed-service delivery, and migration support that can help enterprises operationalize the platform rather than simply deploy another tool.

Analysis

What this means: Agentic risk management needs workflow discipline. AI agents may help monitor vendors, regulatory changes, OT exposure, and enterprise risk, but those actions need clear ownership, approvals, evidence trails, and escalation paths. Organizations should design risk workflows around governed execution before giving agents a larger role in cyber and compliance operations.

Sponsor Industry‑Grade Research

Migration Automation Tackling Cost

The migration component may be the most practical part of the announcement for ERP and enterprise technology leaders.

Accenture’s AI-powered migration solution is designed to help organizations move from legacy risk platforms to the ServiceNow AI Platform while reducing cost, disruption, and time to value. That matters because legacy risk platforms can be deeply embedded in controls, compliance records, vendor assessments, incident processes, audit evidence, and business-unit workflows.

Replacing those systems is not a simple technical migration. It requires mapping data, workflows, controls, reporting, integrations, permissions, and governance models. If that work remains manual, modernization can stall before the new operating model reaches production.

The announcement also builds on the broader ServiceNow and Accenture push to scale agentic AI in enterprise workflows. In May, the companies launched a forward-deployed engineering program to help clients move agentic AI from pilots into production on the ServiceNow AI Platform.

The new risk offering applies that same logic to cybersecurity and governance: AI has to run inside the enterprise workflow, not beside it.

Analysis

What this means: Migration automation will shape platform replacement decisions. Accenture’s AI-powered migration solution addresses one of the biggest reasons legacy risk platforms persist: the cost and complexity of moving controls, workflows, data, and integrations. Transformation teams can evaluate modernization partners by how well they reduce switching friction while preserving governance and audit evidence.

Get Our Free Weekly Newsletter