![Pre-Launch Asset [Community Blog Banner]_1100 x 244.png](/community/image/serverpage/image-id/468569i62B7D982978B6A1F/image-size/large/is-moderation-mode/true?v=v2&px=999 "Pre-Launch Asset [Community Blog Banner]_1100 x 244.png")
Today’s cyber risk landscape is hostile. Attacks are becoming exponentially more sophisticated, and the sheer volume overwhelms CISOs. The natural response is to double down—throwing brute force at threats. But brute force – more analysts, more tools -- doesn’t scale. You run faster and still can’t keep up. Staff burn out, and security gaps widen.
The latest ServiceNow AI Platform Zurich release addresses this challenge by innovating for a future defined by autonomous risk and security: one where proactive remediations and AI anticipate threats on a single unified platform to help your organization scale cyber risk processes, roll out AI responsibly, and stay ahead of emerging threats.
But first, let’s step back. What brought us here?
Why a brute-force approach doesn’t scale
Because complexity is the enemy of security. And things are getting more and more complex every day:
Attack surfaces are expanding rapidly as digital technology becomes the backbone of your business. Every additional app or container is an additional risk, and the public cloud opens up entirely new types of risk.
AI is fueling novel attack vectors, including deep fakes, phishing, and vibe hacking
Ever shifting and growing regulations at the regional, national, and state levels add an entirely new level of complexity for security teams.
Siloed security teams don’t have a holistic view of security data, denying them situational awareness and making it incredibly hard to connect the dots when it matters.
Shadow IT is on the rise, creating huge blind spots hastened by cloud adoption.
And, in the headlong rush to drive digital transformation, security is falling by the wayside. In fact, a 2025 Tech Radar study showed that 91% of IT executives admit to making security compromises to keep up with the demands of IT transformation.
The autonomous CISO organization
If brute force doesn’t work in this complex environment, what’s the answer?
An AI-first approach that scales and keeps pace. One that takes full advantage of your security and risk teams, making the best use of their precious time while offloading low-value, repetitive tasks. Imagine if you could:
- Anticipate threats before they materialize using predictive AI analytics.
- Automate routine security responses, freeing your teams to focus on the big stuff.
- Easily implement controls to prevent security issues becoming systemic failures.
- Quantify IT and cyber risks for your C-suite and board without pulling data from 100 sources.
It would be revolutionary. You’d be proactive instead of reactive. Your teams would focus on high-value work, such as dealing with high-impact incidents and strengthening your defenses. And you and your teams would finally have visibility in every corner of your business.
How do you achieve this?
By unifying security, risk, and IT on an AI-powered foundation, you break down silos, gain end-to-end visibility, and automate critical processes. That’s the promise of an autonomous risk and security platform—proactively anticipating threats, resolving routine issues, and freeing people to focus on what matters. And you stay in control, defining what’s automated, setting governance frameworks, and enforcing risk thresholds.
The result: stronger, scalable cyber risk processes with the best of both worlds—automation with complete oversight.
AI, Workflows, and Data need to work together
Scaling security, reducing burnout, staying ahead of threats— these only work if you have AI, data and workflows operating in harmony on a single platform. That’s what makes autonomous risk and security possible. And it’s what ServiceNow delivers:
AI is built into the ServiceNow platform from the ground up. Assistive AI saves time with tasks like summarizing incidents or generating updates—while autonomous AI goes further, orchestrating full processes and AI agents in the background, always under your control.
Workflows are the engine behind operational speed and scale. They automate and coordinate action across IT, security, and risk, all from a single pane of glass. Every step—issue resolution, threat response, risk assessment—flows seamlessly, reducing friction, accelerating response, and enabling collaboration.
Data fuels effective cyber risk management. Powered by a CMDB, ServiceNow connects devices, services, threats, controls, and identities into a contextual view that turns raw signals into insight. Incidents can be traced to the service level, speeding remediation. With 900+ connectors, ServiceNow integrates with your existing tools, providing holistic visibility across IT and OT environments.
The latest ServiceNow Zurich release accelerates cyber risk AI innovation
ServiceNow is continuing to invest in the future of autonomous risk and security. With the Zurich release, we’re taking another big step forward—introducing new capabilities that help your team scale cyber risk processes, roll out AI responsibly, and stay ahead of emerging threats.
Enable AI with confidence
Zurich brings expanded assistive and agentic AI features designed to streamline cyber risk workflows.
These updates help your team move faster, work more efficiently, and stay aligned—reducing manual effort and improving consistency as requirements shift:
Risk event summarization uses generative AI to turn complex incidents into clear, actionable summaries, making it easier for analysts to assess and respond quickly.
Regulatory mapping automatically links incoming regulations to internal controls, saving time and improving traceability.
Control recommendations surface relevant controls based on context, helping teams stay compliant without digging through documentation.
Automated creation of common control objectives generates standardized control statements to drive consistency across frameworks.
Change manager agent tracks control changes and governance updates, keeping your team aligned as policies evolve.
Agentic AI-enabled playbooks with conversational workflows let AI agents handle parts of predefined workflows, looping in humans for approvals or key actions to ensure business rules are followed. Zurich includes ready-to-use playbooks for phishing, malware, failed logins, spoofed emails, endpoint detection, and domain spoofing—enabling fast, consistent responses.
Manage AI with enterprise-grade trust and security
As AI becomes ubiquitous across the enterprise, strong governance is essential. Zurich introduces advanced capabilities to help your team manage AI with confidence:
The AI Control Tower provides a centralized hub to oversee AI strategy, inventory, governance, and value tracking—bringing together assets across AWS, Azure, and GCP for unified visibility. Your teams can define AI initiatives, track progress against strategic goals, and proactively manage project drifts.
AI governance gives your teams a clear view into AI activity, with secure controls, privacy safeguards, and risk scoring to ensure alignment with policy and compliance—so you can make proactive adjustments before issues arise.
Data privacy enhancements give you a comprehensive way to discover and protect sensitive data across your business. You can scan structured and unstructured data, rescan to catch new risks, and work seamlessly across common file formats. Machine learning supports more accurate discovery and classification, helping you manage sensitive data and respond to emerging threats with defense-in-depth strategies.
Field encryption enhancements allow you to define encryption rules based on dynamic conditions, assign specific keys to individual data columns, and apply encryption-backed access controls—strengthening your overall data security posture.
ServiceNow Vault Console helps you protect sensitive data and strengthen security, privacy, and compliance across your business, letting your teams identify, classify, and safeguard sensitive data across application workflows such as Customer Service Management (CSM) and Field Service Operations (FSO).
The bottom line
As a CISO in the AI era, you need to shift toward proactive, autonomous operations. But true transformation and resilience are hard to achieve when you’re in survival mode. Now’s the time to tame the complexity and unify risk and security on a single AI platform—before your challenges turn into crises that halt innovation and erode boardroom trust.
See how CISOs are putting ServiceNow autonomous risk and security solutions to work—and how we’re continuously evolving the ServiceNow AI Platform to help businesses transform.
Want more Zurich details? Visit our dedicated Zurich release page for videos, release notes, upgrade kits and more.
