rssitbuyer

Agentic AI Deployment Best Practices – Intelligence Is the Outcome, Execution Is the Moat

Thu, 14 May 2026 04:00:00 GMT

This IDC Tech Buyer Presentation provides technology executives with a set of best practices and recommendations for planning an agentic AI deployment. It provides a deployment framework, design guide, and deployment assessment tool that executives can adopt to decrease business risks and increase agentic-driven outcomes. The research provides recommendations tailored to agentic deployments for selecting partners, AI infrastructure, IT operations, software development, data architecture, governance, and human workforce development.

IDC PlanScape: Digital Twins in State and Local Government

Alison Brooks, Ph.D., Ruthbea Yesner — Thu, 14 May 2026 04:00:00 GMT

This IDC study provides state and local government IT leaders with actionable guidance on understanding, evaluating, and implementing digital twin technologies across urban environments.

“The transformation from static city models to dynamic digital twins marks a fundamental shift in urban management. Leading implementations report measurable returns — including 25% reductions in infrastructure downtime, 20–30% energy savings in buildings, and improved emergency response times — though outcomes vary significantly with program maturity, data quality, and organizational readiness.” — Alison Brooks, research vice president, Worldwide Public Safety

The Audit Trail That Did Not Exist: ServiceNow Knowledge 2026 and the Case for Governed Autonomous Work

Frank Dickson, Grace Trinidad — Thu, 14 May 2026 04:00:00 GMT

ServiceNow used Knowledge 2026 in Las Vegas to make a focused argument: that the same platform managing enterprise workflows is now the right place to govern the identities, assets, and AI agents operating across those workflows. The security and risk announcements collectively represent the first full integration of two major acquisitions into a production-ready platform. A less discussed but consequential shift runs through all of it: enterprise software is no longer exclusively deterministic. The governance frameworks enterprises built for rule-based systems do not automatically extend to AI agents that reason probabilistically, and Knowledge 2026 was in large part ServiceNow's answer to that gap.

U.S. Federal Civilian Government Agencies' Aggressive Value Realization Goals for AI

Massimiliano Claps — Thu, 14 May 2026 04:00:00 GMT

This IDC presentation analyzes the United States federal government's evolving AI adoption from pilot to production. The study combines the results of an IDC survey of 152 senior IT and non-IT leaders from U.S. federal government departments and agencies, with an in-depth analysis of the U.S. 2025 Federal Agency Artificial Intelligence Use Case Inventory, published on GitHub by the United States Office of Management and Budget.

Both the IDC survey and the 2025 Federal Agency AI Use Case Inventory show that AI adoption is progressing fast in the U.S. federal civilian government market, with use cases spanning IT, cybersecurity, back-office administration, and mission-specific areas. With increased budget dedicated to AI, federal government IT leaders are demanding more aggressive time to value and ROI.

AWS Financial Services Industry Analyst Day: Resiliency, Modernization, and Agentic AI

Inci Kaya — Wed, 13 May 2026 04:00:00 GMT

AWS' Financial Services Industry Analyst Day showcased how financial institutions are leveraging AWS to address resiliency, modernization, and agentic AI adoption. The event stood out for its focus on real-world client implementations, with AWS and its customers providing concrete examples of value delivered through cloud, AI, and agentic architectures, rather than abstract product positioning.

GRC Software as the IT Intelligence Fabric for Buyers

Philip D. Harris, CISSP, CCSK — Wed, 13 May 2026 04:00:00 GMT

This IDC Perspective discusses how the GRC market is reaching an inflection point for technology buyers. Traditional platforms still handle policies, controls, evidence, exceptions, and risk registers, but buyers now need more: a live view of assets, data, services, models, and third parties, including ownership, criticality, control coverage, and business consequence. The market signal is clear that static inventories and periodic evidence exercises are no longer enough. Capabilities such as continuous control monitoring, CMDB enrichment, data mapping, classification, and AI-assisted analysis already exist across adjacent platforms, but they remain fragmented across separate tools and teams. The strategic opportunity is to move beyond disconnected control towers and adopt a trusted intelligence fabric that unifies context across assets, services, identities, data, controls, and risks. Done well, this fabric becomes a shared utility that enriches SOC triage, exposure prioritization, change management, IAM, data governance, AI governance, business continuity, audit, and leadership reporting. For buyers, the key question is no longer which platform collects the most data, but which can reconcile partial truths, infer missing context, republish trusted insights into operational tools, and reduce manual reconciliation across the enterprise.

"GRC's future is not better record keeping; it is becoming the trusted intelligence fabric that turns fragmented enterprise signals into shared, decision-grade operational context." — Phil Harris, research director, Governance, Risk and Compliance Solutions, IDC

IDC PeerScape: Practices for Quantum Computing Governance

David Weldon, Heather West, PhD — Wed, 13 May 2026 04:00:00 GMT

This IDC PeerScape explores how some forward-thinking organizations are preparing for this shift. They are developing quantum governance strategies that build on existing data and risk management practices.

"The development of quantum computing will certainly bring significant benefits in terms of analytics and speed of compute capabilities," says David Weldon, adjunct research advisor for IDC's IT Executive Programs (IEP). "But smart organizations are also taking steps now to develop quantum governance practices that will protect data in this new environment."

"The risk is two-pronged. Sensitive data needs protection now against 'harvest now, decrypt later' attacks, and the process of migrating critical infrastructure to post-quantum cryptographic standards is complex and must begin now in order to be prepared for future quantum systems," says Heather West, PhD, senior research manager and research lead, Global Quantum Computing Research, IDC.

Tech Buyer Survey Spotlight: Are Utilities Around the World Finally Getting Their Data House in Order?

Gaia Gallotti — Wed, 13 May 2026 04:00:00 GMT

This IDC Tech Buyer Survey Spotlight examines a portion of IDC's 2026 Energy & Utilities Industry-Specific Tech and Innovation Survey, a landmark study covering utilities around the world. It was run between February and March 2026.

The survey covered 800 respondents, of whom 531 are utilities respondents from the following countries: Australia, Brazil, Canada, Denmark, Finland, France, Germany, India, Italy, Saudi Arabia, Mexico, the Netherlands, New Zealand, Nigeria, Norway, the Philippines, Poland, Portugal, South Africa, Spain, Sweden, Türkiye, the UAE, the U.K., and the U.S.

This study extrapolates and analyzes select data for 531 utilities around the world.

This IDC Tech Buyer Survey Spotlight examines where utility organizations stand today on the journey to IT architecture modernization — and what the race to adopt AI, generative AI, and agentic AI means for the urgency of getting their data estates in order.

Tech Buyer Survey Spotlight: Where Do Energy Retailers and Water Suppliers Stand on the Path to IT Architecture Modernization?

Gaia Gallotti — Wed, 13 May 2026 04:00:00 GMT

This study extrapolates and analyzes select data for 169 energy retailers and suppliers and 91 water suppliers.

This IDC Tech Buyer Survey Spotlight examines where organizations stand today on their journey to IT architecture modernization — and what the race to adopt AI, generative AI, and agentic AI means for the urgency of getting their data estates in order.

Exposure-Informed Continuous Compliance Framework for Buyers

Philip D. Harris, CISSP, CCSK, Michelle Abraham — Tue, 12 May 2026 04:00:00 GMT

This IDC Perspective discusses exposure-informed continuous compliance framework. Cybersecurity compliance is shifting from periodic, siloed audit activity to continuous, integrated assurance. Continuous compliance, vulnerability management, attack surface management, and exposure management are converging as organizations seek real-time visibility, defensible evidence, and faster remediation across increasingly complex regulatory, operational, and technology environments. The exposure-informed continuous compliance methodology responds by making the business-relevant exposure, not the isolated finding, the core unit of management. It connects exposures to assets, controls, obligations, owners, remediation, and machine-readable evidence, enabling risk-based prioritization, reusable proof, and continuous validation of control effectiveness. The exposure-informed continuous compliance reference model operationalizes this approach through integrated data, decision, workflow, evidence, and reporting layers. Together, these layers turn compliance into a live, exposure-aware process that supports audit readiness, regulatory alignment, and measurable cyber-risk reduction.

“Future cybersecurity compliance will depend on exposure-informed continuous compliance,” says Philip Harris, research director, Governance, Risk, and Compliance Solutions at IDC. “This is where vulnerabilities, attack surface issues, exposures, control compliance issues, and evidence are managed as one continuously validated system rather than as disconnected tools, audits, and reporting streams.”

“The exposure-informed continuous compliance framework is becoming necessary for increased cybersecurity resilience for organizations,” says Michelle Abraham, senior director, Research Cybersecurity Research at IDC. “This is primarily because organizations must move beyond proving controls exist to continuously proving they work, are owned, reduce meaningful exposure, and generate reusable evidence across regulatory obligations.”