ServiceNow set to acquire Armis for $7.75 billion, expanding cyber exposure and OT security capabilities - Industrial Cyber

News Vendors ServiceNow set to acquire Armis for $7.75 billion, expanding cyber exposure and OT security capabilities JANUARY 05, 2026 ServiceNow has agreed to acquire Armis for US$7.75 billion in cash. Armis, a vendor of cyber exposure management and cyber-physical security, manages cyber risk across the full attack surface in IT, operational technology (OT), medical devices, and other environments for companies, governments, and critical infrastructure worldwide. The acquisition will expand ServiceNow’s security workflow offerings and advance AI-native, proactive cybersecurity and vulnerability response across all connected devices.  Together, ServiceNow and Armis will create a unified, end-to-end security exposure and operations stack that can see, decide, and act across the entire technology footprint by connecting real-time asset discovery, threat intelligence, and risk prioritization with automated remediation and response workflows. Security continues to be the number one priority for CEOs as organizations navigate increased adoption of AI. Worldwide end-user spending on information security is projected to increase 12.5% in 2026 to $240 billion, with rising threats and the expanding use of AI and generative AI being the key growth drivers.  Under the terms of the definitive agreement, ServiceNow has agreed to acquire Armis for approximately $7.75 billion in cash, subject to customary adjustments. ServiceNow expects to fund the transaction through a combination of cash on hand and debt. The transaction is expected to close in the second half of 2026, subject to customary regulatory approvals and closing conditions. Upon the closing of the transaction, Armis’ team will join ServiceNow. As rapid AI adoption expands the attack surface for organizations, real-time visibility into vulnerabilities and actionable insights for what to fix first are critical to minimize risk and strengthen security posture. The acquisition of Armis will extend and enhance ServiceNow’s Security, Risk, and OT portfolios in critical and fast-growing areas of cybersecurity and drive increased AI adoption by strengthening trust across businesses’ connected environments.  With ServiceNow’s Security and Risk business crossing the $1 billion annual contract value (ACV) threshold in the third quarter of 2025, ServiceNow has already established itself as a security leader. This strategic acquisition is expected to more than triple ServiceNow’s market opportunity for security and risk solutions and accelerate ServiceNow’s roadmap to autonomous proactive cybersecurity. “ServiceNow is building the security platform of tomorrow,” said Amit Zavery, president, chief operating officer, and chief product officer at ServiceNow. “In the agentic AI era, intelligent trust and governance that span any cloud, any asset, any AI system, and any device are non-negotiable if companies want to scale AI for the long term. Together with Armis, we will deliver an industry-defining strategic cybersecurity shield for real-time, end-to-end proactive protection across all technology estates. Modern cyber risk doesn’t stay neatly confined to a single silo, and with security built into the ServiceNow AI Platform, neither will we.” “AI is transforming the threat landscape faster than most organizations can adapt. Every connected asset has become a potential point of vulnerability,” said Yevgeny Dibrov, co-founder and CEO, Armis. “We built Armis to protect the most critical environments and give both public and private sector organizations the real-time intelligence they need to stay ahead – so they can see their entire environment clearly, understand risk in context, and take action before an incident occurs. Together with ServiceNow, customers will have a powerful new way to reduce their exposure and strengthen security at scale.” “In the era of AI and agents, the benefits and value will be enormous, but so is the complexity,” said Larry Feinsmith, head of Global Tech Strategy, Innovation & Partnerships at JPMorgan Chase. “The combination of ServiceNow and Armis provides a dynamic picture of an enterprise’s connected technology assets and an AI and agentic-powered blueprint to secure and enable trusted AI.” Armis extends the full lifecycle of cyber exposure management, discovering assets in real-time and prioritizing the highest risk issues. Armis’ security products will pair with ServiceNow workflows to drive end-to-end protection and lifecycle action, including in industries with cyber-physical assets, such as manufacturing and healthcare, so security teams stay ahead of threat actors rather than react after breaches occur.  By connecting Armis’ capabilities and unique dataset to the ServiceNow AI Control Tower, which onboards, governs, and manages AI across the enterprise, ServiceNow builds on its broader security investments and the critical need for end-to-end exposure management and identity governance in AI security. As longtime partners, ServiceNow and Armis already offer multiple integrations that connect Armis’ differentiated data and insights to ServiceNow’s workflow action. Armis provides deep, real-time, agentless discovery and classification of managed and unmanaged assets, including OT, IoT, medical, and industrial devices that traditional tools often miss, creating a continuously updated map of the enterprise environment. When paired with ServiceNow’s business-context CMDB, which maps assets to the services, processes, and teams they support, and the ServiceNow AI Platform, ServiceNow and Armis will more effectively defend organizations from AI-powered attacks by offering a complete, actionable understanding of cyber exposures and resolution workflows. Exposure insights will automatically flow to the right teams, trigger remediation at scale, and deliver measurable, continuous reduction of enterprise risk. Rather than fragmented views in separate tools, Armis and ServiceNow will offer a trusted AI-native platform for cyber asset exposure management, giving customers confidence in what’s connected, what’s exposed, and how quickly it can be addressed. Tidal Partners served as ServiceNow’s lead financial advisor. J.P. Morgan Securities LLC and Barclays also served as financial advisors to ServiceNow. Industrial Cyber News Desk Industrial Cyber News Desk Related GAO report highlights risks to CMMC rollout as nation-state attacks target defense contractors ISAC advisory highlights cyber and physical risks to critical infrastructure as Middle East tensions rise Suspected Iran-linked cyberattack hits medical technology giant Stryker amid Middle East tensions Finland’s National Security Overview 2026 flags Russian and Chinese cyber espionage targeting government, critical infrastructure Cydome flags NAVTOR NavBox path traversal and authentication flaws exposing vessel data, networks to cyber risk Iran-linked cyber espionage surges across Middle East as conflict tensions rise, researchers say Microchip expands Trust Platform to help manufacturers meet EU Cyber Resilience Act security requirements Texas orders cybersecurity review of state agencies for Chinese-made medical devices after federal warnings Unit 42 tracks CL-UNK-1068 intrusion cluster targeting Asian aviation, energy, government organizations since 2020 Check Point uncovers China-linked Camaro Dragon cyber-espionage campaign targeting Qatari organizations