GRC News Roundup: Drata, Diligent, HICX, Ibex & More

The governance, risk, and compliance (GRC) software segment continues its rapid expansion, driven largely by artificial‑intelligence innovations. Enterprises are under mounting pressure to monitor sprawling supply chains, meet evolving regulatory mandates, and protect digital assets. Vendors such as HICX, Drata, and Diligent are responding with AI‑enhanced solutions that automate data capture, risk scoring, and continuous monitoring, turning what was once a manual, document‑heavy process into a near‑real‑time intelligence engine.

AI agents are now central to third‑party risk management (TPRM) and internal audit workflows. Drata’s new agentic AI TPRM tool not only fills out questionnaires automatically but also curates trust data for auditors, while Diligent’s Third‑Party Risk Intel promises up to an 80% reduction in review time for compliance, legal, and procurement teams. Bitdefender’s Internal Attack Surface Assessment and Secureframe’s AI‑driven User Access Reviews further illustrate how machine learning is being leveraged to pinpoint unnecessary privileges and reduce cyber‑risk exposure. These capabilities enable organizations to allocate human expertise to strategic decision‑making rather than repetitive validation tasks.

The broader implication is a shift toward integrated, data‑centric GRC platforms that embed ethical AI standards. Ibex’s ISO/IEC 42001 certification signals that vendors are not only focusing on efficiency but also on transparency, bias mitigation, and security of AI models. As regulators increasingly scrutinize AI governance, certifications will become a differentiator. Companies that adopt these AI‑enabled GRC tools can expect faster compliance cycles, lower audit costs, and a stronger posture against supply‑chain disruptions, positioning them for sustained competitive advantage in a tightly regulated digital economy.