Governance, risk, and compliance is a major growth opportunity, but how will the market develop?
As DORA, NIS2, and AI regulations shake up the compliance landscape, GRC could be a golden opportunity for the channel


The multi-billion governance, risk, and compliance (GRC) market is being driven by an increasingly complex regulatory environment, including GDPR, NIS2, and the Digital Operational Resilience Act (DORA) frameworks, among others.
At the same time, the growing integration of AI and automation technologies into GRC solutions is fueling adoption, as businesses see the benefits of applying digital transformation across their GRC strategies.
As we all know, the threat landscape continues to be extremely challenging. Cybersecurity and data protection breaches are increasingly followed by compliance enforcement action as authorities look to improve standards across the board.
Take GDPR, for example, where cumulative compliance fines burst through the €5 billion (£4.18 billion) barrier this year as part of a wider regulatory ecosystem where individual penalties can run into the millions.
In addition, there’s also the potential compliance risks brought about by the integration of AI technologies into business processes. Here, issues such as data privacy, lack of transparency, and advanced tools that simply outpace existing regulatory frameworks are increasing the emphasis on compliance and whether organizations are keeping pace with their responsibilities.
Put these factors together and the results point to strong growth across the global GRC sector. Already worth more than $43 billion (£34.53 billion) this year, it is expected to accelerate significantly to surpass $111 billion (£89.13 billion) by 2032, according to industry figures. It’s not surprising that this is translating into significant and rapidly growing interest from the channel.
The road ahead
Clearly there is demand from customers across various sectors, many of whom share a sense of urgency around compliance and want to get a robust GRC strategy in place – or at least update the technologies and processes they’re already relying on.
ChannelPro Newsletter
Stay up to date with the latest Channel industry news and analysis with our twice-weekly newsletter
This translates into a significant opportunity for the channel, especially for those who are already specialists in cybersecurity. Whilst these are specific specializations in their own right, GRC and cybersecurity are clearly complementary. These firms should be well-positioned to drive GRC growth, including GRC as a service and virtual CISO offerings as these can be tailored to the specific requirements set out by NIS2, GDPR, and DORA, for example.
For resellers, MSPs and SIs there is a golden opportunity to build a service and product portfolio around that knowledge of the various essential compliance frameworks, leading them to engage in conversations with a wide range of customers on how they are preparing to step up their GRC efforts.
The availability of centralized compliance platforms will also help MSPs offer continuous monitoring and reporting services across customers’ business functions. These tools integrate data from various systems, such as cybersecurity, ITSM, or ERP tools, to provide a unified view of performance and potential vulnerabilities. At the same time, automated compliance workflows are growing in importance and, in many businesses, are already playing a major role in managing risk assessments, policies, and compliance audits.
There is also an important role for channel partners who can customize vendor solutions to meet sector-specific or regional requirements. Post-Brexit, for example, UK organizations that trade within the EU remain subject to various compliance requirements and as such, must design their processes and technology stack to address their obligations. Many of these businesses need the kind of expert guidance and experience that channel specialists are ideally placed to offer.
RELATED WHITEPAPER
For instance, there has been growing demand for compliance solutions and a marked increase in the number of channel partners being onboarded. This is a trend we can expect to see accelerate further as organizations prioritize their compliance strategies, focus their investments and work more closely with service providers who can meet their needs. Ultimately, there is an opportunity for leaders in the field of AI and automation to help steer channel partners to offer a risk-aware approach to compliance by harnessing the power of AI and automation.
Looking ahead to 2025 and beyond, the regulatory landscape will become even more complex. As a result, organizations will need to ensure their compliance efforts remain continually robust, in line with authorities moving from periodic to ongoing assessment. I anticipate that we’ll see a significant growth in channel partners focusing on their compliance offerings, including those who diversify their approach to help their clients integrate compliance tools seamlessly with other existing systems, streamline workflows, and ensure audit readiness.
George Bonser is an accomplished and highly successful sales professional with 20+ years of experience in enterprise sales and CXO engagement. Prior to Drata George Bonser was the VP Sales and GM EMEA at OpsRamp, and held senior positions at Okta, Inc.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
Marketing talent brain drain could stunt channel partner success
News Valuable partner marketing skills are at risk of being lost as the structure of channel marketing teams continues to shift, according to new research.
By Daniel Todd Published
-
LevelBlue launches new partner program that’s “built for the future”
News The new partner initiative features a flexible, consumption-based model to help partners drive revenue
By Daniel Todd Published
-
SonicWall pins ‘transformational year’ on strong partner growth
News The vendor’s channel-first strategy has fueled a 42% year-over-year increase in overall partner growth
By Daniel Todd Published
-
HP’s sustainability drive is paying off for channel partners
News Channel partners that bought into HP’s sustainability program saw sales increase as customers react positively
By Solomon Klappholz Published
-
AI is now vital to MSP growth, but adoption challenges could hamper success
News Nine-in-ten MSPs say they view AI as a top priority for their growth ambitions in the year ahead.
By Daniel Todd Published
-
MSPs need to adopt a “more Rolex, less airline” approach to customer engagement
News MSPs need to adopt a “more Rolex, less airline” approach to customer engagement
By Solomon Klappholz Published
-
Westcon-Comstor promotes Rene Klein to lead unified European business
News Westcon-Comstor has announced the appointment of Rene Klein as executive vice president for EMEA.
By Daniel Todd Published
-
Thales and Imperva unveil aligned global partner programs for 2025
News Thales has announced the launch of the new new Accelerate Partner Network, designed to streamline sales of the Thales and Imperva portfolios.
By Daniel Todd Published