Your independent AI vendor isn't.

Two AI "independents" got bought this week. The Switzerland is closing.

On Wednesday, Snowflake announced it would acquire Natoma, the MCP gateway that gave AI agents identity, policy, and audit at the tool-call level across multi-vendor environments. The week before, Anthropic's enterprise services joint venture (the one backed by Blackstone, Hellman & Friedman, Apollo, General Atlantic, and Sequoia) made its first acquisition: Fractional AI, an applied-AI consulting firm that had been partnered with OpenAI until that partnership ended in the same announcement. Two acquisitions, eight business days apart, same pattern. An independent third party that customers chose specifically because it was independent is now aligned with one model vendor.

This is not a fluke. OpenAI launched its $4 billion Deployment Company with the Tomoro acquisition two weeks ago, hiring roughly 150 forward-deployed engineers to consult with enterprises on OpenAI integration. The pattern is now visible: model vendors are buying or building the services and governance layers their customers were treating as a check on the model itself.

Issue 28 made the point that your AI governance vendor was already your AI vendor, because the platforms (Microsoft, ServiceNow, SAP) shipped agents and the agent control plane in the same product. That was the build pattern. This week, two model vendors used the buy pattern instead. An independent gateway and an independent consulting firm, acquired in eight business days. Build-side conflict is structural. Buy-side conflict is operational: the consulting firm whose engagement letter you signed in March now reports up through the AI vendor they are supposed to be evaluating against alternatives.

For the CIO or CISO who has a third-party AI services engagement open, ask before the next status meeting: who acquired the firm I am working with, and when. Fractional AI is the visible case. The same PE thesis is being applied to dozens of smaller AI-native consultancies right now, and the acquisition will not always be announced before your SOW closes. If your independent advisor's incentives quietly realigned, you may not learn that from the advisor.

The MCP gateway and the applied-AI consultancy are the two highest-leverage independent positions in an agentic AI deployment. The gateway sees every tool call and decides whether to allow it. The consultancy sees every requirement and recommends which vendor's agent fits it. Both positions just got narrower. By the time the second wave of consolidation runs through the security-evaluation firms and the AI red-team boutiques, the assumption that you can buy an "independent" check on your AI vendor is going to be substantively false. The half-life on Switzerland is shrinking.

Two practical moves. First, write a 30-day change-of-control notification clause into every new AI-services SOW. Most firms will agree. The ones that will not agree are the ones currently in acquisition talks. Second, when you renew your AI agent platform contract, push the "neutral governance" conversation to the procurement team, not the security team. The security evaluation of an integrated platform like Snowflake or Microsoft is going to focus on the agent surface. The governance independence question is procurement's job now, because the build/buy decision is what determines whether you have any independence at all.

The data in this issue came from priority submissions by 5,000+ enterprise IT leaders. If you run IT or security at a $100M+ company and want to see what your peers are funding — and earn rewards for participating in vetted meetings with the vendors worth your time — apply to join DoGood.

ShinyHunters confirms Charter. 40 million records via vishing to Entra to Salesforce.

Charter Communications confirmed Tuesday what ShinyHunters had been claiming for six weeks. The group breached Charter on April 1 by vishing an employee, harvesting their Microsoft Entra credentials, and using that SSO foothold to export approximately 40 million customer records out of Charter's Salesforce instance. ShinyHunters' extortion deadline expired Wednesday. The attack chain matters more than the record count: every CISO whose Salesforce sits behind M365 SSO has the same architecture Charter did. The compensating control is not better Entra MFA. ShinyHunters has been clearing modern MFA via voice-led social engineering for two quarters. The compensating control is OAuth scope minimization on the Salesforce-Entra integration. Most enterprises have left this on default and never audited the scopes their Azure AD service principals hold on Salesforce. Audit this week.

LiteSpeed's cPanel plugin hit KEV. Three-day federal deadline. CVSS 10.

CISA added CVE-2026-48172 to KEV on Tuesday with a 72-hour federal mitigation deadline. The vulnerability sits in the LiteSpeed User-End cPanel Plugin versions 2.3 through 2.4.4. Any authenticated cPanel user, including a low-privileged or compromised account, can execute scripts as root via the plugin's Redis on/off feature exposed in the JSON API. If you run shared-hosting infrastructure, or your portfolio companies do, find LiteSpeed in your cPanel inventory this week and either upgrade to 2.4.5 or disable the plugin. LiteSpeed has confirmed active exploitation as a zero-day before the patch shipped; CISA's three-day window means the exploitation telemetry is current.

Snowflake committed $6 billion to AWS on the same day it bought Natoma.

Inside Snowflake's Q1 earnings on Wednesday, the company committed $6 billion to AWS over the next several years for agentic AI capacity. Customers running Snowflake on Azure or GCP need to look hard at the contract structure. The pre-funded AWS commitment lets Snowflake price agent compute on AWS below the equivalent Azure or GCP rate for the next 36 months. If your Snowflake roadmap assumed cloud neutrality, the economics are about to stop being neutral. Pull the agent workloads slated for Snowflake-on-Azure into the renewal conversation now, before the price gap surfaces. This is the supply-side response to Wednesday's network observation that buyers moved AI spend from the IT op-ex line to the labor line. Vendors are pre-positioning agent capacity where they think that labor-line spend is going to land.

OpenAI announced $4 billion behind the Deployment Company on May 12. The Anthropic enterprise services JV committed $1.5 billion across its partner syndicate by May 21. Snowflake closed the count Wednesday with the $6 billion multi-year AWS commitment. Different shapes (deployment funding, partner capital, hyperscaler contract), all model-vendor-aligned, all announced in 16 days. The number that matters for your planning isn't the total. It's the velocity. Your FY26 vendor budget was set in a six-month planning cycle; the supply side reshaped itself in two weeks. The next renewal will surface vendor-aligned services and capacity options that did not exist when you wrote the requirements doc. The procurement question is whether your evaluation rubric reflects what the market looked like in November or what it looks like this week.

The change-of-control clause question is where this issue's procurement implication lives. Members of the DoGood network compare contract language before they sign; if you are evaluating an AI services vendor this quarter, that conversation is happening there.

The CXO Brief is powered by the DoGood network, 5,000+ IT leaders sharing what they are actually working on.

Know a CIO who needs this? Forward it and they can subscribe here.

Enterprise IT leader at a $100M+ company? Apply to join DoGood.