SpotON – our blog around digital compliance in enterprises
SpotON – Digital Compliance
Read here regularly on selected topics, developments and news from the areas:
SAM & Cloud – use software legally compliant and cost-effective
IT Security & Threat Intelligence – protect the IT landscape effectively
Data & Digitization – manage digital assets across the lifecycle
Complion Insights – look behind the scenes of digital compliance consultants
12/05/2026
Communities are at the heart of modern software asset management
Those who rely solely on tools and processes in software asset management lose sight of the most important thing: people. Software asset management is no longer an IT niche but a company-wide governance discipline with a variety of specialized roles: from the SAM manager and the license manager to interfaces with procurement, controlling/finance, and IT. Only through the collaboration of all stakeholders can license-compliant and economically efficient software usage be achieved.
The Crisis as a Wake-up Call – Digital Sovereignty and the Software Supply Chain
Part 1 of the series addressed Europe’s digital dependence on non-European providers and how the flagship GAIA-X project has done little to change this. The second part focuses on open-source software and specific initiatives that can serve as alternatives to major software products in areas where Europe’s dependence is particularly acute.
Active Listening—The Underestimated Superpower of Consulting
Many who enter the management consulting field are familiar with the situation: The first interview with a business unit is coming up. You’ve prepared well, read background material, and jotted down potential questions. It’s precisely in situations like these that something interesting often happens. While the interviewer is still explaining, the analysis begins in your own mind: What are the challenges? What approach might work?
Born in 1982 in the beautiful state of Mecklenburg-Western Pomerania, I’m a photography enthusiast in my free time. I prefer books to TV, the sound of vinyl records to MP3s, and cats to… no, I like dogs just as much! Today, I live with my wife in Hanover, and yes, I try to keep my High German accent despite working in Cologne!
AI-Powered Cyberattacks: Trends in an Evolving Threat Landscape
Generative AI has already significantly transformed the threat landscape, not only in terms of the speed and scale of attacks, but also in their sophistication. CrowdStrike recorded an 89% increase in cyberattacks by threat actors using AI in 2025. (CrowdStrike Global Threat Report 2026)
What Makes Our Team Tick: 5 Reasons Why You'll Feel Right at Home Here
Technical skills can be developed. But whether you look forward to opening your laptop or coming into the office in the morning depends on something else: the team.
Wondering what makes working at Complion special? The following 5 reasons show you why you’ll feel right at home with us from day one.
Critical Infrastructure (KRITIS) umbrella law 2026: What operators need to know now
The KRITIS umbrella law (KRITIS-DachG) was passed by the German Bundestag on January 29, 2026, and transposes the EU CER Directive (EU) 2022/2557 on the physical resilience of critical facilities into German law. In terms of content, it is clearly distinct from the "classic" KRITIS requirements for IT security (BSI Act/KRITIS Regulation): The umbrella law primarily addresses physical threats, operational and organizational resilience, not pure cybersecurity.
At the same time, there is a risk of confusion: in practice, operators will have to neatly interlink two strands of regulation in the future (physical/organizational vs. cyber/IT). This article provides an overview, highlights typical obligations, and outlines concrete next steps.
Our company consists of people, and we want to introduce them to you. Today we are talking to Senem Sünger. We find out what COMPLION means to her, what her daily tasks are, and what she does when she is not working on customer projects.
Software suppliers today have a strong negotiating position—whether they are hyperscalers, SaaS providers, or traditional on-premise manufacturers. Contracts and licensing models are often deliberately designed to be complex in order to retain customers in the long term or generate additional revenue.
Cybersecurity in the context of geopolitical changes: From protecting critical infrastructure to tool dependencies
From the perspective of a security analyst, whether cyber or otherwise, the year 2026 began with a bang. The US military's access to Venezuelan President Nicolás Maduro shook the world and raised many questions and several causes for concern. It is now confirmed that the US interprets international law in its own way to protect its interests. The possible use of previously unknown cyber capabilities by the US means that this kidnapping case is forcing operators of critical infrastructure in other countries to examine their own resilience.
Software Asset Management – Price Increases in 2025 and Trends for 2026
As part of the Vendor Observer Competence Center (VOCC), we review the latest developments and changes in the software and cloud market on a monthly basis. At the turn of the year, we summarize the key developments in 2025 and look ahead to 2026.
AI is growing up: New requirements for governance, security, and compliance in 2026
The new year marks a decisive turning point in digital enterprise management, with the pure experimentation phase with artificial intelligence giving way to an era of sound governance and operational maturity. While previous years were characterized by hype surrounding generative language models, 2026 will be marked by measurable value creation and the necessary consolidation of technological ecosystems. IT executives are under pressure to master the rapidly growing complexity of their IT landscapes, manage budgets efficiently, and at the same time minimize the security risks posed by accelerated AI adoption.
