Drata Balances AI Innovation with Pragmatic Cost Control in Rapid Growth

Compliance automation platform Drata is streamlining security workflows and audit readiness at scale, and a key component of that success lies in a strategic approach to artificial intelligence.

Drata, a leading provider of security automation, is navigating the complexities of integrating AI while maintaining a focus on tangible business value and cost efficiency. This approach, detailed in the second installment of a three-part series by CDO Magazine, emphasizes a phased implementation of AI technologies, prioritizing stakeholder alignment and demonstrable return on investment. The first part of the series explored Drata’s use of Snowflake, Amazon Bedrock, and Cortex to optimize data spending and agility.

Prioritizing ROI Over Premature AI Optimization

While acknowledging the potential of real-time AI and compute optimization – including prompt tuning and token cost controls – a senior data executive cautions against introducing unnecessary complexity too early in the process. “Before I introduce more complexity to the pipeline, I want to first of all be very attentive to the business impact it’s going to bring,” the executive explained.

Instead of immediately deploying automated optimization tools, the emphasis is on aligning with stakeholders, validating potential ROI, and then introducing advanced monitoring solutions. “Then bring in the heavy guns,” the executive added, referring to continuous optimization tools that should support a clear use case, not precede it.

The High Failure Rate of AI Pilots

This measured approach is reinforced by industry data. A recent MIT report highlighted that approximately 90 to 95% of AI pilots fail to deliver meaningful impact on an organization’s financial performance. The gap between a basic AI demonstration and a scalable, secure, production-ready AI system is significant. As a result, data leaders must move away from traditional approaches of overbuilding and lengthy development timelines. “We have to be focused and attentive and prioritize well when we do that,” the executive stated.

Manual Cost Tracking, Automated Future

Currently, tracking costs associated with dbt workloads – and avoiding overprovisioning – remains a manual process. The team conducts quarterly audits of all dbt jobs, ranking them by compute usage and comparing them to actual stakeholder consumption. “If I’m wasting so many calories on this DBT job and it doesn’t get the same level of usage, then we have a tough discussion,” the executive said. Decisions range from deprecating unused models to reconfiguring them for different warehouse environments. Automation of this process is a key priority for the future.

The Evolving Structure of Data Teams in the AI Era

Drata’s organizational structure reflects the growing importance of AI. The company now operates two distinct data teams: a Data Platform team focused on internal functions like go-to-market support, and a dedicated AI Organization concentrating on customer-facing AI capabilities. This structure evolved from a proof-of-concept project demonstrating the use of a large language model to answer security questionnaires. That initial project grew into a product, ultimately justifying the creation of a separate AI organization.

This dual structure allows Drata to balance internal experimentation with the rigorous demands of external production environments. When customer-facing AI features mature, they are transitioned to the AI organization for full development lifecycle management.

AI-Powered QBRs for Customer Success

A current initiative exemplifies this approach: the data team is prototyping AI-generated Quarterly Business Review (QBR) reports for Customer Success Managers (CSMs). The goal is to leverage a large language model to generate summaries from a well-defined metric layer, eliminating the need for CSMs to manually compile data from various dashboards. “If it matures to the point where actually that’s the pipeline, I want to democratize it and put it on the product,” the executive noted, envisioning a future where customers can interact with an AI agent to answer questions like, “What’s my SOC 2 readiness for the past two months?”

Balancing Innovation, Infrastructure, and Pragmatism

Successfully navigating this landscape requires a delicate balance. The data platform team must simultaneously maintain the quality of existing data pipelines and explore new AI initiatives. This is achieved through clear boundaries, phased experimentation, and an adaptive mindset. “You’re going to be entertaining a lot of hypotheses that may not see the light of day. But entertaining new ideas can also help find gold,” the executive concluded.

CDO Magazine appreciates the executive at Drata for sharing these valuable insights with its global community.