Have you ever ever questioned why “compliance” nonetheless will get handled like a gradual, spreadsheet-heavy chore, though the remainder of the enterprise is shifting at machine velocity?
On this episode of Tech Talks Day by day, I sit down with Matt Hillary, Chief Info Safety Officer at Drata, to speak about what truly modifications when AI and automation land in the course of governance, danger, and compliance. Matt brings a uncommon viewpoint as a result of he lives this day-to-day as “buyer zero,” operating Drata internally whereas additionally main IT, safety, GRC, and enterprise apps.
We get sensible quick. Matt shares how AI-assisted questionnaire workflows can flip a 120-question safety evaluation from a late-afternoon time sink into one thing you possibly can full with confidence in minutes, then nonetheless make it upstairs in time for supper. He additionally explains how automation flips the audit dynamic by shifting from random sampling to steady, full-population checks, utilizing APIs to validate proof at scale, with out hounding management house owners until one thing is definitely fallacious.
We additionally discuss what safety management actually seems to be like when the stakes rise. Matt displays on classes from his time at AWS, why curiosity and adaptableness matter when the “canvas” retains altering, and the way buyer focus turns into the inspiration of belief. That theme runs by the entire dialog, together with the concept the CISO function is steadily turning right into a chief belief officer function, the place integrity, transparency, and credibility below strain matter as a lot as tooling.
And since burnout is rarely far-off in safety, we dig into the human aspect too. Matt unpacks how automation can scale back cognitive load, but in addition warns about swapping one form of strain for an additional, particularly when groups get trapped producing countless dashboards and vainness metrics as a substitute of specializing in the few measures that really scale back danger.
To wrap issues up, Matt leaves a music for the playlist, Illenium’s “You’re Alive,” plus a guide advice, “Classes from the Entrance Traces, Insights from a Cybersecurity Profession” by Asaf Karen, which he says stands out for the way it treats the human aspect of safety management. If you happen to’re excited about modernizing compliance in 2026 with out dropping the human component, his parting precept is easy and highly effective: be intentional, preserve asking why, and spend your restricted time on what really issues.
So the place do you land on this shift towards steady belief, do you see it changing into the default expectation for consumers and auditors, and what ought to leaders do now to verify automation reduces strain as a substitute of quietly including extra? Share your ideas with me, I’d love to listen to the way you’re approaching it.
Helpful Hyperlinks
Subscribe to the Tech Talks Day by day Podcast
