New research from Drata shows compliance remains a business challenge for many organizations.

January 30, 2023

2 Min Read


SAN DIEGO, Jan. 30, 2023 /PRNewswire/ -- Drata, a continuous security and compliance automation platform, today announced the results of its inaugural 2023 Compliance Trends Report, highlighting common pain points, objectives, and opportunities with security and IT compliance programs. The report surveyed 300 IT and security professionals in fast-growing organizations across the U.S.

From the American Institute of CPAs' SOC 2 framework to ISO 27001 certification established by the International Organization for Standardization, or the European Union's GDPR law, requirements for data protection are quickly becoming normalized, calling for companies of all industries to continuously manage effective compliance programs. According to the 2023 Compliance Trends Report, 87% of respondents have faced consequences as a result of not having continuous compliance, including slowed sales cycles, security breaches, business interruption, loss of a business relationship, a damaged reputation, or fines. With limited staff as a leading challenge in maintaining compliance, the majority of survey respondents cite that increasing budgets and automating processes would improve their abilities.

Drata's research also shows:

  • 68% of respondents believe compliance opens new business opportunities or acts as a differentiator, while 32% view it as burdensome or just a checkbox

  • 74% admit to vulnerabilities in their risk or security programs that are not being addressed or covered due to a lack of bandwidth or resources

  • For those who already have continuous compliance automated processes, the number one benefit was the ability to easily attract new customers (67%)

"It's clear to see that most IT and infosec professionals understand the importance and value of their compliance programs," said Adam Markowitz, Drata Co-Founder and CEO. "But without proper budgeting and automation, they unfortunately feel stuck in the manual management of those programs, and that's where long-term issues arise and where growth is ultimately prohibited."

Please view Drata's 2023 Compliance Trends Report for more information.

About Drata

Drata is the world's most advanced security and compliance automation platform with the mission to make compliance effortless and accessible. With Drata, thousands of companies streamline over 14 compliance frameworks—such as SOC 2, ISO 27001, GDPR, and more—through continuous, automated control monitoring and evidence collection, resulting in a strong security posture, lower costs, and less time spent preparing for annual audits. The company is backed by ICONIQ Growth, Alkeon Capital, Salesforce Ventures, GGV Capital, Cowboy Ventures, S Ventures, Leaders Fund, Okta Ventures, SVCI, SV Angel, and many key industry leaders. For more information, visit

SOURCE Drata Inc.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights