A Proposal for Dollar General Technology Leadership
For Dollar General, this isn’t about bolting AI onto the business you already run, it’s about changing how the business operates.
That shows up in three places. And these are the lens for this entire conversation.
You’re trying to put AI-building capability into the hands of every employee, not just a centralized team. This isn’t about giving people access to a model and calling it done. That’s table stakes, and every company is already doing it. The goal is a workforce that can build with AI as a normal part of doing the job, not just use what’s handed to them.
You’re enabling AI agents to act inside the business, executing workflows, touching applications, APIs, and data. Not just answering questions about them.
That’s a meaningfully different bar than chatbots or copilots. It’s automation with the ability to take action.
None of this changes the financial reality: every dollar spent still has to prove operational efficiency.
Dollar General has put a 6% to 7% operating margin target in front of investors while also signaling a willingness to absorb near-term cost to fund the AI build-out. Every other line item, including legacy infrastructure, is under real pressure to either earn its place or get cut.
Allowing everyone to build requires a way to control and govern how they build. That means governing what gets built, what tools AI can access, what data it can touch, and how every action gets logged.
Without that layer, “everyone builds” doesn’t scale. It fragments into hundreds of ungoverned experiments instead of one capability the business can trust.
Cloudflare didn’t just build AI solutions to sell to customers. It built the governance foundation that enables every employee to build with AI, then made that same foundation available to customers like Dollar General.
MCP Server Portals provide a single, centralized point where every AI tool and agent connection is authenticated, scoped to least-privilege access, and logged automatically.
Unapproved AI tools are identified before they become the thing nobody knew was running.
A merchandising analyst, a finance team member, and an HR business partner are each building internal AI workflows on top of Data Engineering’s foundation, using only pre-approved tools exposed through MCP Server Portals, with authentication, authorization, and logging already in place.
No IT ticket.
No waiting for a centralized team.
No ungoverned experiments running where they can’t be seen.
That’s what “every employee builds” looks like when the right governance layer exists underneath.
The recent decision to bring Data Engineering under the same leadership as AI strategy creates the organizational foundation for this approach. Governance now needs to evolve at the same pace as capability.
The same network that delivers every capability described in this proposal.
One foundation.
You’re enabling AI agents to act inside the business, executing workflows, touching applications, APIs, and data. Not just answering questions about them.
You will be enabling AI agents to act. You’ll need visibility and control over what they do once they’re acting.
The moment AI moves from answering questions to taking action, touching applications, calling APIs, and reaching into data, the risk profile changes completely.
There’s no inspection of what an agent is sending or receiving.
No way to catch an unapproved AI tool connecting to something it shouldn’t.
No firewall built for AI-to-application or AI-to-API traffic anywhere in the stack today.
You’re extending trust to agents you can’t fully see.
AI Security for Applications sits in front of your AI-powered applications and APIs, inspecting AI interactions for prompt injection, data leakage, and abuse.
It’s the layer that doesn’t exist in your stack today, purpose-built for the moment AI stops answering questions and starts taking action.
AI Gateway sits underneath as the control plane for every model your agents call, governing what gets used and how.
As Agentic Commerce expands and customers begin relying on AI agents to shop and make purchasing decisions on their behalf, this is the same layer that keeps those interactions trustworthy.
You’re funding the future, while still paying a premium for the past.
Security across your environment needs to share a single policy engine, regardless of whether an application runs in Azure, GCP, another cloud, or your own data center.
Individual security solutions managed independently create unnecessary operational complexity. As the AI operating model expands, continuing to support separate architectures, separate policies, and separate management interfaces requires more people and more tooling than necessary.
Once everyone can build and AI agents can act, the remaining challenge is making sure the operating model remains economically sustainable.
Cloudflare gives DG one policy engine across every environment. Whether an application runs in Azure, GCP, or your own data center, the same network enforces the same policy everywhere. A policy change is enforced globally in seconds, not re-tuned three separate times by three separate teams.
The same network extends beyond AI. As DG continues distributing infrastructure across regional colocation facilities rather than relying on a centralized footprint, the network itself becomes more distributed. That creates additional public ingress points that also need to be protected. Cloudflare’s always-on DDoS protection secures those entry points before traffic reaches your infrastructure.
Cloudflare doesn’t fund your entire AI strategy. It reduces unnecessary costs working against it.
| Question | Fragmented Today | Cloudflare Foundation |
|---|---|---|
| How many tools to manage? | Several, by environment | One policy engine across all |
| How many teams to keep it current? | Multiple, each tuning separately | One team, common rules everywhere |
| How does it scale with AI? | More complexity, more overhead | Same network, more workloads |
| What does each extra dollar buy? | Maintaining yesterday’s architecture | Freeing budget for the AI operating model |
Akamai’s architecture was built for a different era of the Internet, before interactions between people, applications, APIs, and AI became central to how businesses operate.
Adding new capabilities on top of that foundation doesn’t change what sits underneath it.
Maintaining that architecture today means continuing to invest in a foundation designed for yesterday’s operating model.
The cost isn’t simply the contract. It’s continuing to invest in an architecture that no longer aligns with where DG is headed.
Consolidating the fragmented security footprint is only half of the cost story.
The AI build-out itself needs the same discipline. If 4,500 corporate employees are calling different models through different tools with no spend visibility, AI costs don’t behave like a controllable operating expense. They behave like cloud sprawl.
AI Gateway changes that. Spend limits can be set in actual dollars, not tokens, and governed by team, application, or model so AI costs remain predictable as adoption scales.
For decades, security companies have largely answered the same question the same way: take infrastructure that already exists and layer security products on top of it. A box here. A proxy there. Routing traffic through a detour for inspection before continuing on its way.
Cloudflare asked a different question: Can the Internet itself become the security layer?
For DG, this architectural difference matters because you’re not looking for another security product.
You’re building an operating model defined by interactions between people, AI agents, applications, and APIs.
That requires a foundation designed to live in the direct path of those interactions, where they can be connected, protected, and governed.
Cloudflare doesn’t ask traffic to take a detour for inspection. It already sits between users, applications, APIs, and AI, protecting and governing those interactions.
Security, networking, application delivery, and developer services all operate on that same network rather than being assembled from separate platforms.
That isn’t simply a different way of delivering security. It’s a different way of building Internet infrastructure.
For DG, that means you don’t need to assemble separate foundations for networking, security, AI governance, and application delivery. The same global network that protects roughly a quarter of the world’s Internet already provides the foundation underneath all of them.
That’s why AI Security for Apps, AI Gateway, MCP Server Portals, Core Layer 7 Security, DDoS Protection, and every other capability described throughout this proposal aren’t independent point solutions. They’re all delivered by the same network.
What’s different in 2026 is that leadership publicly identified AI as one of the reasons operating costs will grow faster than sales.
Naming it changes the bar.
Every dollar invested in the AI operating model is now expected to produce the business outcomes it was intended to deliver.
Leadership has accepted higher near-term operating costs specifically to fund the AI build-out, a deliberate trade-off named publicly, separate from the routine capital going toward new stores and remodels.
That’s not a budget line.
That’s a bet.
And every bet is now expected to produce a return.
The financial risk extends well beyond the cost of recovering from a breach or outage. The table below illustrates the business value now dependent on the successful execution of DG’s AI operating model.
| Business Outcome | Estimated Annual Value |
|---|---|
| Productivity gains from AI | ~$28M/year |
| If operating margin improves by just 0.10% (10 bps) | ~$43M/year |
| If operating margin improves by 0.25% (25 bps) | ~$107M/year |
| If operating margin improves by 0.50% (50 bps) | ~$215M/year |
| Cost of delay — every quarter the AI rollout slips | ~$7M/quarter |
*Assumptions: ~4,500 AI users, 20 minutes/day, 250 workdays/year, $75/hour loaded labor cost. **1 basis point = 0.01%.
These figures illustrate the financial value dependent on successful AI execution. Delays postpone the return on investments DG has already made. If AI is adopted by approximately 4,500 corporate employees and saves 20 minutes per employee per day, Dollar General stands to recover roughly 375,000 productive hours annually.
On the Q1 2026 earnings call, leadership described the purpose of the AI operating model in explicit terms: lowering SG&A per unit of work over time. That’s a productivity goal, not just a cost-cutting one. It’s about getting more output, completing more work, and increasing efficiency without growing administrative overhead at the same rate.
The $28M productivity figure isn’t hypothetical. It’s the publicly stated SG&A-per-unit-of-work objective expressed in dollars.
Every quarter the AI rollout is delayed, postpones the productivity gains and operating efficiencies leadership has already committed to delivering.
Cloudflare enables DG to build, operate, and scale its AI operating model with confidence.
By governing AI interactions, securing applications, simplifying the underlying architecture, and controlling costs as adoption scales, Cloudflare protects the return those investments are intended to produce.
The Cloudflare story starts in 2004 with a question: where does email spam actually come from? To answer it, the founders built Project Honey Pot — a distributed system that let any website owner plant tracking traps for spammers and malicious bots, mapping their behavior across the internet in real time. Over five years, thousands of websites in 185 countries joined. The dataset grew massive. And users kept pushing for more capability - “don't just track the bad guys — stop them.”
Lee Holloway didn’t build another web proxy. He built a globally distributed reverse proxy layer that ran the same software stack on every machine, everywhere, simultaneously. The physical infrastructure was unremarkable — commodity x86 servers in colocation facilities around the world, nothing exotic.
The radical part was the software architecture and what it was designed to do.
Rather than sending traffic to a specialized system for caching, then another for security, then another for routing, Lee built a unified packet-to-application processing pipeline — where a request arrives, gets parsed, hits security logic, gets routed, and gets served, all inside the same system.
Combined with anycast routing — where every Cloudflare location shares the same IP address and the internet automatically routes users to the nearest one — this meant that any Cloudflare server anywhere in the world could handle any request for any customer.
Why didn't everyone build it this way?
Because it is brutally hard. It required writing high-performance networking code to make security fast enough not to slow everything down. It required solving distributed systems problems at a scale most companies avoid — pushing policy changes globally in seconds, keeping every location consistent, failing over gracefully if parts of the network go down.
And it required walking away from the business model most networking companies were built on: selling high-margin hardware appliances.
Cloudflare's entire bet was that if you own the network, you don't need to sell boxes.
Cloudflare didn’t build services on top of a proxy, it built a network. That difference is now visible in every enterprise conversation about what infrastructure can actually support the next ten years.
2010: Public launch — CDN, DDoS protection, basic WAF
2014: Advanced threat protection, SSL for all
2017: Cloudflare Workers — the moment the network became a compute platform. Developers could now run code at the edge, in every location, on the same infrastructure already handling security and routing. This was the architectural shift that separated Cloudflare from every CDN company.
2018: 1.1.1.1 public DNS resolver — Cloudflare now processing a meaningful percentage of the world's DNS queries, with visibility into threat patterns at unprecedented scale.
2019: IPO on NYSE. Cloudflare One and Zero Trust products begin — WARP, Gateway, Access — built natively onto the existing network, not bolted on.
2020–2022: WAN, Browser Isolation, CASB, DLP, Email Security — all running on the same network, inspected in the same single pass.
2023–2024: Workers AI — NVIDIA GPUs deployed across 210+ cities, running AI inference at the edge. AI Gateway for model routing, observability, caching, and unified billing across 350+ models from providers including Anthropic, OpenAI, Google, Groq, xAI, Hugging Face, Replicate, Perplexity, and more.
By 2025, Cloudflare was processing traffic for roughly 20% of all websites on the internet. But revenue and growth are not the real story. The real story is architectural timing.
AI agents are not like traditional software. Traditional software runs in predictable locations, on predictable schedules, talking to known endpoints. AI agents are autonomous. They make decisions, call APIs, spin up processes, and talk to other agents — constantly, globally, simultaneously, and at a scale that was unthinkable five years ago.
They need infrastructure that is globally distributed, low-latency, secure by default, and instantly available — with no servers to provision and no regions to choose.
That foundation was not built for AI. But it turns out, building for the hardest problems on the internet — global scale, millisecond latency, consistent security everywhere, no boxes — is exactly what AI needs.
Today, that foundation is the exact infrastructure that AI agents need to work at scale: fast, global, secure by default, no boxes, no backhauling. Cloudflare did not predict AI. They just built the right thing, and AI arrived.
Selected podcasts, analysis, and primary sources on Cloudflare, AI infrastructure, quantum readiness, and the current threat landscape.
Useful overview of what Cloudflare is and why its role in internet infrastructure is unusual.
Independent essay on network-layer convergence.
Official earnings calls, investor days, and presentations.
February 2026 milestone.
How attacks are changing across the network.
The largest attacks mitigated on the network.
Introducing dollar-denominated spend limits in AI Gateway — budgets in dollars, not tokens, scoped by team, model, or application.