Jump Back
A decade ago, data teams were laser-focused on one thing: generating value. Whether in analytics, data science, or data engineering, the aim was to turn data into insights that could drive decisions and fuel growth. But that singular focus has evolved. Today, the role of the data professional is just as much about responsibility as it is about results.
Compliance, regulation, ESG, and AI governance have fundamentally reshaped the data landscape. It is no longer just about what data can do; it is about how data is used, who owns it, and whether it can be trusted.
GDPR and the Rise of Accountability
The introduction of the General Data Protection Regulation (GDPR) marked the turning point in this shift. Before GDPR, data governance was an afterthought. Files lived on desktops, folders had loose permissions, and privacy was rarely part of the conversation.
However, once GDPR took effect, the industry changed almost overnight. Suddenly, there was a rush to control access, classify information, and embed data handling standards into everyday workflows. Job titles like Data Governance Manager and Privacy Analyst began appearing, not just as box-ticking roles but as key players in business operations.
The AI Surge
In the past 18 months, the rapid adoption of AI tools like Copilot, Chatgpt, and DeepSeek has triggered another wave of transformation. These technologies are powerful and widely used. However, their adoption has often outpaced the guardrails needed to ensure safe use.
Employees often feed confidential information into generative AI tools without understanding where that data goes. The tech is evolving quickly, but the rules are still catching up. This gap creates severe exposure to data breaches and compliance failures.
Enter the EU AI Act – one of the most comprehensive pieces of AI regulation we have seen to date. It introduces obligations for businesses using AI, especially those operating in high-risk areas. Transparency, accountability, and AI literacy are core pillars. Penalties for non-compliance are steep, and the rollout will continue through 2030, gradually increasing expectations on how companies govern their AI systems.
Some key milestones in the implementation include:
- August 2024: Official entry into force
- February 2025: AI literacy and prohibited systems restrictions take effect
- August 2025: Governance and penalty frameworks kick in
- 2026–2030: Ongoing monitoring, guidance, and enforcement
Companies that integrate compliance into developing and deploying AI tools will be better positioned in the long term. The real risk is not the technology itself but the human use of it without oversight.
Who is Responsible for AI Compliance?
One of the biggest open questions in AI governance is accountability. Should the responsibility sit with the platforms, regulators, or individual businesses?
Leaders need visibility into which tools are used, how data is inputted, and whether staff are trained in safe usage. Without those controls, compliance becomes reactive instead of proactive.
Data Governance Is Now Everyone’s Job
Where governance was once confined to a single specialist within a tech team, it is now a shared responsibility. Anyone who touches data, from analysts to engineers, must understand how it should be stored, accessed, and protected. Dedicated governance roles still exist and are growing. However, governance is being increasingly embedded into all roles. Employers are looking for a combination of skills: technical expertise, yes, but also ethical awareness, security fluency, and regulatory know-how.
There is a talent mismatch here. Companies want seasoned governance professionals, but the field itself is still emerging. As a result, many employers are shifting strategy – hiring for mindset and upskilling internally rather than holding out for perfect experience on paper.
ESG, Supply Chains, and the Expanding Scope of Data Compliance
Data governance stretches beyond being just a tech problem. It is spreading across functions, from finance to procurement and manufacturing, especially as ESG reporting requirements grow more rigorous. We are experiencing a rise in analyst roles where ESG metrics are front and centre. These roles include tracking carbon footprints, verifying ethical supply chains, and managing ESG platforms alongside traditional data responsibilities. Traceability and transparency are no longer optional; they’re expected.
Cybersecurity and Cloud: The Other Side of the Governance Coin
No conversation about data governance is complete without cybersecurity. Ransomware, phishing, and hijacking threats have escalated, and companies are investing heavily in cyber talent as a result.
At the same time, organisations are shifting from legacy infrastructure to cloud environments like AWS and Azure. That migration demands new skill sets and tighter integration between security, data, and engineering teams.
What’s Next for Talent in Data and AI?
As governance and regulation evolve, the talent agenda is shifting in parallel. The roles in highest demand today reflect a broader cultural change – one that treats compliance as a core business function rather than a box to tick.
Three priority areas stand out:
- Machine Learning Specialists who combine technical depth with an understanding of AI risk
- Data Governance Professionals who can design frameworks and embed trust into data use
- Cloud and Cybersecurity Experts who can future-proof infrastructure against a rapidly changing threat environment
But across every role, one message is clear: data responsibility is no longer someone else’s job. Whether building models, analysing insights, or setting strategy, governance has to be built in from the start.
We have entered a new era where data is not just a growth driver, but a shared organisational obligation. The companies that recognise this, and the professionals who lean into it, will be the ones who shape the next chapter of data and AI.
Looking for more insights?
Connect with Dan on LinkedIn or at dan.hoctor@barden.ie