Power of Data IE - Q3 2025

Power of Data

Eoin Byrne, Cluster Manager, Cyber Ireland

Kelly, Founder, AI Ireland

Why AI and regulation are key drivers of cybersecurity for 2025

Cybersecurity is no longer just the responsibility of IT professionals; it is an integral part of a business managing its risk strategy.

The consequences of a single cybersecurity incident, such as a data breach, ransomware attack or an operational disruption can have serious consequences for any business in Ireland, regardless of size. Business leaders must now acknowledge that cybersecurity is not merely a technical challenge — it is a core business imperative.

Power of AI for business, cybercriminals and cyber defenders

Artificial intelligence (AI) is reshaping the way businesses operate, providing both extraordinary opportunities but also considerable cybersecurity and privacy risks. Companies integrating AI must recognise its vulnerabilities and ensure that security measures are built into their AI applications from the start.

At the same time, cybercriminals are leveraging AI to launch more advanced attacks, including realistic phishing campaigns, deepfake scams and highly targeted intrusions. However, the cybersecurity industry is rapidly innovating, using AI to strengthen identity verification, detect threats and automate security responses.

Cybersecurity regulations will impact critical sectors

In 2025, regulation is set to become a defining force in cybersecurity across Europe. The EU AI Act requires companies to manage the various risks posed by their use of AI. The EU Digital Operational Resilience Act, which took effect in January 2025, extends beyond traditional financial institutions ensuring that their IT service providers meet rigorous security standard The NIS2 Directive broadens

cybersecurity compliance across 18 critical sectors, impacting thousands of companies in Ireland.

Meanwhile, the Cyber Resilience Act will soon introduce stringent security requirements for all digital products sold in the EU. These regulatory shifts demand immediate attention from business leaders, as non-compliance could result in substantial fines, reputational damage and even personal liability for company officers.

Cybersecurity guidance and supports Keeping up with the rapid pace of cybersecurity threats and regulatory changes can seem overwhelming. However, Irish businesses are not alone in this battle. The National Cyber Security Centre provides guidance tailored to small businesses, while certifications like ISO 27001 help regulated entities demonstrate compliance and resilience.

To further support cybersecurity adoption, the Irish Government has introduced financial grants to support cybersecurity of exporting Irish businesses. Getting expert advice from cybersecurity companies, IT providers and legal specialists is critical. They can help companies navigate the cybersecurity risks and challenges in 2025.

Proactive cybersecurity benefits all businesses and society Ultimately, prioritising cybersecurity is not just about protecting an individual company; it benefits the entire economy. When businesses invest in robust security measures, they help safeguard their customers, suppliers and partners, making Ireland a more resilient digital economy. The risks are real, but so are the opportunities for those who take cybersecurity seriously. Now is the time to act.

Project Manager: Andrea D’Alton andrea.dalton@mediaplanet.com Business Development Manager: Jen Church Managing Director : Ellie McGregor | Junior Designer: Ellen Cahill Senior Content Manager: Angelica Hackett O’Toole | Paid Media Manager: Jonni Asfaha Digital Lead: Henry Phillips All images supplied by Getty Images, unless otherwise specified Contact information: ie.info@mediaplanet.com or +44 (0) 203 642 0737

Building smarter security through integration and automation

In today’s digital economy, organisations drown in data. Security teams juggle relentless alerts, logs and intelligence from disparate tools — where each new solution adds visibility but also complexity.

Aflood of information is risky. Cybersecurity teams are overwhelmed by noise, alert fatigue sets in, response times slow and critical threats slip through undetected. The issue for organisations now isn’t about collecting data; it’s knowing what data to focus on and how to use it to strengthen defences. Ireland is also facing a persistent shortage of qualified cybersecurity professionals. This means it’s only getting more difficult for organisations to keep pace with the growing speed and sophistication of cyber threats.

AI turning noise to insight

AI is a critical ally in cutting through cybersecurity complexity. Its ability to automatically analyse, correlate and prioritise security events can highlight real threats while filtering out the noise.

This allows cybersecurity teams to focus on the incidents that truly matter. Rather than chase false alarms, they can secure threats impacting systems, data, compliance and, ultimately, a company’s bottom line.

Integrated defence through automation

To truly transform cybersecurity operations, data must be both analysed and acted upon — quickly and across the entire IT environment. This is where a platform approach, such as the Fortinet Security Fabric, adds value by delivering integrated, end-to-end protection across networks, cloud environments and endpoints through a unified, automated system.

With this approach, threat intelligence becomes actionable in real time. Automated workflows can contain threats before they spread, reducing dwell time and minimising business disruption. Integration also strengthens governance and reduces the operational overhead of managing siloed systems.

In the face of escalating threats, data overload and talent shortages, businesses need to rethink their cybersecurity posture.

AI is most powerful when it augments human skills and enhances expertise. By automating routine triage and detection, AI frees up skilled professionals to focus on strategy, threat hunting and high-stakes response. Behaviour-based detection also enables the discovery of sophisticated attacks that traditional tools may miss.

How businesses can respond

In the face of escalating threats, data overload and talent shortages, businesses need to rethink their cybersecurity posture. The future lies in systems that are not only intelligent but also integrated and automated. These systems enable leaders and security teams to drive better decisions as well as faster, more effective threat responses.

Investing in AI-powered, connected security architectures will help organisations stay resilient, reduce complexity and focus resources where they’re needed most. Whether you’re a government agency, financial institution or growing SME, the ability to translate data into timely action is a strategic imperative.

What NIS2 means for senior leaders and global organisations

The new NIS2 Directive is set to reshape how organisations approach cyber security. However, Member States’ different approaches are leading to complex and duplicative processes for global organisations.

The introduction of the Network and Information Security 2 (NIS2) Directive is the EU’s response to the rising volume and sophistication of cyberattacks, demonstrated by high-profile incidents such as the CrowdStrike outage.

New directive for cyber security

The NIS2 Directive will reshape how organisations approach cyber security, with new requirements for registration, risk management, board responsibility, incident reporting and training. Julie Austin, Partner in the Data and Technology Team at Mason Hayes & Curran, discusses the upcoming changes: “Cyber security can no longer be left to the IT team. Senior management in each jurisdiction is now responsible for compliance. The stakes are high, with direct accountability for boards and senior management for compliance failings.”

Fragmented approach across the EU

As a general rule, many organisations outside of the digital sector will be subject to the separate and concurrent jurisdiction of each Member State in which they are established. These jurisdictional rules are causing significant headaches for multinational organisations, as the rules can vary from jurisdiction to jurisdiction. Austin says: “What we are seeing in practice is that the national laws transposing NIS2 can differ materially, and different jurisdictions are at completely different places in the implementation process.”

There are some specific obligations in some countries which don’t exist in others. For example, Hungary requires

National Training Fund can help build Ireland’s workforce of tomorrow

As the workplace transforms at speed, upskilling and reskilling are vital to survival and success. Technology, shifting global trends and economic uncertainty are disrupting industries at a scale never seen before.

Dorganisations to appoint an auditor from an approved list by 15 September 2025. Other jurisdictions require risk assessments to be conducted annually and submitted to the relevant competent authority.

While Ireland’s National Cyber Security Centre (NCSC) published draft Risk Management Measures in June 2025 and has adopted the Cyber Fundamentals (Cy-Fun) certification scheme, acting as helpful tools for NIS2 compliance planning, other Member States are doing things differently.

European Cyber Law Network

Mason Hayes & Curran has established a European Cyber Law Network to support multinational clients navigating NIS2. “Under these new rules, the same cyber incident may need to be reported separately in 27 different Member States within 24 hours,” explains Ciara O’Rourke, Associate on the Data and Technology team. “This is creating inefficiencies and duplication.”

“Our network connects lawyers on the ground in each Member State,” says Austin. “We are taking away confusion and complication for our clients, giving them coordinated, strategic advice on local divergences and helping them prepare for the challenges of multi-jurisdictional compliance.”

With Ireland expected to transpose NIS2 by Q4 2025, organisations should start preparing now. “Organisations that act early, mapping obligations, upskilling management and monitoring national developments, will be best placed to meet NIS2 head-on,” adds O’Rourke.

espite mounting evidence of the urgent need for action, Ireland continues to fall short in preparing its workforce for what lies ahead.

Why digital literacy is critical

According to the OECD, one in three jobs in Ireland is at high risk of automation. Nearly half of Irish workers will need some form of upskilling within five years. Yet, participation in lifelong learning remains below the EU average, and many adults lack even basic digital competencies. This is not a future problem; it is today’s problem.

Long before workers reach the job market, we need to ensure our education system is laying the foundation for a digitally literate,

critically thinking generation. This means embedding problem-solving, adaptability and information evaluation into curricula — not just preparing students to pass exams but preparing them to thrive in an everchanging labour market.

A modern, resilient workforce must include everyone.

Inclusive upskilling and reskilling

We need to equip young people to challenge assumptions, navigate complex digital environments and learn continuously throughout their careers. Alongside this, we must invest in community-based digital education, tailored to older adults, rural populations and marginalised groups. A modern, resilient workforce must include everyone.

Technology can also be our biggest asset in solving this challenge. AIpowered training tools, adaptive learning platforms and virtual simulations are already transforming how people acquire new skills. These tools offer a scalable, efficient and responsive way to support learning — if we choose to invest in them.

Supporting national lifelong learning

The National Training Fund (NTF), established to support upskilling, reskilling and lifelong learning, now sits at over €1.5 billion. It is funded directly by a levy on employers. By drawing funding directly from employer PRSI contributions, the NTF is not only fully funded but also maintains a crucial link between wage growth and productivity. The very resource that could help address the challenges of our time is available to us. That money must be deployed — urgently and strategically.

The unseen hand: why AI agents are already reshaping business

AI agents are no longer a distant concept; they are becoming deeply embedded in our personal and professional lives. The time to understand, prepare and embrace this autonomous future is now.

It’s clear that AI agents — autonomous systems capable of executing tasks on behalf of users — are emerging as the next frontier. Some see them as a leap too far, while others celebrate their rapid progress. In July 2025, OpenAI introduced ChatGPT Agent mode — a blend of deep research and operator — that can research, browse, click and type on its own to complete end-to-end tasks while pausing for your permission on consequential actions.

AI reshapes procurement efficiency The power of these agents is already being demonstrated in real business scenarios. Walmart, for instance, harnessed Pactum’s outsourced negotiating tool to engage 100 ‘tail-end’ suppliers.

Many digital transformations stall because leadership teams don’t know where to start, getting stuck in a ‘strategy loop’ rather than executing.

What’s new is that general-purpose agents like ChatGPT Agent can now run comparable multi-step workflows (market and competitor research, form-filling, spreadsheet updates) and turn results into editable slides or sheets, still under human sign-off. This efficiency dramatically redefines what’s

Retail’s AI revolution: building the foundation for intelligent commerce

possible in procurement.

The ‘5 Ps’ framework for AI adoption Yet, introducing AI isn’t straightforward. Our work at AI Ireland, with companies from Donegal to Galway and Dublin, consistently highlights a critical hurdle: many digital transformations stall because leadership teams don’t know where to start, getting stuck in a ‘strategy loop’ rather than executing.

This is where my ‘5 Ps’ framework for successful AI adoption provides clarity: People (supercharging staff with AI literacy); Process (streamlining standard operations); Product (embedding AI to remove customer friction), Proprietary data (leveraging unique information); and a safe Place to experiment. For small and medium enterprises, unburdened by legacy systems, there’s a distinct advantage in cultivating this AI-ready mentality. Start with permission-gated pilots: enable Agent mode, scope a task and require confirmations for purchases or emails; you can interrupt or redirect any time.

AI agents near reality

AI agents are no longer hypothetical.

As of July 17, 2025, ChatGPT Agent mode is live and can plan travel, compile competitive analyses and assemble outputs into slides and spreadsheets — asking before key actions, so oversight stays with humans.

Learn why proper data governance and infrastructural investments are necessary to maximise the value of AI investments in retail.

The retail sector stands at a pivotal moment. With 98% of executives aiming for full AI deployment within three years, the industry is witnessing one of the largest technology investment waves in corporate history yet demands strategic attention.

The data foundation crisis

Despite unprecedented AI enthusiasm, the retail sector faces a fundamental challenge: data readiness. Research reveals that 58% of retailers operate with fragmented customer data, while only 28% have achieved systemlevel integration. More alarmingly, just 13% maintain a real-time data warehouse, the bedrock of effective AI implementation.

Without clean, integrated and accessible data, even the most sophisticated AI algorithms become expensive disappointments. Retailers must prioritise data centralisation and automated integration pipelines before deploying advanced AI models.

Strategic AI implementation: a collaborative foundation

Successful AI adoption requires moving beyond tool acquisition to strategic orchestration across departments. Rather than pursuing isolated AI experiments, leading retailers are embracing integrated approaches that create synergies between marketing, operations, ecommerce and supply chain functions.

The most effective implementations begin with a clear strategic vision and dedicated cross-functional AI teams. These organisations establish comprehensive employee training programmes and maintain rigorous focus on measurable outcomes, thus linking AI initiatives directly to revenue growth, cost savings and enhanced customer experience metrics.

Achieving omnichannel synergy

The true power of retail AI emerges when departments collaborate strategically. Customer insights generated from one channel can enhance personalisation across all touchpoints. Inventory intelligence can simultaneously optimise pricing strategies and promotional campaigns. This integrated approach transforms fragmented AI initiatives into a cohesive omnichannel strategy that delivers exponential rather than additive value.

However, achieving such synergy requires dedicated leadership, robust change management and most importantly, a solid data foundation that enables seamless information flow between systems and departments.

Leveraging industry-academia collaboration

Forward-thinking retailers recognise the value of collaborating with academic institutions to inform their AI innovation strategies. Universities offer access to cuttingedge research, unbiased analysis of emerging technologies and deep expertise in implementation methodologies.

Ongoing partnership between Kilkenny Group and University of Galway through Lero, the SFI Centre for Software Research, exemplifies this approach. With a specific focus on data preparation and architecture optimisation for AI deployment, it has delivered substantial value for business and research alike.

Quality data drives value

Retailers face a choice: invest in foundational data infrastructure alongside strategic AI deployment or risk joining the growing number of organisations that struggle to realise AI’s promised returns.

Find out more at universityofgalway.ie/business-public-policy-law/cairnes/ lero.ie kilkennydesign.com

Building a high-performance culture with trusted information

In his seminal book Good to Great, Jim Collins, a renowned business researcher and author, explores key principles such as ‘Level 5 Leadership’ and confronting brutal facts.

He argues that leaders must build a culture where truthful, often harsh information is made available and acted upon, without losing optimism. Meanwhile, in companies that failed to make the leap, information was often ignored or not escalated, leading to stagnation or failure.

Strategic and informed decision-making

Building such a culture today requires more than open conversations. Leaders must cultivate a culture of informed decision-making, where accurate and high-quality information is not just gathered but strategically created and made available both internally and externally.

Within the organisation, this means fostering open channels, such as red flag mechanisms and alerts, meetings, debates and decisions with accurate,

trusted information. This allows unfiltered facts to rise to the surface. Building trusted proprietary data assets within an organisation greatly enhances its ability to compete and generate value.

• 48% of organisations have created a ‘data-driven organisation’ in 2024, which is double from 2023’s survey of 24% companies.

Another common hurdle in the development of high-performance data strategy is the gap between strategic goals and operational realities. Each leader will have a different perspective and requirements from the same source of information. CFOs demand certainty and risk visibility. CEOs need a big-picture view to align functions.

Harnessing these perspectives requires listening to the leadership team and functional teams individually and presenting back a roadmap for data strategy.

“Our best results come from understanding each leader’s priorities,” says Katie McEntegart, Partner at The Information Lab Ireland. “By tailoring their reporting and information insights to their needs, we create a shared view that drives alignment naturally.”

Turning data into tailored strategies

Today’s high-performing businesses expect to access trusted data easily, right from their phone and in real time. That is the principle behind our OneView Platform: building proprietary datasets that map directly to strategy and unlock the power of AI, customised for each organisation. The OneView platform can unlock transformative benefits for the organisation’s future performance, enabling data-driven intelligence that enhances efficiency, innovation and competitiveness.

Connecting the platform to AI enables the organisation to ask business questions using natural language, foster improved decisionmaking, such as customer records, operational metrics and historical trends — surfacing actionable insights that reduce reliance on intuition and minimise errors.

Having access to trusted business information at your fingertips is not optional; it is a standard.

By adopting this strategic approach to capturing accurate, high-quality information from both internal channels and external market sources, leaders unlock value through sharper decisions that align with core business strategy. This discipline not only mitigates risks by shining a light on blind spots but also empowers predictive foresight.

Strategy, data and operations

Organisations worldwide are facing unprecedented data expansion, often doubling or tripling volumes every few years. Finding and mapping the correct information within your organisation and assessing the quality of that data is increasingly difficult.

• Four out of 10 companies use big data analytics.

“We help our customers design and build their proprietary data sets and ensure that it is clearly mapped to and aligned with their strategy,” says Dave Hackett, Managing Director, The Information Lab Ireland. “Having access to trusted business information at your fingertips is not optional; it is a standard.”

From information to action

“Technology is a key enabler, but only when it unifies data into a single, trusted source tailored to strategic needs. With The Information Lab Ireland’s OneView Reporting Platform, data becomes a decision-making asset. Leaders can allocate resources effectively, respond to risks swiftly and seize growth opportunities with confidence. The platform can be customised to each organisation’s requirements,” says Kevin Lynch, Technology Director, The Information Lab Ireland.

Crucially, trusted data will bridge the gap between strategy and operations, aligning leadership goals with daily execution.

Harnessing the power of data to transform Irish healthcare

A thriving healthtech sector supports national priorities like competitiveness and economic resilience, but challenges like global tariffs, regulatory hurdles and talent gaps require a coordinated, strategic, data-driven approach backed by agile procurement and sustainable investment.

As CEO of HealthTech Ireland, I’ve seen how data can transform healthcare — making it more resilient, responsive and patient-centred. In today’s complex world, leadership demands agility, collaboration and commitment to public good.

The value of health data

Ireland stands at a pivotal moment. New HSE Strategies, alongside the European Health Data Space (EHDS), and the Health Information Bill offer frameworks to unlock health data value — safely, ethically and transparently. These alone are not enough.

We have seen that real progress depends on informed leadership and the meaningful involvement of key stakeholders across the health ecosystem. By fostering a culture of trust, collaboration and digital confidence, these initiatives can truly empower clinicians, researchers and policymakers to improve patient outcomes and accelerate innovation through the power of data.

The future of healthcare is datadriven, patientled and digitally enabled.

Nations treating data as a strategic asset

Internationally, we’ve seen what’s possible when data is treated as a strategic asset. In Finland,

national data infrastructure enables real-time health insights, improving chronic disease management. In Singapore, a coordinated healthtech policy positioned it as a global leader in digital health innovation. Both demonstrate the value of leadership, long-term planning and crosssector collaboration — raising their nations’ health and wealth.

Ireland’s strong digital healthcare potential

The inclusion of a Life Sciences Strategy in the Programme for Government, advocated by HealthTech Ireland, is a welcome step. This ambition has proven successful in other countries and could help Ireland realise its full potential and be a world-leading hub in life science innovation, securing prosperity and building a healthier Ireland.

Our pre-budget call for a Life Sciences Council would ensure joined-up leadership and collective long-term planning, a health ecosystem powered by people, partnerships and purpose. Leadership also means championing interoperability, patient empowerment and evidence-based policy, while ensuring SMEs and startups have a voice. Aligning with government strategies and advocating for inclusive innovation and agile procurement are essential to realising this potential.

Progress is built on people and collaboration. HealthTech Ireland works strategically with the HSE through the National Health Collaboration Council, MedTech Europe, hospitals, academia, IPHA, IDA and EI — leveraging the power of innovation across diagnostics, digital health, AI and medtech.

Together, we’re building a trusted ecosystem that improves patient access and strengthens Ireland’s global reputation. The future of healthcare is datadriven, patient-led and digitally enabled. With the right leadership, Ireland can build a system not just for today but for the future.

Unlocking the promise of consumer-generated health data

Smart wearables now reach 40–60% adoption, turning us into data sources with 2–5GB generated daily.

Consumer-generated health data holds transformative potential to improve individual outcomes while shifting healthcare from reactive treatment to proactive prevention, benefiting both health span and system costs. Governments are taking note: the US Health Secretary told House members he sees wearables as central to combatting chronic disease and aims for nationwide adoption within four years.

Making health data work

However, turning this promise into practice comes with significant challenges. The first hurdle is translating raw data into actionable and scientifically backed insights that lead to lasting behavioural change. It’s not enough to track steps or sleep; the technology must guide healthier choices by considering

individual context and integrating data into a dynamic, personalised health profile that is accessible to the individual and their physicians.

Silent risks of smart health

The ethical and privacy risks of the data boom are substantial. As consumer devices begin capturing additional information such as brain data, hormonal biomarkers or emotional patterns, concerns around autonomy, consent and surveillance grow. While regulations like GDPR (General Data Protection Regulation) and HIPAA (Health Insurance Portability and Accountability Act) offer core safeguards, stronger protections and industry selfregulation are needed. Recent years have seen a surge in privacy breaches and data misuse cases, underscoring the urgency for action.

From promise to practice

To realise the full potential of

consumer-generated health data, public and private sectors must collaborate on robust governance frameworks to protect privacy while enabling responsible data sharing, critical assessment and responsible integration of AI solutions. These should leverage health data and clear value propositions for users, to foster trust, from improved care to personalised prevention.

The World Economic Forum is advancing this work through its Digital Healthcare Transformation initiative, which unites public and private partners to scale AI responsibly and foster ethical collaboration in health data. We stand at a crossroads: we can either allow health data to accumulate without tangible impact, or we can create ethical, inclusive systems that transform it into meaningful change.

Implications of the EU AI Act for Irish businesses

The European Union’s landmark Artificial Intelligence Act (AI Act), formally adopted in 2024, is set to reshape how businesses across Europe, including Ireland, develop and deploy AI.

As the world’s first comprehensive legal framework for artificial intelligence, the Act introduces binding rules designed to ensure AI systems are safe, transparent and aligned with European values. For Irish firms, the implications are significant, presenting both challenges and opportunities.

Mitigating AI systems risk

At its core, the AI Act introduces a risk-based classification system. AI applications deemed ‘unacceptable risk,’ such as social scoring or manipulative systems, will be banned outright. ‘High-risk’ systems, which include AI used in areas such as recruitment, finance, healthcare and critical infrastructure, will face stringent obligations around

By adopting responsible AI practices early, Irish companies can enhance consumer trust and gain a competitive edge in regulated markets.

testing, transparency, human oversight and cybersecurity. Businesses offering lower-risk or minimal-risk AI tools will be subject to lighter requirements, though transparency duties will still apply in certain cases, for example, with generative AI.

What compliance means for small firms

For Irish businesses, compliance will mean adapting

governance structures, investing in technical and legal expertise, and documenting how AI systems are trained and deployed. This could prove burdensome for smaller firms and startups, where resources are limited. The Analytics Institute has warned of increased costs and administrative pressure in some cases. However, by adopting responsible AI practices early, Irish companies can enhance consumer trust and gain a competitive edge in regulated markets. Ireland, as a hub for global technology firms and a growing base of indigenous AI startups, is uniquely exposed to the Act’s reach. Multinationals with European headquarters in Dublin will need to align global AI strategies with EU rules, while local businesses may find compliance opens doors to new partnerships and funding opportunities. Government support and clear national guidance will be vital in helping firms transition smoothly.

Enabling responsible AI deployment

Ultimately, the AI Act represents more than regulation; it is an attempt to shape the future of AI responsibly. For Irish businesses, the challenge now is to balance compliance with innovation, ensuring they remain competitive while meeting the EU’s high standards of safety and ethics.