
Data Governance in AI-driven Organizations
Enterprises today face a paradox: despite unprecedented investments in cloud and data infrastructure, many still struggle to operationalize AI effectively. The challenge is rarely the technology itself, but the gaps in data quality, governance, and regulatory readiness that hold it back.
George Tziahanas, VP of Compliance and Associate General Counsel at Archive360, addresses this disconnect by outlining a clear path forward.
He explains how organizations can move from fragmented data environments to AI-ready ecosystems by prioritizing defensibility, embedding governance into architecture, and aligning AI initiatives with both business value and compliance requirements.
Data readiness for AI
Many organizations believe they are “AI-ready” because they’ve centralized data in the cloud. From your perspective, what are the critical gaps between cloud adoption and true AI readiness?
Tziahanas: Cloud adoption alone doesn’t guarantee AI-ready data. AI-readiness often requires significant preparation, while legacy systems often keep data in proprietary formats that require cleaning, formatting, classifying, and structuring before it can be effectively used by modern AI and analytics systems. Visibility, data quality, classification, and governance controls are the real gaps organizations must close.
How do you define “data defensibility” in practical, operational terms?
Tziahanas: Defensibility means having control of your data, understanding how it’s governed, and putting the right platforms, procedures, and policies in place. It requires being thoughtful about what data is moved where, what it will be used for, who or what (AI) will access it, and how it will be used.
What architectural patterns should CTOs adopt to support current AI workloads and future regulatory scrutiny?
Tziahanas: CTOs should prioritize class-based governance architectures with embedded trust. Core elements include data lineage and provenance, authenticity via chain of custody, granular entitlements and normalization. All of this helps ensure that data remains in its original form. And that it is accessible to analytics and AI tools with a full audit history. Data governance should be embedded in the platforms they use, not retrofitted on later.
Data governance in a fragmented regulatory landscape
How should CTOs design governance frameworks that are adaptable to a fragmented regulatory landscape?
Tziahanas: Many organizations already have compliance or governance frameworks in place. Extending these to include AI is far more effective than building an entirely new model from scratch.
Most emerging statutory and regulatory frameworks adopt a risk-tiered approach to governing AI. Not all agentic and AI use cases carry the same level of risk. This makes it essential to have platforms and practices in place, that automate the ongoing monitoring of AI and agentic activity at scale and speed.
Can you share examples where strong compliance frameworks have actually accelerated AI adoption?
Tziahanas: Strong governance unlocks data that was previously inaccessible to AI tools. Much of the data that regulated organizations govern falls under compliance or long-term retention requirements. But it’s often unavailable to AI and analytics tools.
One of our customers, a large international bank, is projected to save nearly $40 million by implementing a unified data governance strategy. The same initiative has also unlocked new AI capabilities across the organization. Beyond cost savings, it is expected to create additional value by enabling smarter, data-driven outcomes.
What are the most costly mistakes enterprises make when retrofitting governance onto existing data architectures?
Tziahanas: The biggest mistake is treating governance as an afterthought. According to Gartner, at least half of generative AI projects in 2025 were abandoned due to poor data quality, ineffective risk controls or nebulous value to the business. Organizations that wait to govern data until after an AI initiative launches are setting themselves up for failure.
How should CTOs balance speed and control when deploying AI systems in highly regulated environments?
Tziahanas: Organizations should apply their broader compliance and governance programs to AI, analytics, and automation initiatives. Taking a risk-based approach is another way to balance speed and control. Establishing risk categories and criteria allows some workloads to proceed with lower levels of controls. While others may require more process and guardrails built in.
Another dimension is governed data and datasets, model transparency and access, and system design and use, making sure to capture artifacts of performance along the way.
Leadership and strategic framing
As EVP at Archive360, you sit at the intersection of data governance, compliance, and AI readiness. How has your definition of ‘data leadership’ evolved as enterprises transition from cloud-first to AI-first architectures?
Tziahanas: Data leadership has evolved from simply moving data to the cloud to ensuring that data is trusted, governed and AI-ready. Archive360’s architecture is designed to allow customers to integrate their governed data with enterprise AI tools, which reflects a shift in leadership focus. It’s not about centralizing data. Leaders must ensure it’s classified, compliant and accessible to fuel AI and analytics at scale.
In today’s environment, CTOs are expected to be both technologists and business strategists. How do you navigate that dual mandate, especially when it comes to AI investments?
Tziahanas: The key is grounding your technology decisions in real business outcomes while also keeping risk to a reasonable level. Sound AI investment requires balancing innovation potential against compliance obligations, data quality, and long-term defensibility, not just chasing the latest capabilities.
Future perspective
Looking ahead 3–5 years, what will separate organizations that successfully operationalize AI at scale from those that struggle – and what role will data governance play in that divide?
Tziahanas: Organizations that successfully use and deploy data platforms that are designed for enterprise AI ecosystems will position themselves to extract maximum value from their historical data while maintaining governance and compliance standards. The data governance platforms of the future will actively contribute to organizational intelligence and decision-making. The dividing line will be whether governance was built in from the start or bolted on too late.
Guiding principle/advice for new-age and other CTOs
What is your single guiding principle for CTOs navigating AI, compliance, and data strategy simultaneously?
Tziahanas: Start with defensibility. And that means understanding how your data is governed, having the right platforms in place, and ensuring you have the right procedures and policies. Extend existing governance programs to incorporate AI use cases and workloads, versus creating a net new model. Organizations that establish that foundation first will unlock the most value while managing risk responsibly. The ones that skip it will eventually have to rebuild under far greater pressure.
In brief
As the enterprise rush toward AI accelerates, the gap between ambition and execution is becoming harder to ignore. What emerges is a clear truth: AI success is less about adopting the latest tools and more about the discipline behind the big data that powers them. Organizations that embed governance, defensibility, and trust into their foundations won’t just scale AI – they’ll do so with clarity, resilience, and lasting impact.
One principle to abide By
Start with defensibility. If you can’t trust your data, you can’t trust your AI.
